More articles from this category

Remember Defense-in-Depth? Apply It To The Customer Lifecycle. Users, especially those in customer identity, have a lifecycle. They register, they login, they give and revoke consent, and they update passwords or MFA settings. They may arrive via federation and they may be federated to other systems. Ultimately, they may decide to disable or delete their accounts. It's important to look at each of these steps along the customer lifecycle and apply some manner of threat modeling to it.
Stephen Cox
Stephen Cox
  • Aug 17, 2021
  • 5 min read