Introduction

Identity Threat Detection and Response (ITDR) has become more than just a buzzy extension to the existing EDR (endpoint detection and response) and XDR (extended detection and response) technologies that have supported the enterprise for the past decade.

As “identity is the new perimeter” rang out from every vendor conference since 2017, one consistency has certainly emerged: that identity and the associated management and support infrastructure has become an adversarial attack vector.

Everything from user directories, passwords, session cookies, credentials, biometics, in-memory access keys, hard-coded access control lists, poorly implemented enforcement logic, misconfigured cloud access policies, certificates, keys and more have all come under attack - more frequently and more successfully than ever before.

Why so? Well the “modern enterprise” is facing a technology evolution that not only aims to bring disruption, agility and improved productivity, but can also leave behind complexity, a lack of visibility and misconfiguration.