All domainsIAM Domains

IAM Foundations

Core principles of identity, authentication protocols, and foundational security architecture.

  1. Module 01

    Digital Identity

    1. 01.01

      Foundations of Digital Identity

      Read article

      An introductory guide to the foundational concept of IAM: definition of digital identity, the concepts that get confused (subject, identity, account, profile), and the building blocks that make it operational (attributes, claims, entitlements, and credentials).

    2. 01.02

      Modern Types of Digital Identity & Identity as the New Perimeter

      Read article

      Beyond human users: identities of devices, workloads, and AI agents. Why the entire industry now says that identity — not the network — is the new security perimeter.

    3. 01.03

      Identity-Centric Cybersecurity

      Read article

      How IAM fits into the NIST CSF framework, which MITRE ATT&CK techniques it counters, and what the Verizon DBIR and Mandiant M-Trends reports say about why credentials are today's dominant attack vector.

    4. 01.04

      History of IAM

      Read article

      A walk through IAM's evolution in four waves — from the IT optimization of the 90s to today's Identity Security. Why understanding the history helps you read the present-day decisions you'll find in any organization.

    5. 01.05

      The Five Domains of IAM

      Read article

      A detailed walk through the five domains that make up modern IAM — Access Management, IGA, PAM, CIAM, and ITDR — with their capabilities, audiences, use cases, and where they overlap with one another.

  2. Module 02

    IAM in Action

    1. 02.01

      The Operational IAM Cycle

      Read article

      How the daily processes of an IAM program look in practice — aggregation from authoritative sources, master record, account correlation, orphan detection, and the Joiner-Mover-Leaver cycle — with a complete healthcare-sector case.

    2. 02.02

      The JML Cycle (Joiner / Mover / Leaver)

      Read article

      A deep dive into the Joiner-Mover-Leaver lifecycle — the identity state machine, birthright vs role-based vs requestable vs just-in-time access, why the Mover is the hardest step, leaver deprovisioning, the HR/IT/manager/app-owner RACI, an automation maturity model, KPIs, failure modes, and the regulations that mandate it.

    3. 02.03

      IAM Cycle Example — Hospital (public and private sector)

      Read article

      An end-to-end worked example of the IAM operational cycle and JML in a hospital network that runs both a public and a private wing — multiple authoritative sources, dual-affiliation physicians, rotating residents, break-glass access to medical records, license-driven deprovisioning, and HIPAA-grade audit.

    4. 02.04

      IAM Cycle Example — Cashback App Startup

      Read article

      An end-to-end worked example of the IAM operational cycle and JML in a fast-scaling cashback-app startup — where the enemy is speed and SaaS sprawl, not regulation. SCIM provisioning from an IdP, role templates by squad, JIT production access, offboarding across 60 SaaS apps, and meeting SOC 2 and PCI-DSS while growing 10x.

    5. 02.05

      IAM Cycle Example — Consolidated Mid-market IT Consultancy

      Read article

      An end-to-end worked example of the IAM operational cycle and JML in a consolidated mid-market IT consultancy — where consultants rotate constantly between client engagements, access often lives in clients' own tenants via federation, the Mover is the dominant motion, and the core risk is one client's data following a consultant onto the next.