Build a Learning Habit
Download Class Central's free printable study calendar
Download for Free
Learn how to eliminate static credentials and implement Just-In-Time (JIT) access across your organization through this 46-minute conference talk from fwd:cloudsec Europe 2025. Discover the technical aspects of deploying JIT access to critical resources, including eliminating all IAM Users and applying Service Control Policies (SCPs), while understanding that the real challenge lies in organizational adoption. Explore the complete journey from being a "Console Hero" to achieving "IAM Zero" status, covering approval and audit processes, break-glass policies, access policies, verification procedures, and secure deployment strategies. Gain insights into handling incidents and learning from implementation challenges, with particular focus on navigating the complex permission models within different cloud platforms. Understand why static credentials like AWS API keys, GitHub Personal Access Tokens, and GCP API Keys represent the most likely breach vectors for organizations, and master the organizational change management required to successfully transition to a more secure, albeit more complex, access model.
