Try GOLD - Free
The Identity Illusion: Open-Source Trust in a Post-Perimeter World
DataQuest
|May 2025
Attackers no longer breach networks—they breach assumptions. With federated identity systems powered by open-source code and 80+ machine identities for every human user, security teams face a growing, ungoverned surface. CyberArk's Lavi Lazarovitz lays out why defence-in-depth must now start at the identity layer—and where most stacks fall short.
Once a back-end function, identity has become the new front line. In a world where authentication flows are more targeted than firewalls, and the lines between human and machine identities blur rapidly, security leaders are being forced to rethink their entire approach. The appeal of opensource identity providers like Keycloak and Authentik lies in flexibility—but is the price of agility an open backdoor? Minu Sirsalewala, Executive Editor, Dataquest, spoke to Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, to uncover the deeper truths behind identity security in the age of open collaboration and AI acceleration.
With the rise of open-source identity providers like Keycloak and Authentik, what blind spots are enterprise security leaders consistently underestimating in production-grade, multi-cloud environments?
Open-source tools like Keycloak and Authentik are valuable—they allow developers to integrate authentication and authorisation into applications with ease. However, attackers today are laserfocused on identity. They target credentials (preauthentication attacks) and cookies or tokens (postauthentication attacks). A recent example is the breach at Oracle, where attackers compromised the authentication system post-authentication.
Most security leaders do prioritise identity security, and many are adopting Identity Security Platforms. These platforms offer a holistic approach—spanning Identity Lifecycle Management, Policy Management, Privileged Controls, Discovery and Context (which help detect malicious activity), and Governance & Compliance. All of these are critical in preventing incidents like the recent Cisco attack.
This story is from the May 2025 edition of DataQuest.
Subscribe to Magzter GOLD to access thousands of curated premium stories, and 10,000+ magazines and newspapers.
Already a subscriber? Sign In
MORE STORIES FROM DataQuest
DataQuest
Empowering India's Al future through data: Snowflake's Vijayant Rai on innovation, collaboration, and talent
Snowflake India MD Vijayant Rai shares how the company is unifying data, advancing AI innovation, and skilling the next generation for a data-first India.
6 mins
December 2025
DataQuest
How AI is redefining delivery in the digital engineering era
As AI reshapes software engineering, delivery models are evolving from effort-based execution to intelligent, outcome-driven systems that blend human and machine collaboration.
3 mins
December 2025
DataQuest
NetSuite's Global Vision: Building the Intelligent Enterprise for the Al Era
At SuiteWorld 2025, NetSuite unveiled an AI-first vision with embedded assistants, customizable AI workflows, and global expansion focused on balancing innovation, trust, and local market needs.
4 mins
December 2025
DataQuest
V. Rajaraman: The teacher who built India's computing mind, no more
When a teacher departs, the blackboards weep. A generation of learners, spread across the world, pause and go back in time, overwhelmed by a quiet sense of gratitude and loss. Such is life, and such is India’s timeless Guru-Shishya parampara, where many jambavans silently walk the corridors of knowledge, leaving behind an imprint that endures long after they are gone.
5 mins
December 2025
DataQuest
Pilot or Paradox: Where are you parking your Al today?
Fragmented data, model pluralism, lack of a fabric, not enough skills, model economics, model volatility and the blank page syndrome- everything matters when it comes to making sure that an AI pilot does not end up as a paradox. And whether you are in that '5 pc' club?
6 mins
December 2025
DataQuest
QA engineers must think like adversaries
What happens when Ramp-testing a vehicle happens around the assembly line, earlier-faster-deeper-and-smarter than before? And as ruthless as a crash-test?
4 mins
December 2025
DataQuest
Why data readiness defines GenAl success: Krish Vitaldevara, Informatica
Informatica's Krish Vitaldevara explains data readiness gaps, CLAIRE's evolution, multi-cloud neutrality, governance for GenAI, ROI metrics, and the impact of the Salesforce acquisition.
7 mins
December 2025
DataQuest
Customer Zero to Global Impact: Salesforce's Playbook for Intelligent Enterprise Transformation
At Dreamforce 2025, Salesforce unveiled Agentforce 360, highlighting how context-aware AI agents are driving measurable business transformation across India and ASEAN.
3 mins
December 2025
DataQuest
DisCERNing Quantum – And not as some Shiny-Pink Uni-saurus
Noise control, fault tolerance, error-correction, superconducting circuits, trapped ions, photonic systems, hardware stability, hardware scalability, algorithmic maturity, strong-enough qubits - everything matters when it comes to the difference between reality and disillusionment with the Quantum Advantage.
6 mins
December 2025
DataQuest
Improving Efficiency and Supplier Relations through Accounts Payable Automation
AP automation transforms accounts payable from a cost centre into a strategic enabler, driving efficiency, transparency, and stronger supplier relationships.
4 mins
December 2025
Listen
Translate
Change font size