The Identity Illusion: Open-Source Trust in a Post-Perimeter World

Once a back-end function, identity has become the new front line. In a world where authentication flows are more targeted than firewalls, and the lines between human and machine identities blur rapidly, security leaders are being forced to rethink their entire approach. The appeal of opensource identity providers like Keycloak and Authentik lies in flexibility—but is the price of agility an open backdoor? Minu Sirsalewala, Executive Editor, Dataquest, spoke to Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, to uncover the deeper truths behind identity security in the age of open collaboration and AI acceleration.

With the rise of open-source identity providers like Keycloak and Authentik, what blind spots are enterprise security leaders consistently underestimating in production-grade, multi-cloud environments?

Open-source tools like Keycloak and Authentik are valuable—they allow developers to integrate authentication and authorisation into applications with ease. However, attackers today are laserfocused on identity. They target credentials (preauthentication attacks) and cookies or tokens (postauthentication attacks). A recent example is the breach at Oracle, where attackers compromised the authentication system post-authentication.

Most security leaders do prioritise identity security, and many are adopting Identity Security Platforms. These platforms offer a holistic approach—spanning Identity Lifecycle Management, Policy Management, Privileged Controls, Discovery and Context (which help detect malicious activity), and Governance & Compliance. All of these are critical in preventing incidents like the recent Cisco attack.