Identity & Access Management

Identity Providers

How identity providers work, what they centralize, and a comparison of Okta, Microsoft Entra ID, Auth0, and Google Workspace — the four IdPs you will encounter most often in audits and vendor assessments.

SAML, OIDC, and OAuth 2.0

The three protocols that power single sign-on and API authorization. Deep dives into SAML 2.0 assertions, OIDC/OAuth flows, and how to choose the right protocol for each use case.

Multi-Factor Authentication

MFA factors from SMS to FIDO2, why phishing-resistant MFA is the new baseline, and how to choose the right factor for different user populations and risk levels.

AWS IAM

The deepest cloud IAM module: users, roles, policies, SCPs, permission boundaries, policy evaluation logic, and hands-on practice writing IAM policies for real-world scenarios.

GCP and Azure IAM

IAM models for Google Cloud and Microsoft Azure: members and roles in GCP, Entra ID and RBAC in Azure, managed identities, Workload Identity Federation, and Conditional Access. Plus an exercise mapping AWS IAM concepts to their GCP and Azure equivalents.

PAM, IGA, JIT, and Zero Trust

Advanced identity patterns: privileged access management, identity governance and administration, just-in-time access, and Zero Trust identity principles from NIST 800-207. The concepts that separate a GRC Engineer from a GRC Analyst.