Inside DigitalOcean’s SOX Compliance Playbook

How HashiCorp Achieved Least Privilege Through Just-in-Time Access with Will Bengtson

 
 
 

Scaling and managing access to cloud infrastructure is hard. Just ask Will Bengston from HashiCorp: they have over 20,000 AWS accounts and 100,000+ IAM groups. HashiCorp needed a modern approach to managing sensitive access and permissions for these resources, and traditional off the shelf PAM solutions didn’t cut it. So, they did what modern tech companies do in that situation: they built a solution for themselves.

In this episode of the All Aboard Podcast, Alex dives into the world of security engineering and cloud privilege access management with Will Bengston. Will is a security researcher, an angel investor, and currently leads the Security Engineering team at HashiCorp. 

What’s inside:

  • The key differences between traditional PAM and cloud PAM
  • How Will’s team grappled with the explosion of infrastructure accounts and permissions in their environment.
  • How the Security Engineering team at Hashi home grew a cloud privileged access management solution
  • A practical framework and approach for realizing least privilege access

 

 

Stay in touch

The best way to keep up with identity security tips, guides, and industry best practices.