John Martinez

Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM has been featured in Forbes, The New Stack, VentureBeat, DevOps.com, TechCrunch, and Fortune.

Expertise

Security, Access, Product, Authentication, AWS, Zero Trust, Compliance, HIPAA, NIST, DevOps, Kubernetes, Privileged Access Management

Latest blog posts from John

13 StrongDM Use Cases with Real Customer Case Studies

Managing access to critical infrastructure is a challenge for many organizations. Legacy tools often struggle to keep up, creating inefficiencies, security gaps, and frustration. StrongDM offers a modern solution that simplifies access management, strengthens security, and improves workflows. In this post, we’ll explore 13 real-world examples of how StrongDM helps teams solve access challenges and achieve their goals.

What Is Network Level Authentication (NLA)? (How It Works)

Network Level Authentication (NLA) is a security feature of Microsoft’s Remote Desktop Protocol (RDP) that requires users to authenticate before establishing a remote session. By enforcing this pre-authentication step, NLA reduces the risk of unauthorized access, conserves server resources, and protects against attacks like credential interception and denial of service. While effective in securing RDP sessions, NLA is limited to a single protocol, lacks flexibility, and can add complexity in

How to Automate Continuous Compliance in AWS with StrongDM

Enterprises seek ways to effectively address the needs of dynamic, always-evolving cloud infrastructures, and StrongDM has developed a platform that is designed with built-in capabilities to support continuous compliance in AWS environments.

IP Whitelisting: Meaning, Alternatives & More [2024 Guide]

IP whitelisting is a security strategy that restricts access to a network/system to a specified list of trusted IP addresses. This approach ensures that only individuals using the approved addresses can access certain resources.

Mitigating Shadow Access Risks with Zero Trust PAM

Discover how StrongDM's Zero Trust PAM and fine-grained authorization secure cloud data plane access and mitigate shadow access risks without hindering productivity.

Why Just-in-Time Access Is Key for Zero Trust Security in AWS

Learn why Just-in-Time (JIT) access is essential for Zero Trust security in AWS environments. Discover how StrongDM's JIT access enhances security, optimizes workflows, and ensures compliance with Zero Trust principles.

What Is Zero Trust for the Cloud? (And Why It's Important)

Zero Trust cloud security is a cybersecurity model that operates on the principle that no user, device, system, or action should be trusted by default — even if it's inside your organization’s own network. This approach minimizes the risk of breaches and other cyber threats by limiting access to sensitive information and resources based on user roles, device security posture, and contextual factors.

Incident Response Plan: Your 7-Step Process

If organizations hope to minimize their exposure to attacks and mitigate any damage done by a threat, they must have a comprehensive incident response plan. An effective plan will detect, contain, and enable rapid recovery from security breaches, preserving your business continuity and operability. We've outlined seven incident response steps for you to follow so you can be prepared for a threat.

HIPAA Omnibus Rule: Everything You Need to Know

The HIPAA Omnibus Rule strengthens privacy and security protections for patient health information, extends liability to business associates, and increases penalties for non-compliance.

15 Kubernetes Security Best Practices in 2024

Kubernetes (K8S) has revolutionized software development, but managing such a complex system with numerous components can be challenging. Fortunately, there are several best practices your team can adopt to secure your K8S environment and reduce your attack surface. By implementing these Kubernetes ...

What Is Privileged Identity Management (PIM)? 7 Best Practices

Privileged Identity Management (PIM) is a complex cybersecurity approach. But it’s the only proven method you can use to lock down access and protect your precious resources. It can help you keep cybercriminals out and ensure that even your trusted users can’t accidentally—or intentionally—jeopardize your system’s security.

5 Types of Multi-Factor Authentication (MFA) Explained

With so many advanced cyber attackers lurking on the threat landscape, a simple password is no longer enough to safeguard your sensitive data. There are many reasons to adopt MFA for your business. It supplements your security by requiring additional information from users upon their access requests—and it significantly reduces your risk of incurring a breach. Several multi-factor authentication methods are available, with varying strengths and weaknesses. Be sure to compare the differences

How to Prevent SQL Injection Attacks: 6 Proven Methods

SQL injection attacks remain one of the most prevalent and dangerous threats to database security. These attacks can compromise sensitive data, disrupt operations, and cause significant financial and reputational damage. Understanding how to prevent SQL injection attacks will help you foster a security-conscious organizational culture.

How To Monitor and Securely Access IoT Devices Remotely

Internet of Things (IoT) devices form the backbone of many modern businesses, facilitating operations, collecting valuable data, and enhancing efficiency. However, the widespread deployment of these devices creates numerous entry points for potential attackers. Without robust security measures, you risk exposing critical systems and sensitive information to malicious actors.

Want to learn more?
See StrongDM in action. 👀

Book a Demo