John Martinez

Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM has been featured in Forbes, The New Stack, VentureBeat, DevOps.com, TechCrunch, and Fortune.

Expertise

Privileged Access Management, Security, Zero Trust, Access, Identity and Access Management, Compliance, ISO 27001, Compare, HIPAA

Latest blog posts from John

Privilege Elevation and Delegation Management (PEDM) Explained

In this article, we’ll explore Privileged Elevation and Delegation Management (PEDM). You’ll learn how PEDM works and how it mitigates the risks associated with poorly managed privileged accounts. By the end of this article, you’ll understand why PEDM is an important security strategy and how businesses can use PEDM to manage privileged access and prevent cyberattacks.

What is an Attack Vector? 15 Common Attack Vectors to Know

In this article, we’ll take a deep dive into attack vectors. You’ll learn what they are, the most common types, how they’re used, and why hackers continually use them to exploit vulnerabilities. By the end of this article, you'll have a thorough understanding of the fifteen most common types of attack vectors and what you can do to prevent your organization from falling victim to them.

What Are Zero Standing Privileges (ZSP)? (And How They Work)

Securing sensitive company data starts with limiting who can access that data, and adopting a zero standing privileges security approach is a great way to control access. In this article, we’ll discuss what zero standing privileges (ZSP) are, how standing privileges are created, and how just-in-time access makes a ZSP model feasible. We’ll explore the risks that accompany standing privileges, the benefits of a zero standing privilege philosophy, and best practices to follow when adopting a ZSP

Top 7 Identity and Access Management (IAM) Solutions in 2024

In this article, we’ll compare the top IAM solutions: StrongDM, CyberArk Identity, Okta, BeyondTrust, ManageEngine AD360, Saviynt, and Twingate. We’ll explore what business needs identity and access management solutions address, and review the pros and cons of each. By the end of this article, you’ll know how to choose the right IAM solution for your organization.

Understanding ISO 27001 Controls [Guide to Annex A]

In this article, we’ll cover the 14 specific categories of the ISO 27001 Annex A controls. You'll learn how to decide which ISO 27001 framework controls to implement and who should be involved in the implementation process. By the end of this article, you'll have a basic understanding of ISO 27001 Annex A controls and how to implement them in your organization.

Zero Trust Memo From Executive Order 14028 (TL;DR Version)

It is no surprise that President Joe Biden issued a Zero Trust executive order to protect federal government networks. On May 12, 2021, recognizing the dire situation, Executive Order (EO) 14028 was issued, focusing on protecting the U.S. from cybercriminals and cyberattacks. EO 14028 specifically recommends Zero Trust Architecture as necessary to defend the nation against threat actors. This post provides a summary of Executive Order 14028.

Competitors & Alternatives to Saviynt

Saviynt is a popular identity and access management solution (IAM), but it may not be the best choice for every organization. In this article, we’ll explore powerful alternatives to Saviynt for companies with cloud-first IT infrastructure. By the end of this article, you’ll know whether Saviynt or one of these Saviynt competitors is the right fit for you.

What Is Automated Provisioning? Benefits, How It Works & More

In this article, we’ll explain the concept of automated provisioning and how it's used in identity and access management. You'll learn about the importance of automated provisioning in an organization's IT management and its benefits to businesses and system administrators. By the end of this article, you'll have a deep understanding of automated provisioning and how it works.

Enterprise Cloud Security Guide for 2024 and Beyond

Enterprise cloud security is quickly becoming a cybersecurity best practice for large organizations. In this article, we’ll explore what enterprise cloud security is, why it’s important, and the challenges organizations experience with enterprise cloud adoption. You’ll learn about common cloud security issues and the best practices you should adopt to avoid those issues. By the end of this article, you’ll feel confident choosing the right enterprise cloud solution for your organization

What Are the ISO 27001 Requirements in 2024?

To become ISO 27001 certified, organizations must align their security standards to 11 clauses covered in the ISO 27001 requirements. In this article, you’ll discover what each clause in part one of ISO 27001 covers. We’ll also take a big picture look at how part two of ISO 27001—also known as Annex A—can help your organization meet the ISO/IEC 27001 requirements.

Top 8 Privileged Access Management (PAM) Solutions in 2024

In this article, we’ll review the leading privileged access management (PAM) solutions on the market. We’ll explore the pros and cons of the top privileged access management vendors so you can easily compare the best PAM solutions. By the end of this article, you’ll feel confident choosing the right privileged access management solution for your organization.

HIPAA Compliance Checklist: Easy to Follow Guide for 2024

Following a HIPAA compliance checklist can help HIPAA-covered entities comply with the regulations and become HIPAA compliant. In this HIPAA compliance guide, we’ll review the 8 primary steps to achieving HIPAA compliance, tips on how to implement them, and frequently asked questions.

BeyondTrust vs. Delinea (Thycotic): Which Solution Is Better?

This article compares two Privileged Access Management (PAM) solutions, BeyondTrust vs. Thycotic (Delinea). It takes a closer look at how these PAM products work and how they fit in with your organization’s access management strategy. We’ll examine product summaries, use cases, and pros and cons. By the time you’re done reading this article, you’ll have a clear understanding of the similarities and differences between these PAM tools and be able to choose the tool that best fits your

What Is Cloud Identity and Access Management (IAM)?

This article looks at identity and access management (IAM) in cloud computing. You’ll learn how cloud IAM differs from traditional on-premises IAM, explore the benefits and challenges of cloud IAM, and discover how to choose the best cloud IAM system for your organization. By the end of the article, you’ll have a deeper understanding of the components of cloud IAM and how these software solutions can help mitigate cyberattacks that threaten your organization.

Want to learn more?
See StrongDM in action. 👀

Book a Demo