<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

Want to master Kubernetes access control? 🚀 Join our upcoming webinar!

Search
Close icon
Search bar icon
Search
Close icon
Search bar icon
John Martinez

John Martinez

Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM has been featured in Forbes, The New Stack, VentureBeat, DevOps.com, TechCrunch, and Fortune.

Expertise

Compliance, HIPAA, Security, Integrations, Databases, Productivity, ISO 27001, Authentication, SOC 2, Passwordless

Latest blog posts from John

What Are the Three Rules of HIPAA? Explained
What Are the Three Rules of HIPAA? Explained
While HIPAA rules benefit both patients and providers, failure to comply with these standards can have significant downsides for both parties. That’s why it is important to understand how HIPAA works and the key areas it covers. Read on to discover the three rules of HIPAA and how you can apply them to help your organization ensure compliance.
The HIPAA Minimum Necessary Standard Explained
The HIPAA Minimum Necessary Standard Explained
This article gives you a broad look at the Health Insurance Portability and Accountability Act (HIPAA) minimum necessary standard. You’ll learn about its requirements, exceptions, and how to implement it.
What Is a HIPAA Violation? 12 Most Common Examples
What Is a HIPAA Violation? 12 Most Common Examples
This article digs into Health Care Accountability and Portability Act (HIPAA) violations. Discover what they are and get examples of typical HIPAA violations in healthcare. Plus, learn how breaches are detected and reported and what you can do to protect your organization.
HIPAA Violation Fines and Penalties by Tiers (Civil & Criminal)
HIPAA Violation Fines and Penalties by Tiers (Civil & Criminal)
This article breaks down the different HIPAA penalties—including civil and criminal penalties—and the maximum penalties for HIPAA violations. Find out who is liable under HIPAA, what the most common HIPAA violations are, and how to ensure compliance and prevent HIPAA violations in your own organization.
What is Just-in-Time Access (JIT)? Benefits, Types & More
What is Just-in-Time Access (JIT)? Benefits, Types & More
Today, we’ll take a look at what just-in-time access (JIT) means and what types there are. You’ll also learn about what a JIT access solution can do for your organization. By the end of this article, you’ll understand how just-in-time access works, the best practices to ensure secured implementation, and how strongDM comes to the rescue.
ISO 27001 Audit: Everything You Need to Know
ISO 27001 Audit: Everything You Need to Know
In this article, we’ll cover everything you need to know about conducting ISO/IEC 27001 audits to receive and maintain your ISO 27001 certification. You’ll learn about ISO 27001 audit requirements, why an ISO 27001 audit is important, how long it takes to conduct audits, and who can conduct audits that prove your company follows up-to-date information security management best practices.
11 Common Authentication Vulnerabilities You Need to Know
11 Common Authentication Vulnerabilities You Need to Know
In this article, we’ll take a look at what authentication vulnerabilities are, how they emerge, and how these issues can affect your organization. Also, you’ll learn about the most common authentication-based vulnerabilities and their implications. By the end of this article, you’ll know the best practices to prevent these authentication issues and keep sensitive data safe.
ISO 27001 Certification Process: A Definitive Guide
ISO 27001 Certification Process: A Definitive Guide
In this article, you’ll learn about what the ISO 27001 certification process is and how it can be used to lay the foundation for a secure organization. By the end of this article, you’ll have a good understanding of why an ISO 27001 certification is a signal of an organization’s commitment to data protection and risk mitigation.
ISO 27001 vs. 27002 vs. 27003: What’s the Difference?
ISO 27001 vs. 27002 vs. 27003: What’s the Difference?
Organizations around the world rely on the standards set in the ISO 27000 series for information security management best practices. In this article, we’ll compare the first three standards in the ISO/IEC 27000 family: ISO 27001 vs. 27002 vs. 27003. By the end, you’ll have a better understanding of what each standard covers, how they differ from one another, and when to use them.
ISO 27001 Checklist: 10-Step Implementation Guide
ISO 27001 Checklist: 10-Step Implementation Guide
In this article, we’ll walk you through the ISO 27001 checklist you’ll use en route to your cybersecurity certification. From assigning roles to implementing controls, assessing risks, and documenting your processes for future audits, you can use the ISO 27001 compliance checklist to ensure you’re on the right track for your official audit.
How Much Does ISO 27001 Certification Cost in 2025?
How Much Does ISO 27001 Certification Cost in 2025?
In this article, we’ll look at the overall price tag for one International Standards Organization certification (ISO 27001), along with some of the factors that impact costs and why they vary across organizations. You’ll learn about different ISO 27001 certification costs, from the audit, with its ISO 27001 exam cost, to implementation and maintenance. By the end of this article, you’ll get a sense of the factors involved in ISO 27001 certification and be able to compare quotes to decide your
ISO 27001 vs. SOC 2: Understanding the Difference
ISO 27001 vs. SOC 2: Understanding the Difference
SOC 2 and ISO 27001 both provide companies with strategic frameworks and standards to measure their security controls and systems against. But what’s the difference between SOC 2 vs. ISO 27001? In this article, we’ll provide an ISO 27001 and SOC 2 comparison, including what they are, what they have in common, which one is right for you, and how you can use these certifications to improve your overall cybersecurity posture.
What is WebAuthn? Web Authentication Explained
What is WebAuthn? Web Authentication Explained
In this article, we will take a deep dive into WebAuthn and some of its associated authentication concepts. We’ll go over the history of WebAuthn and help you better understand the benefits and challenges of using this standard of secure authentication. By the end of this WebAuthn guide, you’ll be able to fully define the concept and grasp how to incorporate it into your organization's security program and web applications.
The Definitive Guide to FIDO2 Web Authentication
The Definitive Guide to FIDO2 Web Authentication
In this article, we will take a big-picture look at FIDO2 and how it applies to passwordless authentication. You’ll learn about the origins of FIDO2, its advantages and disadvantages, the differences between FIDO2, FIDO, and WebAuthn, and how UAF and U2F differ. By the end of this article, you’ll have a clear understanding of how FIDO2 works, what problems it solves, whether you need FIDO2 certification, and what that certification entails.
new-strongdm-desktop-app-ui
Want to learn more?
See StrongDM in action. đź‘€
Book a Demo