John Martinez

Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM has been featured in Forbes, The New Stack, VentureBeat, DevOps.com, TechCrunch, and Fortune.

Expertise

Observability, Auditing, Identity and Access Management, Security, Access, Zero Trust, Secure Access Service Edge, Compare, Privileged Access Management, AWS

Latest blog posts from John

Observability vs. Monitoring: Understanding the Difference

Observability and monitoring are often used interchangeably, but there are key differences you should know between these two IT terms and the tools that enable them. In this article, we’ll explore the relationship and differences between observability vs. monitoring. Plus, you’ll learn about what makes observability and monitoring different from telemetry and application performance monitoring (APM).

Understanding GCP IAM Roles

In this article, you’ll learn about how GCP IAM works and the different types of roles that can be delegated to users as well as when those roles are most appropriate in the GCP environment. By the end of this article, you’ll have a clear understanding of the pros and cons of each different role type as well as their limitations.

Identity and Access Management (IAM) Best Practices

In this article, we'll list eleven Identity and Access Management (IAM) best practices and describe each one of them in detail. You'll also learn how to make these best practices standard in your organization.

Understanding Software-Defined Networking (SDN)

In this article, we will take a comprehensive look at software-defined networking (SDN). You’ll learn what it is, how it works, and what its benefits and disadvantages are. You’ll also learn how SDN compares to and works with other types of networks and get answers to common questions.

What is an Attack Surface? (And the Best Way to Reduce It)

Data breaches are a perpetual risk for modern organizations — and the wider your attack surface, the higher your organization’s risk of a breach. In this article, we will take a high-level look at what your attack surface is, what vectors and endpoints may be at risk, and how to analyze your attack surface.

What is SD-WAN? Everything You Need to Know

In this article, we’ll review what SD-WAN is, its history and development, as well as the key benefits and limitations of SD-WAN deployment. You’ll learn the difference between SD-WAN and WAN, VPNs, MPLS, and SDN and how the different services and solutions compare.

What Is Lateral Movement? (And How to Detect & Prevent It)

Lateral movement is when an attacker gains initial access to one part of a network and then attempts to move deeper into the rest of the network — typically via remote desktop tools or remote administration tools (RATs).

Alternatives to Pomerium

Pomerium is an "identity-aware proxy" which aims to disrupt the VPN industry. Pomerium works on just about any device, providing remote access management solutions for individuals to enterprise level companies. Pomerium works as a SASE solution which allows users to manage authentication and authorization of any internal or third party application. Essentially, Pomerium adds SSO capabilities to just about any application. However, if you're looking for a more robust way to manage access to

Alternatives to Proofpoint

Proofpoint is a SaaS based cybersecurity and compliance company which purchased Meta Networks in 2019. Proofpoint ZTNA (Meta Networks) is a Zero Trust Network Access provider that specializes in granting secure remote access from a user-level. They focus heavily on providing users with the ability to securely access company resources from any location, while ditching the need for a VPN. However, if you're looking for a simple and secure way, without expensive starting costs and required

Alternatives to Perimeter 81

Perimeter 81 is a cloud-based Secure Access Service Edge (SASE) platform that provides centralized access to local networks, applications, and cloud resources. The company takes a security-first approach and aims to disrupt the VPN industry by offering a simple and scalable network access alternative for organizations of all sizes. However, if you're looking for a more reliable and enterprise-ready solution to manage access to infrastructure, Perimeter 81 might not be the best solution for your

3 Best Enterprise VPN Alternatives for Business in 2025

This article will introduce several best business VPN alternatives to help you secure remote access using the infrastructure you already have. You’ll see how teams of all sizes—from three-person startups to large organizations like Peloton—have replaced outdated VPN architecture with secure, scalable, auditable solutions built for modern computing.

Alternatives to Google Cloud Identity-Aware Proxy (IAP)

Identity-Aware Proxy (IAP) is a Google Cloud Platform service that centralizes user access to SaaS applications and other cloud resources accessed by HTTPS. IAP secures authentication for requests made to virtual machines running on GCP and other cloud-based and on-premises applications, only granting access to users you authorize. With IAP, users can connect from untrusted networks without using a VPN.

Alternatives to AWS Cognito

AWS Cognito is a user authentication service that lets you add access control to your web and mobile apps. Cognito manages sign-up, sign-in, password changes, token refresh, data synchronization, and updates to user account attributes. The service is initially free for AWS users, and the pricing model scales as your user base grows.

Alternatives to Tailscale

Tailscale is a zero-configuration virtual private cloud that builds secure networks for WireGuard-encrypted traffic. Tailscale replaces traditional VPNs with a coordination node that acts as a control plane to manage keys and identities. This allows you to create a secure network between cloud resources without the need for firewall configuration changes. However, if your goal is to centralize and secure access to databases, servers, Kubernetes, and more, a VPN (even a fancy modern one) may not

Want to learn more?
See StrongDM in action. 👀

Book a Demo