Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The moment teams move from one cloud to two, identity governance starts to fracture. Roles don’t translate cleanly, and access reviews lag behind deployment velocity. Multi-cloud identity management is the practice of controlling who can access what across AWS, Azure, GCP, Kubernetes, SaaS tools, databases, and other cloud-connected systems.

One compromised privileged account can undo millions in security investments. Attackers know this. In fact, it's the reason privileged access has become the most sought-after prize in the modern enterprise. Gone are the days when getting past the firewall was enough to give an attacker free rein. Widespread adoption of Zero Trust principles, stronger default configurations and better security hygiene have made that approach obsolete. So, adversaries have adapted.

In the ever-evolving cybersecurity landscape, managing access and mitigating risk across complex enterprise environments has never been more critical. The latest KuppingerCole Leadership Compass for Business Application Risk Management has officially recognized One Identity as an Overall Leader. This distinction underscores the One Identity commitment to providing robust, scalable solutions for today’s diverse and difficult IT security infrastructures.

For years, Privileged Access Management (PAM) was built around a simple assumption: privileged access is primarily a human problem. That assumption is rapidly collapsing. Modern enterprises are no longer driven mainly by administrators logging into servers. They are increasingly powered by APIs, containers, automation pipelines, microservices, cloud workloads, and AI-driven systems communicating continuously at machine speed.

A newly disclosed privilege-escalation flaw in Microsoft Active Directory Domain Services (AD DS) is a timely reminder that identity infrastructure continues to be one of the most consequential attack surfaces in any enterprise. CVE-2026-25177, rated HIGH with a CVSS score of 8.8, allows an authenticated domain user to escalate their privileges over the network without any elevated starting point or user interaction.

Everyone uses developer tools to get through the day. A JSONFormatter to inspect an API response, or a JWT decoder when you need to inspect a token quickly. In most engineering teams, these tools are treated as harmless productivity aids. In November 2025, researchers discovered that JSONFormatter and CodeBeautify had been storing everything users pasted into them via a save feature that generated shareable links with fully predictable URL structures. A simple crawler could retrieve all of them.

There’s never a good time to lose a production database, but losing one to your own AI coding agent on a Friday afternoon has to rank near the bottom of the list. That’s the backdrop to the PocketOS incident, and it’s the clearest case yet for why AI agent security and intent-based access control belong at the top of every cloud security roadmap this year.