INSIGHTS & RESEARCH

The Credential Governance Blog

Engineering and strategy perspectives on credential governance — the 5 pillars of password and passwordless identity, RACF and mainframe access control, IAM program design, and the compliance frameworks that shape it.

A breached cloud identity control plane — Entra ID authenticator registration, Azure RBAC, Key Vault, and SQL surfaces reached through a single missing governance moment in the joiner/mover/leaver lifecycle.

FEATUREDIAM & Identity Governance

What Storm-2949 Actually Broke: Identity Governance, Not Self-Service Password Reset

Microsoft's Storm-2949 disclosure exposed an identity governance gap, not a password gap. What service-principal hygiene, JIT RBAC, and lifecycle attestation would have caught.

29. Mai 2026•Andre Arantes•17 min read

Latest Posts

Fresh from the engineering team and credential governance practice.

IAM & Identity Governance

What Storm-2949 Actually Broke: Identity Governance, Not Self-Service Password Reset

Microsoft's Storm-2949 disclosure exposed an identity governance gap, not a password gap. What service-principal hygiene, JIT RBAC, and lifecycle attestation would have caught.

29. Mai 2026•Andre Arantes

Side-by-side comparison of IBM RACF and ACF2 — two mainframe access control systems compared across security features, scalability, and cost.

RACF & Mainframe

RACF vs. ACF2: Key Differences and How to Choose the Right Mainframe Access Control

RACF vs. ACF2: a 2026 mainframe security comparison covering features, scalability, cost, and how to choose the right option for your z/OS environment.

8. Juli 2024•Marcelo Victor