Rohit Agnihotri

The Identity Navigator

Welcome to "The Identity Navigator," your compass in the world of Identity and Access Management (IAM). Join us as we navigate the complexities of digital identity, security, and access control. Stay informed with expert insights, industry trends, and practical tips to safeguard your organization's digital assets. Whether you're new to IAM or a seasoned pro, tune in to unlock the strategies that will elevate your security posture. Subscribe to The Identity Navigator podcast and chart your course to secure, efficient IAM solutions.

Author

Rohit Agnihotri

Category

Technology

Podcast website

podcasters.spotify.com

Latest episode

Jul 5, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

#40 SCIM - The Protocol That Finally Made Provisioning Grow Up 05.07.2026

0-40% of SaaS accounts in the mid-2000s belonged to people who'd already left the company. Ghost accounts, quietly sitting there — and that sadly hasn't changed much today. This episode: where SCIM came from, what it actually solves, and what it still doesn't. Core RFCs: RFC 7642 — SCIM: Definitions, Overview, Concepts, and Requirements RFC 7643 — SCIM: Core Schema RFC 7644 — SCIM: Pro...

#39 Tokens — The Complete Story 12.06.2026

The Complete Token Story Let me make you a promise: by the end of this episode, no one will be able to casually brush off the word “tokens” in front of you ever again. OAuth, Tokens, JWT, IAM, Identity, API Security, Zero Trust, Security Architecture, CISO, Engineering Leadership Thank you for listening LinkedIn : https://www.linkedin.com/in/rohit-agnihotri Email : theIdentityNavigator@gmail.com

#38 - The Basics of Workload Identity 10.05.2026

In this episode of The Identity Navigator , Rohit explores workload identity from first principles: what it is, why it matters, and how it is reshaping modern identity security for microservices, Kubernetes, CI/CD pipelines, cloud workloads, and AI agents. The discussion compares workload identity with non-human identity management, API keys, Vault, and cloud-native identity services, then goes de...

#37 - Identity Categorization Done Right 25.04.2026

In this episode we explore together the “uncanny valley” of identity categorization , where taxonomy looks mature on paper but doesn’t meaningfully change controls in practice. We talk about Taxonomic Debt and control plane behind them. From service accounts and workload identities to bots, technical users, and AI agents, we argues that the real unit ofgovernance is not the label, it’s the behavio...

#36 - Your Face Belongs to Lensa 22.03.2026

In late November 2022, a little-known app called Lensa went from obscurity to everywhere. Celebrities, influencers, and millions of ordinary people uploaded their selfies and got back stunning AI-generated portraits, fantasy warriors, Renaissance paintings, cyberpunk heroes, and more. The app’s viral “MagicAvatars” feature launched in late November and propelled Lensa to the No. 1 spot on the iOS...

#35 - How Stolen Sessions are Bypassing MFA and How to Finally Stop Them 28.02.2026

Imagine this: Tuesday morning. Security dashboard green. MFA at 100%. Privileged accounts vaulted. Fortress built. Then an attacker logs in as your CFO via a stolen browser cookie. No password guess. No brute force. Your stack? Silent. We dive into Pass-the-Cookie attacks, the elite technique bypassing MFA via infostealer malware and AiTM phishing. We cover: Bearer tokens as the “keycard anyone ca...

#34: Move 37: The Moment AI Stopped Playing by Human Rules 14.02.2026

In March 2016, a machine made a move in the ancient game of Go that changed everything. A commentator, a world-class professional, watched it and said: "This is not a human move."   Lee Sedol, one of the greatest Go players alive, took off his glasses, stood up, and walked away from the board. For 15 minutes, he just sat in silence, shaken. That move was AlphaGo's Move 37. And it's a prophecy abou...

#33 How Good Is Your AI, Really? 24.01.2026

Most AI projects don’t fail because the models are dumb. They fail because the business questions are. In this episode, we breaks down why “95% accuracy” has become the most dangerous comfort blanket in enterprise AI and what leaders should be looking at instead. Through a healthcare claims story, email spam examples, fraud scenarios, and churn prediction, we walks you from the simple accuracy met...

#32 23 People and One Visionary 11.01.2026

23 People and One Visionary: The Birthday Paradox Lesson Steve Jobs Understood The birthday paradox, the mathematical reality that just 23 people create a 50% probability of shared birthdays reveals something uncomfortable about leadership: our intuition systematically fails us in counterintuitive domains. In this episode, we explore how this mathematical principle exposes a critical vulnerability...

#31 Exposed – When Vault Becomes the Breach: Inside Cloud Secrets Heists 21.12.2025

In this episode of  The Identity Navigator , I dig into how my favorite cloud secrets managers—AWS Secrets Manager, Azure Key Vault, GCP Secret Manager, Kubernetes Secrets, and HashiCorp Vault—can quietly turn into an attacker’s jackpot when configuration, permissions, and monitoring fall behind. Using MITRE ATT&CK technique T1555.006 as my backbone, I walk through real-world campaigns like LU...

#30: The Consent Crisis 15.11.2025

Who Really Owns Your Consent? From Messaging Apps to Payroll System In this episode we discuss how to build a privacy-first payment ecosystem and are we ready to challenge the convenience-first mindset that says “Just store the card, it’s easier.” Messaging apps raised the bar. Identity systems are catching up. It’s time for financial systems to follow, to make consent the default, not the afterth...

#29 The Evolution of IGA Tools 05.10.2025

Identity Governance & Administration didn’t arrive fully formed, it evolved. In this episode we walk through the journey of IGA. From homegrown scripts and spreadsheets to heavyweight platforms like Sun, Oracle, and CA. The rise of governance-first thinking with SailPoint and Saviynt . How compliance, cloud, and complexity reshaped the market Email: theIdentityNavigator@gmail.com LInkedIn: /ro...

# 28 Hello, I’m Root: When Entitlement Becomes Ego 27.07.2025

Remember when smoking looked cool? For years in tech, holding root access was the same, a badge of honor, proof you were trusted, heroic, untouchable. In tech, we have our own “smoking”, permanent root/admin access. For years, being the engineer with root was a badge of honor. It felt powerful, even heroic. You were the one who could swoop in and “save the day.” But beneath the surface, this creat...

#27 Where Are the Aliens? 07.06.2025

Have you ever wondered why we haven’t discovered alien life? And how does this connect to IAM maturity, systems thinking, and organizational psychology? In this episode, I dive deep into the Fermi Paradox, explore the complexities of IAM maturity, and draw surprising parallels between the search for extraterrestrial intelligence and the journey organizations face in their IAM evolution. Tune in as...

#26 Bearer Tokens: From Briefcases to Browsers 03.05.2025

This episode was inspired by Ozark: A crime drama where a financial advisor is pulled into the world of money laundering   Ever wondered why simply  holding  a token grants you access—no passwords, no challenges, just pure possession? In this episode we trace the surprising journey of bearer tokens from their financial origins to the backbone of modern digital identity. Whether you’re architecting...

#25 Resource Mining - A pre-requisite that is never met 16.03.2025

In the context of IAM, resource mining refers to theprocess of discovering, cataloging, and analyzing resources within an organization's environment to understand their structure, permissions, ownership, and access controls. The goal is often to gain visibility into the resources (e.g., applications, servers, databases, files, or cloud infrastructure), their associated identities and usage pattern...

#24 Self-Healing IAM Systems - A Business Centric Framework 02.03.2025

A self-healing IAM system enhances enterprise security by automating identity governance, mitigating operational risks, and ensuring adaptive security resilience. By leveraging this framework organizations cancreate dynamic, self-correcting identity frameworks that reduce administrative overhead and improve security posture. Self-healing mechanisms ensure robust access management by automatically...

#23 Fractured Identity: An In-Depth Exploration 16.02.2025

Fractured identity occurs when a single user is unintentionally associated with multiple distinct accounts across different systems or within the same system. This fragmentation can arise in several scenarios, such as customer service interactions, where new user identities are created without linking them to existing ones, or when identity data across different systems is inconsistentor cannot be...

#22 Unquestioned Assumptions 18.01.2025

In this episode we understand what "Unquestioned Assumptions" are, why they are limiting and how to recognize them. At its core, these are beliefs, habits, or expectations we adopt without verifying their accuracy or relevance. They shape our decisions, guide our strategies, and even influence how we view success. Contact Us: Email: theIdentityNavigator@gmail.com LinkedIn: https://www.linkedin.com...

#21 Graph DB: A must have for intelligent IAM systems 06.10.2024

In this episode, we take a deep dive into the role of graph databases in Identity and Access Management (IAM) and explore why they are becoming indispensable in modern IAM systems. For over 25 years, LDAP and relational databases have been he backbone of IAM. However, as the demands of IAM systems evolve, particularly in cloud-native and enterprise environments, it's clear that traditional databas...

#20 Unlocking PKI: Why It's Not Yet Mainstream in Identity and Access Management 21.09.2024

In this episode, we dive into the world of Public Key Infrastructure (PKI) and explore why it's not more widely adopted in the Identity and Access Management (IAM) space,  despite being considered the gold standard of credential assurance by many experts. We'll unravel the complexities of PKI, discuss its advantages and challenges, and examine the reasons behind its limited mainstream pres...

#19 Beyond PAM for BeyondTrust - A new ITDR offering: Identity Security Insight 10.08.2024

BeyondTrust mention reminds most of us of privileged access management. Interestingly on their website, the first thing they mentioned was "PAM Products and ITDR" BeyondTrust has multiple products in their product suite and the one of the newest addition is Identity Security Insight, launched in 2023 and focused on ITDR Let's check them out together  Website: https://www.beyondtrust....

#18 ITDR - A promising domain or just another fad 28.07.2024

In this episode of the Identity Navigator podcast, we explore the multifaceted world of Identity Threat Detection and Response (ITDR). The episode delves into how various players in the market each bring their unique interpretations of ITDR, contributing to a diverse and innovative landscape. This diversity is pushing the boundaries of identity security, prompting a deep dive into the intricacies...

#17 Continuous Access Evaluation and Twosense - fascinating domain and a wonderful product 14.07.2024

Some call it continuous MFA, some call it continuous access evaluation, but it's starting to become part of the enterprise security. This can tie back into NIST, Zero Trust Architecture or in  PCI compliance. It’s just not a different form of MFA, it is more then that and Twosense is leading that space. They can be found online at www.twosense.ai as well as on LinkedIn (https://www.linkedin.com/co...

#16 PlainID and PBAC - An excellent solution to a very relevant problem 24.06.2024

A deep dive into Authorization, Policy Based Access Control (PBAC) and how PlanID is solving the problem http://www.plainid.com Docs - https://docs.plainid.io Dev portal -  https://docs.plainid.io/v1-api Integration hub - https://www.plainid.com/ispm-platform/integration-hub/ Knowledge base - https://plainid.atlassian.net/servicedesk/customer/portal/16/article/2951151895

Listen to the The Identity Navigator podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.