Topic Hubs
Explore curated collections of books, terms, and resources organized by digital identity topic area.
Zero Trust
Explore the zero trust security model based on the principle of 'never trust, always verify.' Learn about zero trust architecture, identity-centric security, continuous verification, microsegmentation, and practical migration strategies from perimeter-based security.
Authentication
Master the methods and protocols used to verify user identity. From passwords and multi-factor authentication to OAuth 2.0, OpenID Connect, SAML, and modern passwordless approaches including passkeys and biometrics.
Authorization
Understand how access decisions are made after authentication. Covers role-based access control (RBAC), attribute-based access control (ABAC), OAuth scopes, policy engines, and the principle of least privilege.
Identity Governance
Learn about the policies, processes, and technologies that govern digital identities throughout their lifecycle. Covers identity governance and administration (IGA), access reviews, provisioning, compliance, and separation of duties.
Privacy & Compliance
Navigate the intersection of identity management and regulatory compliance. Covers GDPR, SOC 2, ISO 27001, NIST 800-63, privacy by design, consent management, and data protection impact assessments.
Cloud Identity
Manage identity and access in cloud and multi-cloud environments. Covers cloud IAM for AWS, Azure, and GCP, federation, CIAM, identity brokering, and modern identity architectures including identity mesh and identity fabric.
Decentralized Identity
Explore the emerging paradigm of self-sovereign and decentralized identity. Covers decentralized identifiers (DIDs), verifiable credentials, self-sovereign identity (SSI), and the Trust over IP stack.
Passwordless Authentication
Discover the future of authentication beyond passwords. Covers FIDO2, WebAuthn, passkeys, biometric authentication, and practical strategies for migrating from password-based to passwordless authentication.
API Security
Secure your APIs with modern authentication and authorization patterns. Covers OAuth 2.0 for APIs, token management, rate limiting, API gateways, and securing microservices architectures.
Privileged Access Management
Protect your most sensitive accounts and systems. Covers privileged access management (PAM), credential vaulting, just-in-time access, session recording, and defending against privileged attack vectors.