By security practitioners, for security practitioners novacoast federal | Pillr | novacoast | about innovate
By security practitioners, for security practitioners

Innovator Series EP7: Scott Kriz of SGNL

SGNL is reshaping the way authorization works in the identity and access management space to improve security and “limit the blast radius” for account compromises like credential theft or session hijacking. We spoke with CEO and founder Scott Kriz about their exciting new approach to a legacy challenge.

Limiting The Blast Radius

While identity and access management are usually viewed as a subset of cybersecurity, in reality they’re an industry all their own. As a former Google employee who developed the underlying technology that runs Google Cloud Identity, Scott Kriz founded his newest startup, SGNL (pronounced like signal), as a solution to the under-developed authorization part of the puzzle.

Authentication has been solved for the most part, but what access is granted and what actions users can perform once they’re in is a challenge that Kriz noticed was continually being tackled by in-house teams with custom solutions. So in 2021, Kriz left Google to form SGNL, motivated by the paradigm-toppling philosophy of “zero standing privilege”—the concept that access and authorization be determined on-demand with no persistent privileges for any user, and initiated by a legitimate trigger.

In 2024, SGNL has caught fire with their robust offering which seems to check all the boxes: context-based policies, dynamic enforcement, integrations, audit-ability, scalability, and flexible SaaS options.

In our 17 minute interview with Kriz, we cover his background in the industry, his motivation for starting SGNL, and some insight into what it’s like to have to interview for your own job at Google.

Previous Post

Weekly Top 10 – 04.29.2024- Custom Exploit Tool by Russian APT Fancy Bear, Coveware Quarterly Report Released, CrushFTP Zero-day Allows Sandbox Escape, and More.

Next Post

Weekly Top 10 – 05.06.2024- Android Malware Uses Compromised WordPress Sites for C2, Microsoft Warns of Dirty Stream Android Attack, ZLoader Returns with New Defense Evasion Tactics, and More.

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.