Ep 15: From Static Keys to Runtime Authorization
An episode of the Access Granted podcast, hosted by Britive, titled "Ep 15: From Static Keys to Runtime Authorization" was published on November 4, 2025 and runs 49 minutes.
November 4, 2025 ·49m · Access Granted
Summary
Identity is no longer an IT admin task; it’s the security control plane.In this episode of Access Granted, Britive’s Nauman Mustafa sits down with Sriram Santhanam, an experienced identity and security leader, to unpack where identity security is headed and what teams can do now.What we cover:Why static keys, blanket tokens, and over-permissive roles break in cloud + SaaSMoving to runtime authorization: per-action access, short TTLs, ZSP by defaultNon-human identities & agentic AI: on-behalf-of boundaries, tool allowlists, guardrailsCrawl-walk-run vs. run if you can: where to start and how to scale safelyIGA + PAM together: SailPoint governance with runtime enforcement for day-to-day accessPractical steps after SaaS/token incidents: review scopes, remove “full,” revoke fast, instrument audit
Episode Description
Identity is no longer an IT admin task; it’s the security control plane.
In this episode of Access Granted, Britive’s Nauman Mustafa sits down with Sriram Santhanam, an experienced identity and security leader, to unpack where identity security is headed and what teams can do now.
What we cover:
Why static keys, blanket tokens, and over-permissive roles break in cloud + SaaS
Moving to runtime authorization: per-action access, short TTLs, ZSP by default
Non-human identities & agentic AI: on-behalf-of boundaries, tool allowlists, guardrails
Crawl-walk-run vs. run if you can: where to start and how to scale safely
IGA + PAM together: SailPoint governance with runtime enforcement for day-to-day access
Practical steps after SaaS/token incidents: review scopes, remove “full,” revoke fast, instrument audit
Similar Episodes
Apr 6, 2026 ·15m
Apr 6, 2026 ·6m
Apr 6, 2026 ·5m
Apr 6, 2026 ·6m
Apr 6, 2026 ·6m
Apr 6, 2026 ·6m