Blog

We Are C1

Mon, 06 Apr 2026 07:00:00 GMT

Today, ConductorOne becomes C1. A new name for a new era of identity — one where AI agents outnumber humans and the identity platform must govern both.

Squire: Agentic-First Ephemeral Dev Environments at C1

Fri, 03 Apr 2026 13:00:00 GMT

How C1 built Squire, an agent-first ephemeral development environment where AI agents operate on real, running instances of the product. Learn about the workflow engine, CLI, Slack integration, and how we're operationalizing the agentic enterprise internally.

A CISO's Top 3 Takeaways from RSA Conference 2026

Wed, 01 Apr 2026 07:00:00 GMT

C1 Field CISO Kevin Paige breaks down the three defining security shifts from RSA Conference 2026: the agent governance crisis, 22-second attack windows that broke human-in-the-loop defense, and the rise of MCP as the protocol controlling every AI agent in your enterprise.

Your Recruiting Stack Is a Disaster. We're Burning Ours Down.

Fri, 27 Mar 2026 07:00:00 GMT

Most recruiting stacks are six tools, six contracts, and eight UIs duct-taped together. C1's Head of Talent explains why we stopped buying tools and started building AI agents that give recruiters their real job back.

The Fastest Path to AI Is Now the Safest Path: Introducing AI Access Management by C1

Thu, 19 Mar 2026 07:00:00 GMT

Today, we're announcing AI Access Management: a unified control plane for managing access to AI tools and data used by employees, in personal assistants, and enterprise agents.

Extensible Identity Flows: How C1 Finally Made Joiner Provisioning Bend to Your Rules

Wed, 18 Mar 2026 07:00:00 GMT

Joiner flows accumulate business logic that outgrows whatever system tries to express it. Here's how C1's extensible identity flows and Functions let you describe exactly what your organization needs — without external scripts or an engineering team.

Introducing Secret Sharing in C1

Tue, 17 Mar 2026 00:00:00 GMT

Securely share credentials without Slack, vault sprawl, or risk. C1’s Secret Sharing encrypts secrets client-side, enforces access controls, and auto-expires links—simple, auditable, and built into identity governance.

Three Properties Identity Must Have in the Agentic Era

Thu, 12 Mar 2026 07:00:00 GMT

Identity governance was failing before AI agents arrived. With multiple agents per employee spawning their own, here's what infrastructure must look like to survive.

Your AI Strategy Has a Blind Spot

Sun, 08 Mar 2026 07:00:00 GMT

AI governance isn't a new silo. It's an identity problem. See how identity-first governance makes every team AI-native without sacrificing control.

Access Management Needs a Conductor, Not More Instruments

Wed, 04 Mar 2026 07:00:00 GMT

Kevin Paige argues that enterprise identity's real problem isn't the tools -- it's the lack of orchestration. With AI agents multiplying and identity sprawl accelerating, access management needs a conductor, not more instruments.

Introducing Functions: Extend Identity Governance With Custom Code, Built Directly Into C1

Wed, 25 Feb 2026 09:00:00 GMT

Extend identity governance with C1 Functions. Write and run custom TypeScript code securely to automate workflows, provisioning, and policy logic.

How RRCU Uses C1 Automations to Streamline Identity Operations

Mon, 23 Feb 2026 07:00:00 GMT

Automate identity governance with C1 Automations. See how Red River Credit Union streamlined onboarding, offboarding, access reviews, and platform migrations using no-code workflows, AI optimization, and real-time identity data to reduce manual effort and improve security.

Your Enterprise Needs an Immune System, Not a Better Firewall

Wed, 18 Feb 2026 07:00:00 GMT

Kevin Paige explores why identity and access management must evolve into a distributed “enterprise immune system” to govern AI agents, non-human identities, and continuous risk.

Why IAM, IGA, and PAM Break in the Agentic Enterprise

Tue, 17 Feb 2026 01:00:00 GMT

Identity built for humans can’t govern autonomous AI. Learn why IAM, IGA, and PAM break in the agentic enterprise and what a modern identity control plane must look like.

Defining the Agentic Enterprise

Wed, 11 Feb 2026 00:00:00 GMT

The agentic enterprise is reshaping how work gets done. C1 CEO Alex Bovee explains why humans are becoming managers of AI agents, why identity becomes the control plane, and what organizations must rethink to scale automation without losing security or governance.

What Identity Governance Looks Like When Automation Does the Work

Tue, 10 Feb 2026 07:00:00 GMT

What does identity governance look like when automation does the work? New data from C1 customers shows how organizations govern access at scale with policy and automation.

The Modern IGA RFP Guide: How to Choose the Right Identity Governance Platform in 2026

Mon, 09 Feb 2026 07:00:00 GMT

Finding the right IGA solution in 2026 can be a challenge. Learn how to build an effective RFP, evaluate vendors, and choose a platform that simplifies identity security, scales with your business, and accelerates time to value.

Meet Automations Architect: Build Automated Workflows in Minutes

Fri, 06 Feb 2026 09:00:00 GMT

Meet Automations Architect, C1’s AI assistant for identity automation. Build, edit, and deploy secure workflows using natural language.

The IGA Maturity Curve: Shifting from Reviews to Assurance

Fri, 06 Feb 2026 07:00:00 GMT

A GRC leader’s take on why manual UARs are breaking down and what continuous identity assurance looks like in practice.

January 2026 Product Updates: Modern Identity at Scale

Fri, 30 Jan 2026 07:00:00 GMT

See C1’s January 2026 updates, focused on continuous identity governance, self-service automation, faster access reviews, and deeper visibility.

Take Full Control of Identity Data with Advanced Attribute Mapping in Super Directory

Tue, 27 Jan 2026 07:00:00 GMT

Learn how Super Directory uses fallback mappings and CEL expressions to precisely map user attributes and match identities across apps in C1.

Why User Access Reviews Are Becoming a Relic of the Past

Tue, 20 Jan 2026 07:00:00 GMT

UARs aren’t enough for modern identity risk. Discover how continuous, policy-driven controls replace review-centric governance without breaking audits.

10 IGA Metrics Every Security Team Should Use to Measure Success

Fri, 16 Jan 2026 00:00:00 GMT

Still measuring IGA by checklists? Learn the identity governance metrics that show real risk reduction and efficiency in 2026.

NIST’s New Cyber AI Profile Signals a Shift: AI Security Starts With Identity

Tue, 13 Jan 2026 07:00:00 GMT

NIST released a new Cyber AI Profile outlining how to secure AI at scale. See why identity is central to AI security and what teams must do next.

Identity Becomes the Battlefield: 3 Cybersecurity Predictions for 2026

Thu, 08 Jan 2026 07:00:00 GMT

Identity becomes the top cybersecurity risk in 2026. Explore three predictions on identity security, agentic AI, and IAM consolidation.

How Dynamic Access Enables Least Privilege

Fri, 02 Jan 2026 07:00:00 GMT

See how C1 enables dynamic access control using real-time context to grant and revoke access as work changes.

December Product Wrap-Up

Tue, 30 Dec 2025 07:00:00 GMT

December product updates focused on better UX, faster access reviews, stronger insights, and expanded connectors to help identity governance scale.

Access Profiles: A Smarter Way to Manage and Provision Access

Mon, 22 Dec 2025 07:00:00 GMT

Learn what access profiles are in C1, how they group entitlements, enable automation, and simplify access requests, reviews, and onboarding at scale.

Incremental Sync: How C1 Keeps Identity Data Fresh in Real Time

Thu, 18 Dec 2025 07:00:00 GMT

Learn how C1’s incremental sync keeps identity and access data fresh using event-based updates for real-time identity governance.

Risks of Weak Identity Governance in 2026

Fri, 12 Dec 2025 07:00:00 GMT

Identity is the fastest-growing attack surface in 2026. See how weak identity governance, manual UARs, and AI agents increase risk.

Human vs. Non-Human Identities Explained

Tue, 09 Dec 2025 07:00:00 GMT

Discover how non-human identities like service accounts and AI agents work, why they create new security risks, and how to govern them effectively.

Identity Maturity in 2026: How the Best Teams Move Forward

Thu, 04 Dec 2025 07:00:00 GMT

Learn how leading teams build visibility, governance, and automation to reduce risk and scale securely.

To Provision or Not to Provision: Why JIT Solves The Helpdesk Catch-22

Thu, 04 Dec 2025 07:00:00 GMT

Discover how just-in-time access and agentic automation empower helpdesk teams to work faster and safer. Learn how C1 eliminates standing privileges, reduces bottlenecks, and supports technician growth without compromising security.

SoD in Modern Identity Security: How C1 Prevents Access Conflicts Before They Become Risk

Tue, 25 Nov 2025 07:00:00 GMT

Learn how C1 detects, prevents, and remediates access conflicts to enforce separation of duties and strengthen your identity security program.

So Long, Standing Access: Inside Instacart’s Just-In-Time Access Playbook

Tue, 18 Nov 2025 07:00:00 GMT

Learn how Instacart built a fully automated, policy-driven, engineering friendly just-in-time (JIT) access program with C1.

Introducing C1’s Advanced Microsoft Teams Integration: Identity Security Where Your Team Works

Wed, 12 Nov 2025 12:00:00 GMT

C1 now brings secure access workflows directly into Microsoft Teams, helping employees complete reviews and requests without switching tools. Reduce friction, speed up decisions, and improve adoption with identity security that fits naturally into the flow of work.

Here's What Your Auditor Thinks About Agentic AI

Mon, 10 Nov 2025 07:00:00 GMT

Learn how agentic AI is changing the audit process, magnifying risk fundamentals, and raising the compliance floor.

Meet Super Directory: Identity Orchestration Starts Here

Thu, 06 Nov 2025 12:00:00 GMT

Introducing Super Directory, C1’s single source of truth for identity data. Standardize attributes, manage profile types and groups, automate updates across your stack, and strengthen security with clean, consistent, centralized identity management.

How Tide Uses C1 to Operationalize Least Privilege at Scale

Wed, 05 Nov 2025 07:00:00 GMT

Modernizing identity at scale: See how Tide adopted C1 and Terraform to move from static, role-based access to needs-based least privilege, automate birthright and just-in-time access, and streamline approvals for 2,000 users across critical systems.

C1, the Identity Security Platform of the AI Era, Raises $79M Series B

Tue, 28 Oct 2025 13:00:00 GMT

C1 has raised $79M to lead the next era of identity security—replacing legacy identity tools with an AI-native platform that secures every human, machine, and AI identity at enterprise scale. Learn how we unify access, automate governance, and deliver real security outcomes for the modern enterprise.

How Weaviate Automated Privileged Access And Turned Zero Trust Into A Customer Win

Fri, 24 Oct 2025 07:00:00 GMT

C1 helped Weaviate eliminate standing access and cut manual access management from two days to two hours per week with fully automated JIT workflows.

Building Trust Through Connector Reliability

Tue, 21 Oct 2025 07:00:00 GMT

Reliable IGA connectors are critical to identity security. Learn how C1 ensures trust and accuracy with anomaly detection, monitoring, and safe controls.

The Power of Policies in C1

Wed, 08 Oct 2025 07:00:00 GMT

Discover how C1’s flexible, layered policies automate access reviews, approvals, and least privilege at enterprise scale.

Custom Connectors: Simplifying Integrations Without Code

Thu, 02 Oct 2025 07:00:00 GMT

Learn how C1 makes custom connectors fast and flexible with 300+ out-of-the-box integrations, YAML no-code options, and the Baton SDK. Simplify app onboarding, streamline identity governance, and scale your access management program with ease.

Virtual Entitlements: Simplifying Access and Bundling Permissions

Tue, 30 Sep 2025 07:00:00 GMT

Discover how C1’s virtual entitlements simplify identity management by translating technical group names into plain language and bundling permissions into intuitive apps. Learn real-world use cases that improve clarity, reduce IT overhead, and streamline access requests.

Moving Beyond Least Privilege

Fri, 26 Sep 2025 07:00:00 GMT

Least privilege has long been security’s holy grail—but in today’s world of app sprawl, AI agents, and constant change, it’s broken. Learn why zero standing access is the future, with just-in-time provisioning, step-up approvals, and full auditability.

Managing Identity as Code: How to Use Terraform with C1

Tue, 23 Sep 2025 07:00:00 GMT

Discover how Terraform and C1 turn identity management into code. Automate policies, rotate secrets, manage access profiles, and gain auditability for secure, efficient, and consistent identity governance.

Accelerating Integrations with AI-Generated Connectors

Thu, 18 Sep 2025 07:00:00 GMT

Discover how C1 uses AI-generated connectors enable faster integrations, greater scalability, and complete visibility across your environment.

Simplifying FedRAMP Compliance with C1

Wed, 17 Sep 2025 07:00:00 GMT

Learn what FedRAMP is, why it matters for cloud service providers, and how C1 simplifies compliance with automated user access reviews, data accuracy reporting, and modern identity governance to accelerate authorization and reduce risk.

From Manual to Intelligent: Using AI to Mature Your IGA Program

Fri, 12 Sep 2025 07:00:00 GMT

See how AI can mature your identity governance and administration (IGA) program. C1’s AI agent Thomas automates approvals, access reviews, and policy enforcement, while Copilot, an interactive assistant, streamlines workflows, surfaces risk insights, and guides smarter decisions. Scale governance for human and non-human identities, reduce IT overhead, and enforce least privilege at enterprise scale.

How UAR Automation Improves Audit Readiness and Reduces Risk

Tue, 09 Sep 2025 07:00:00 GMT

Automate user access reviews to save time, cut risk, and boost audit readiness. See how C1 transforms UARs into continuous control.

Security vs. Compliance: Bridging the Gap with C1

Fri, 05 Sep 2025 07:00:00 GMT

Learn why modern identity governance must shift from checkbox compliance to a security-first approach with proactive access reviews, least privilege, and automation that keeps you audit-ready.

Spotting the Unknown: How Grant Found Trigger Automation Strengthens Security

Wed, 03 Sep 2025 07:00:00 GMT

Discover how C1’s grant found trigger automation helps security teams detect and remediate shadow access in real time. Stop unmanaged grants in AWS, GCP, GitHub, and more with automated workflows that notify, review, or revoke to enforce least privilege and close access blind spots.

Meet IVIP: A New Era of Identity Visibility

Thu, 28 Aug 2025 07:00:00 GMT

Discover Gartner’s new IVIP category and how C1 delivers unified identity visibility and intelligence to secure every identity.

How Treasure Data Transformed User Access Reviews with C1

Tue, 26 Aug 2025 07:00:00 GMT

Discover how Treasure Data transformed its user access review program from manual spreadsheets to intelligent, continuous reviews with C1—cutting 160+ hours annually, expanding scope, and achieving meaningful security outcomes beyond compliance.

Five Ways to Streamline SOX Compliance with C1

Wed, 20 Aug 2025 07:00:00 GMT

C1 automates access reviews, centralizes reporting, and streamlines SOX compliance for faster, audit-ready results.

How SLA Escalation Policies Work in C1

Thu, 14 Aug 2025 07:00:00 GMT

Learn how C1’s SLA escalation policies prevent stalled access requests by automatically escalating or rerouting approvals. Keep workflows moving and productivity high.

Build vs. Buy for IGA: Why C1 Wins Every Time

Thu, 07 Aug 2025 00:00:00 GMT

Compare the true costs of building vs. buying an identity governance solution and see why C1 delivers faster, more cost‑effective, and future‑ready results.

Simplify Onboarding with Automated Account Provisioning

Tue, 05 Aug 2025 07:00:00 GMT

Automate and streamline employee onboarding with C1, delivering instant birthright access, seamless account provisioning, and a frictionless first-day experience.

Four Ways to Use C1 Automations to Strengthen Security

Thu, 31 Jul 2025 07:00:00 GMT

Automate identity security with speed and precision. Learn how C1 Automations help security teams reduce risk, enforce least privilege, and respond to high-risk access changes in real time without adding operational overhead.

U.S. vs. U.K. Perspectives on AI and Security

Thu, 24 Jul 2025 07:00:00 GMT

A firsthand look at how AI adoption, regulation, and security culture differ between the U.S. and U.K. and what that means for identity governance in a global world.

IT’s Silent Assassin: How to Handle Ninja SaaS

Tue, 22 Jul 2025 07:00:00 GMT

Learn how to spot and manage Ninja SaaS, unauthorized apps that quietly enter your environment, before they turn into costly security and compliance risks.

How to Streamline IT Operations with C1 Automations

Thu, 17 Jul 2025 07:00:00 GMT

Learn how C1 Automations helps IT teams eliminate manual work, reduce license costs, and streamline access workflows at scale.

Rethinking Identity for an AI-native Future

Tue, 15 Jul 2025 07:00:00 GMT

SaaS is being redefined by agentic AI. This blog explores how the shift is transforming identity security, creating new challenges and opportunities for platforms built to govern at AI scale.

How to Automate ILM with C1

Wed, 09 Jul 2025 01:00:00 GMT

Learn how to automate identity lifecycle management (ILM) with C1 to streamline onboarding, reduce risk, and simplify access changes across your organization.

Inside C1's Customer-First Support Model

Tue, 01 Jul 2025 07:00:00 GMT

C1’s support model is fast, hands-on, and built into the way you work. With a platform designed for ease of use and a team that’s always ready to help, we make support seamless, strategic, and human.

The Pressure Is Real: Inside the Stress and Resilience of Today’s Security Leaders

Thu, 26 Jun 2025 07:00:00 GMT

Explore how today’s security leaders are navigating rising identity threats, intense pressure, and limited resources—with resilience, urgency, and a mission-first mindset.

Beyond Checking the Box: How to Use UARs for Real Security

Fri, 20 Jun 2025 07:00:00 GMT

Most companies treat user access reviews (UARs) as a compliance checkbox, but that’s a missed opportunity. This blog explores how leading security teams use UARs to reduce risk, eliminate unused access, and enforce policies more effectively, with real-world examples you can implement today.

Identity Governance vs. SaaS Management Solutions

Tue, 17 Jun 2025 07:00:00 GMT

Many teams confuse SaaS management tools with identity governance platforms, but they solve entirely different problems. Learn why SMPs can’t secure your business and what it really takes to manage access risk.

Managing Identity for SQL-Powered Apps: No APIs Necessary

Thu, 12 Jun 2025 13:00:00 GMT

Discover how Baton-SQL helps organizations integrate legacy and homegrown applications into their identity governance programs, no APIs or custom code required. Learn how our open-source connector enables fast, scalable access to identity and access data directly from any SQL database.

Managing Non-Human Identity Risk in 2025

Tue, 10 Jun 2025 13:00:00 GMT

In 2025, non-human identities from service accounts to AI agents have become the fastest-growing and most urgent identity risk, forcing security teams to rethink access governance at scale. Learn more from our 2025 FIS report.

The Cure for IGAD: Identity Governance Anxiety Disorder

Tue, 03 Jun 2025 00:00:00 GMT

At C1, we talk to security and IT teams every day. And we’ve noticed a troubling trend. We’re not doctors, but the symptoms are hard to ignore. After years of watching identity pros suffer in silence, we’re finally giving the condition a name: Identity Governance Anxiety Disorder.

Key Takeaways From the 2025 Future of Identity Security Report

Thu, 29 May 2025 00:00:00 GMT

The 2025 Future of Identity Security Report reveals how security leaders are accelerating into an AI-driven era: embracing risk, scaling up identity budgets, and rethinking access for both humans and machines. Read on for key trends shaping the next wave of identity security.

The State of Agentic AI in Identity Security

Wed, 21 May 2025 00:00:00 GMT

Security leaders aren’t just experimenting with AI—they’re rapidly integrating agentic AI into high-stakes workflows like identity provisioning and network defense. C1’s 2025 Identity Security Outlook Report reveals that urgency is driving adoption, but with thoughtful strategies and real concern for risk.

AI in Identity and Access Management: Are You Ready?

Wed, 14 May 2025 13:00:00 GMT

While AI transforms identity and access management, it creates urgent security risks. Understand the IAM challenges posed by AI agents & the path forward.

The AI Identity Problem

Wed, 23 Apr 2025 12:00:00 GMT

AI agents are changing the identity landscape, but legacy IAM systems weren’t built for them. These fast-moving, ephemeral identities require dynamic access, machine-speed decisions, and a new model of governance. In this post, we break down the AI identity problem—and what it takes to solve it.

The Divergent AI Landscape: Making Sense of Agentic AI

Wed, 16 Apr 2025 12:00:00 GMT

Explore the evolving world of agentic AI. Learn the three core types of AI agents—company, employee, and agent-to-agent—and the identity, security, and governance challenges they introduce.

Is Enterprise SaaS Dying?

Tue, 15 Apr 2025 13:00:00 GMT

AI won’t kill enterprise SaaS—but it will force it to evolve. Learn why the real value in SaaS lies beyond code, and how platformization, expertise, and agentic AI will separate the winners from the rest.

The Inevitable AI Wave: Modeling the AI Agent Explosion

Wed, 09 Apr 2025 11:00:00 GMT

AI agents are set to outnumber humans 25 to 1—and this blog breaks down what that means for identity and access management. Drawing from the evolution of servers to serverless, learn how companies must rethink their approach now or risk being overwhelmed by an imminent surge of short-lived, high-density AI identities.

One Size Doesn’t Fit All: Expanding Beyond IdP-Based Provisioning

Mon, 07 Apr 2025 07:00:00 GMT

Let’s break down where IdP-based provisioning falls short and how C1 can help you expand beyond it.

Introducing Arbitrary Access Control by C1

Tue, 01 Apr 2025 11:00:00 GMT

Embrace the chaos. Introducing Arbitrary Access Control: the first AI-powered access control tool designed to ignore your policies and do its own thing.

Crawl, Walk, Run: Solving Your Identity Crisis

Thu, 20 Mar 2025 13:00:00 GMT

Managing identity security is increasingly complex, with blind spots, over-permissioned users, and the rise of non-human identities. A crawl, walk, run approach helps organizations gain visibility and automate identity governance for stronger security.

One platform, Every Identity: Announcing Unified Identity Governance for Human and Non-Human Identities

Tue, 25 Feb 2025 02:00:00 GMT

Announcing Non-Human Identity Governance, a new suite of capabilities that allow C1 customers to inventory, manage, and secure NHIs and AI agents. Govern every identity—human, machine, or AI—from one unified platform.

Some Like It Hot: IGA Hits the Big Time

Thu, 13 Feb 2025 13:00:00 GMT

This is an amazing time to be part of the identity landscape. Long ignored, identity is now seen as foundational to security — and companies are catching on, as evidenced by C1's incredible past year and the success for other identity vendors in the market. Read on to learn why everyone is suddenly embracing identity.

CMMC: What Is It and How to Comply Using Modern Identity Governance

Mon, 06 Jan 2025 13:00:00 GMT

As of December 2024, all contractors and subcontractors working with the US Department of Defense must comply with the Cybersecurity Maturity Model Certification (CMMC) program to protect sensitive government information. Learn more about the CMMC and how to meet its core identity-related requirements.

Introducing Auditor-Ready Data Accuracy Reporting

Tue, 03 Dec 2024 12:00:00 GMT

Announcing auditor-ready data accuracy reporting — a new feature that makes proving accuracy for access reviews simple and automatic.

The NIS2 Directive: What to Know and What It Means for Identity Security

Sat, 30 Nov 2024 13:00:00 GMT

As of October 2024, all EU member states are required to have laws enforcing the NIS2 Directive, a cybersecurity framework aimed at protecting Europe’s critical infrastructure and services from cyberattack. Learn about NIS2, whether your business needs to comply, and best practices for meeting NIS2’s core identity security requirements.

Designing a Great User Experience

Sat, 16 Nov 2024 13:00:00 GMT

As we continue to add new features and deeper capabilities to C1, our product designers and software engineers have the challenging task of making the platform even simpler and more intuitive to use. Learn all about their approach to UI design and check out our latest UI updates!

Closing the Door on Group Sprawl: Lessons from Spotnana's Security Journey

Fri, 08 Nov 2024 13:00:00 GMT

Group sprawl is real—and a major security concern for today's companies. In our latest webinar, Ben Godard, Head of Security at Spotnana, covered the risks created by groups and how to solve them. Here are the takeaways!

Announcing Identity Lifecycle Management

Mon, 23 Sep 2024 13:00:00 GMT

Introducing identity lifecycle management, a new solution from C1 that automates access provisioning and deprovisioning for joiner, mover, and leaver workflows.

Growing Together: A Chat with the Summer Intern C1rew

Fri, 06 Sep 2024 13:00:00 GMT

Our engineering interns were integral to one of our biggest product updates this summer. Before moving on to the next steps in their degrees and careers, they chatted with us about working on the project and being part of the C1rew!

Identity Is the New Perimeter — Here’s How to Lock It Down

Wed, 04 Sep 2024 13:00:00 GMT

Thanks to the success of zero trust, attackers are finding it harder to execute traditional breach tactics—so they've shifted their focus to identity. Here are practical steps you can take to shore up your defenses against identity-based attacks.

All Aboard: Analyzing Success in Cybersecurity with Ross Haleliuk

Fri, 30 Aug 2024 13:00:00 GMT

In the newest episode of the All Aboard Podcast, C1 CEO Alex Bovee is joined by Ross Haleliuk, author of Venture in Security and one of the most respected voices in the cybersecurity industry, to talk about what success in the industry means and where the industry is heading.

How Often Should You Run User Access Reviews?

Tue, 27 Aug 2024 13:00:00 GMT

Regularly reviewing who has access to your critical systems and data is an essential cybersecurity practice, but preparing and running user access reviews can be… daunting. How often should you run reviews to stay secure and compliant? And how can you make them less painful?

Q2 Release Roundup

Thu, 22 Aug 2024 13:00:00 GMT

It's August, the start of Q3! Which means it's time to take a quick look back at everything we released in the last quarter—before we hit the gas on our product plans for the rest of the year.

Light IGA — Is It Right for You?

Sun, 18 Aug 2024 13:00:00 GMT

The term “light IGA” loosely categorizes a crop of new solutions that don’t line up neatly with the traditional definition of IGA. This post covers what the term means, the wide range of light IGA tools on offer, and what companies should think about when considering light IGA options.

Top 5 Ways to Clean Up Your Identity and Access

Mon, 12 Aug 2024 13:00:00 GMT

Most enterprises are just beginning their IAM hygiene journey, with the initial goal to achieve visibility and clean up glaring access risks. This journey can be challenging, but you can significantly enhance your organization's security posture with incremental IAM improvements.

All Aboard: From Fear to Excitement: AI Agents in Security

Tue, 06 Aug 2024 13:00:00 GMT

In the latest episode of the All Aboard Podcast, C1 CEO Alex Bovee talked to security veterans Nancy Wang and Ashish Popli. The trio tackles one of the hottest topics in the security industry today: AI agents. Together, they discuss the implications and promise behind these agents and the impact they think AI agents will have on the industry.

Moving Beyond Zero Trust

Mon, 05 Aug 2024 13:00:00 GMT

The security concept of zero trust has seen wide adoption in the last decade, creating real security gains—and new security challenges. We're now getting signs that zero trust alone won't be enough to combat evolving identity-based breach tactics. What will the post–zero trust era look like?

The Growing Threat of AI-Driven Social Engineering

Wed, 31 Jul 2024 13:00:00 GMT

Social engineering is a broad term used to characterize a set of tactics and techniques used to manipulate individuals into divulging confidential information or performing sensitive actions. These attacks have been around for years, but with the emergence of AI, the sophistication and volume of these attacks has only increased. Dive into how generative AI is going to increase the threat of social engineering, and how organizations can protect themselves against it.

NYDFS 23 NYCRR 500 and Least Privilege Access

Mon, 29 Jul 2024 10:00:00 GMT

Earlier this year, amendments were made to the NYDFS 23 and NYCRR 500. Both changes reflecting a response to the significant growth in cybersecurity threats. Learn more about the these amendments, how they're related to the principle of least privilege, and how organizations can ensure compliance with them.

Moving on from Legacy IGA—Why Users Won’t Go Back

Wed, 24 Jul 2024 13:00:00 GMT

Legacy IGA solutions have been the norm in the identity space for a long time. However, these solutions are not without issues. Check out this blog post to learn more about the common challenges legacy IGA poses through real world examples.

Five Takeaways from the Snowflake Attack

Mon, 22 Jul 2024 13:00:00 GMT

Breaches are far from uncommon in the cybersecurity landscape, however, each incident can serve as a learning experience. The recent Snowflake attack serves as a similar scenario. Dive into C1 CEO Alex Bovee's thoughts on how this breach came to happen, what we can learn from it, and the best steps companies can take moving forward to prevent reoccurrences.

Introducing Helpdesk Provisioning and Automation

Wed, 17 Jul 2024 13:00:00 GMT

We're excited to introduce two new ways to streamline helpdesk workflows using C1 — giving customers even more flexibility in customizing our platform to suit their environment and workforce.

All Aboard: Breaking Down Least Privilege and Zero Standing Privilege with Ian Glazer

Mon, 15 Jul 2024 13:00:00 GMT

In the newest episode of the All Aboard Podcast, C1 CEO Alex Bovee is joined by Weave Identity founder and president Ian Glazer to discuss tactics for applying the concepts of least privilege and zero standing privileges to any identity security program.

The Importance of the End User Experience

Thu, 11 Jul 2024 01:00:00 GMT

Companies that prioritize creating great end user experiences as part of their overall identity security program are seeing both productivity and security gains. Learn about their approach and how to build it into your own strategy.

Announcing Access Control for Your Access Controls

Wed, 03 Jul 2024 01:00:00 GMT

We're excited to announce the ability to control access – for those who control access! C1 customers can now monitor, review, and request fine-grained entitlements for the C1 app, in the C1 app.

All Aboard: Security Strategy for Startups with Rob Picard

Tue, 25 Jun 2024 13:00:00 GMT

In the latest episode of the All Aboard Podcast, C1 CEO Alex Bovee talked to Rob Picard, the CEO of Observa, a consulting firm focused on helping startups develop strong security programs. Rob shared invaluable insights from his experience crafting robust security strategies tailored for early-stage companies.

NIST CSF 2.0: What to Know

Mon, 27 May 2024 00:00:00 GMT

In February, the National Institute of Standards and Technology (NIST) released a major update to its cybersecurity framework (CSF), which businesses and government organizations use as guidance for mitigating cyber risks. Read on to learn what's new with NIST CSF 2.0 and how to implement its guidelines.

The 2024 Identity Security Outlook Report

Tue, 21 May 2024 00:00:00 GMT

Announcing the release of the 2024 Identity Security Outlook Report! Learn security leaders' top concerns and priorities for identity security, access management, and zero standing privileges in 2024.

Announcing Access Conflicts

Tue, 14 May 2024 00:00:00 GMT

Introducing automated access conflicts monitoring and alerts! C1 customers can now proactively detect separation of duties (SoD) conflicts for enhanced security and streamlined compliance.

All Aboard: Spicy Takes with David Lee, the Identity Jedi

Thu, 02 May 2024 13:00:00 GMT

Identity security is becoming a hot topic. So C1 CEO Alex Bovee invited David Lee, the Identity Jedi, to share hot wings and spicy takes on the past, present, and future of identity security for a special edition of the All Aboard podcast.

The SSO Tax: What It Is and Why It Sucks

Fri, 26 Apr 2024 07:00:00 GMT

In recent years, software vendors have used the importance of SSO to their advantage, building SSO-implementation fees into their pricing—a practice that’s come to be known as the “SSO Tax," a cause of major frustration for companies of all sizes and budgets.

Announcing Support for Webhooks

Tue, 23 Apr 2024 01:00:00 GMT

We're excited to announce support for webhooks! C1 customers can now use webhooks to trigger access control workflows across their environment.

Your Problems Aren't Unique: How to Build a Foundation Against Overprivileged Access in Any Environment

Thu, 11 Apr 2024 13:00:00 GMT

Does overprivileged access keep you up at night? Learn foundational steps for reducing privileges and increasing security that work for every environment, no matter how complex or unique your challenges may seem.

Introducing Baton Feeds

Wed, 03 Apr 2024 13:00:00 GMT

Learn all about Baton feeds, Baton's newly released low-latency streaming capability. In this dev blog, we cover how feeds works, how to add it to a Baton connector, and the new functionality it enables.

Securing America’s Ports: The Biden-Harris Initiative on Maritime Cybersecurity

Fri, 22 Mar 2024 01:00:00 GMT

The Biden-Harris administration recently announced an initiative to strengthen maritime cybersecurity. In this post, we’ll explore the key elements of the initiative and their implications for the maritime industry and industries like it.

Introducing shadow app detection, tracking, and management in C1

Tue, 19 Mar 2024 13:00:00 GMT

We're excited to announce C1’s new shadow app functionality, which enables customers to identify and monitor logins to unauthorized apps and bring those apps under full management in the platform.

Introducing C1's Identity Graph: Unified Identity, Access, and Authorization Across Your Complex Environment

Wed, 31 Jan 2024 07:00:00 GMT

We believe companies need comprehensive visibility into access across their systems to protect identity in today's complicated environments. C1's Identity Graph provides that unified visibility and underpins the platform's new security dashboard and powerful new search and visualization capabilities.

NYDFS Regulation: What It Means for Access Controls and How to Comply

Tue, 30 Jan 2024 19:00:00 GMT

The NYDFS recently updated its cybersecurity regulations, requiring companies to implement stricter access controls than ever before to protect sensitive data. Learn more about the new rules and how to comply.

Zero Trust in Practice: How We Keep Customer Data Secure at C1

Wed, 17 Jan 2024 07:00:00 GMT

Our company mission to “secure the workforce” guides not only how we design our platform but also our multilayered internal approach to protecting customer data.

C1 Named a Fortune Cyber 60 Company

Wed, 13 Dec 2023 12:00:00 GMT

We’re honored to announce that C1 has been named a Fortune Cyber 60 company! This recognition underscores the dedication of our team, our traction in the market, and the strong, enduring relationships we’ve built with customers. Everyone at C1 is grateful to Fortune and Lightspeed for this prestigious accolade!

Introducing the First AI Assistant for Identity Governance: C1 Copilot

Wed, 06 Dec 2023 10:00:00 GMT

Announcing C1’s Access Copilot, an AI assistant that changes the game for traditional identity governance. Copilot provides recommendations and automation that streamline your business and keep you more secure.

Traditional PAM is Dead, Long Live Just in Time Access

Mon, 20 Nov 2023 12:00:00 GMT

For the modern, cloud-forward company, strategies for securing infrastructure and identity are changing at a breakneck pace. MFA and trditional PAM are not sufficient for securing access in the cloud. Dive into the future of PAM through least privilege and JIT access in this blog.

Announcing Conditional Access Policies in C1

Thu, 16 Nov 2023 08:00:00 GMT

Announcing the launch of our new feature: Conditional Access Policies! Reduce risk, secure data, and govern access with the next step in touch free automation. Dive into conditional policies and learn more about our mission.

HARBleed: When History Doesn't Repeat, But It Does Rhyme

Wed, 25 Oct 2023 12:00:00 GMT

The cybersecurity landscape is marked by breaches that serve as learning pivots. The Okta's recent incident shares a thematic lineage with one of the most notorious security lapses in history: Heartbleed. Delve into the C1 coined concept termer "HARBleed," which highlights its procedural kinship with Heartbleed and emphasizing the lurking danger represented by bearer tokens.

Why Modern Organizations Need Next Generation IGA Webinar

Wed, 30 Aug 2023 12:00:00 GMT

How can you get visibility into all identities, let alone manage the access each user has? Simon Moffat, founder and research analyst at The CyberHut, and Alex Bovee, C1’s CEO, discuss these challenges facing the modern enterprise and more on this webinar hosted by The CyberHut.

Announcing Our Felicis Led Series A Expansion to $27M

Tue, 08 Aug 2023 09:00:00 GMT

We are thrilled to share that C1 has expanded our Series A funding to 27M, led by venture capital firm, Felicis. Learn about all of the amazing people who helped us get here and our plans for future growth.

Launch Week Recap

Fri, 28 Jul 2023 09:30:00 GMT

After our first successful launch week, here is a brief recap of everything we released and some future happenings just in case you missed it.

Baton: The Open Source Fabric Powering Identity Security

Thu, 27 Jul 2023 09:30:00 GMT

Baton, our open-source C1 connector project, provides the connective tissue to communicate and orchestrate identity security workflows to any technology. Learn more about what we've been working on with Baton, and how it furthers our goal of securing workforce identity.

Announcing Cloud Privileged Access Management

Wed, 26 Jul 2023 09:00:00 GMT

Introducing Cloud PAM: our developer-first solution for security engineering teams to manage privileged access and grant temporary elevated access while securing the most sensitive resources and mitigating privilege abuse, as-code, from a unified access control plane. Learn all about CPAM and why we built it here.

Announcing Hybrid Infrastructure Support

Mon, 24 Jul 2023 09:00:00 GMT

In the landscape of modern tech, companies are all at various stages of digital transformation. C1 meets you where you are with our broad range of connectors that cater to cloud applications, backoffice and homegrown systems.

Redefining Identity Security: C1's Inclusion in the InfraRed 100

Wed, 19 Jul 2023 09:00:00 GMT

We are thrilled to share that C1 has been recognized as one of Redpoint Venture Capital's InfraRed 100 list.

C1 … 2.0: An update to our values.

Thu, 01 Jun 2023 10:00:00 GMT

With great thought and consideration, we have debated, collaborated, and eventually refined our company values and are excited to share our updated version!

Embracing the SaaS Mindset: "There's an App for That"

Wed, 26 Apr 2023 13:00:00 GMT

"There's an app for that" has become the new norm to navigate the growing software ecosystem. Automation is key to finding this balance.

Rethinking Access Management: Centralization vs. Decentralization

Tue, 18 Apr 2023 13:00:00 GMT

Rethinking access management and finding a balance between centralization and decentralization is vital to ensure your organization remains responsive to these changes.

Inside Scoop with Ramp's Head of Security Assurance

Fri, 31 Mar 2023 19:00:00 GMT

Hear the inside scoop on, the Head of Security Assurance at Ramp, Paul Yoo's journey to finding C1 and how the partnership has changed the way Ramp achieves compliance. Learn more about Ramp's journey and hear from Paul himself on how C1 has saved him and his team time and effort on exceeding security goals.

The Great Convergence of IT and Security

Thu, 30 Mar 2023 15:00:00 GMT

The lines between IT and Security are becoming increasingly indistinct. This convergence is fostering a new era of collaboration, adaptability, and shared responsibility. Hear our CTO Paul Querna's thoughts on this complex topic and his outlook on the future of the current security climate.

Secrets, Key Rotation, and the Role of Automation

Fri, 24 Mar 2023 14:00:00 GMT

GitHub's accidental leak of their SSH RSA server private key sheds light on security best practices. What can we do to prevent other such breaches and increase our security posture. Our CTO Paul Querna gives his take.

Continuing the Journey to Least Privilege: Introducing Access Requests

Wed, 08 Mar 2023 15:00:00 GMT

Introducing Access Requests: Self-service access requests for your employees via Slack or a web catalog, automatic approval routing, and just-in-time provisioning.

Reimagining Identity Governance

Fri, 03 Mar 2023 16:00:00 GMT

Alex Bovee had the opportunity to speak with Lisa Cook from ISACA to discuss all things identity. Hear the full recording and learn more about their views on modern businesses and bridging the gap between compliance measures and security outcomes.

How to Roll Out Passkeys and Block Phishing Attacks

Wed, 01 Mar 2023 13:00:00 GMT

Moving to phishing and social engineering proof authenticators is a must. One of the most effective ways to implement this is through physical passkeys. In this practical guide, learn more about the key steps to roll out physical passkeys for your company.

Making Sense of the Users, Accounts, and Access in your SaaS and IaaS Apps with a Unified Directory

Tue, 28 Feb 2023 13:00:00 GMT

We have taken identity a step further with our new feature - unified directories! Learn more about how this new feature provides a single, consolidated source of truth for all humans that interact with your organization.

Travis McPeak, CEO and Co-Founder of Resourcely, on Shifting DevSecOps Left and Making Developers More Productive

Fri, 24 Feb 2023 20:00:00 GMT

The first in our video interview series, Alex Bovee had the opportunity to talk with Travis McPeak about emerging trends in security, compliance, and platform engineering.

When Attacks Go … Well? Key Takeaways From the Reddit Hack

Wed, 15 Feb 2023 16:00:00 GMT

Phishing has become increasingly prevalent, as seen in Reddit's account compromise last week, and standing privileges and sensitive access pose significant risks. We need to shift to zero standing privileges to secure our access and infrastructure.

SOC2 and Least Privilege Access Control

Wed, 01 Feb 2023 15:00:00 GMT

Least privilege access control has become the guiding principle for granting ass for SOC 2 compliance, but it can seem daunting to tackle this challenge with so much gray area. Learn how can you practically implement least privilege access controls.

When Threat Models Collide

Fri, 27 Jan 2023 15:00:00 GMT

Insider and outsider threats are starting to look the same - hackers are stealing identities or logged in sessions. Our approach to a solution? A pragmatic least privilege maturity curve.

ChatGPT and How AI will Impact Security

Fri, 06 Jan 2023 16:26:00 GMT

Thoughts on ChatGPT, AI, and the long ranging security impacts - especially to phishing and social engineering based attacks.

Baton and the Journey to Identity Security and Unified Access Control

Tue, 06 Dec 2022 16:26:00 GMT

To realize our vision of securing workforce identity, we needed to be able to connect to any technology, anywhere – and this required a new approach. Baton is our answer.

Technical Deep Dive: Using Baton to Audit Infrastructure Access

Tue, 06 Dec 2022 16:00:00 GMT

Getting started with Baton: how to extract, normalize, and interact with identity data using open source Baton connectors.

Announcing Baton, an Open Source Toolkit for Auditing Infrastructure User Access

Tue, 06 Dec 2022 15:00:00 GMT

Announcing Baton, the first open source toolkit to extract, normalize, and interact with identity data from any app, with a standardized but extensible data model.

Achieve Least Privilege Access with C1 + Okta

Mon, 07 Nov 2022 08:00:00 GMT

Learn how organizations using Okta can supercharge their IAM security strategy and achieve least privilege access with C1

How to Be SOC2 Compliant: A Checklist for Security Teams

Wed, 02 Nov 2022 17:52:42 GMT

Your first SOC2 audit can seem daunting. Use this checklist to build a strong security strategy that will put you on the right path to compliance.

Birthright Access is Broken

Thu, 27 Oct 2022 13:00:00 GMT

Birthright access is an anti-pattern for secure, least privilege access control.

Running Your UAR Campaigns: Product Deep Dive

Thu, 27 Oct 2022 13:00:00 GMT

Following our last post on scoping UARs with C1, today we're diving into running the campaign, the reviewer experience, and reporting out to auditors.

Architecting Zero Trust: Twingate + C1

Tue, 25 Oct 2022 14:00:00 GMT

Twingate and C1 partnered to provide customers with a Zero Trust solution that gives you just-in-time, time-based remote access to your private resources and networks.

Scoping Your UAR Campaigns: Product Deep Dive

Thu, 20 Oct 2022 13:00:00 GMT

We're breaking down and exposing all of our product functionality so you can see how easy it is to scope and set up a UAR campaign with C1.

Best Practices for More Secure AWS IAM

Tue, 18 Oct 2022 13:00:00 GMT

AWS IAM can be unwieldy–setting up permissions is complicated and can leave gaps in security when unnecessary access is granted. Learn how to make AWS IAM more secure with best practices for least privilege access controls.

Automating Compliance Controls to Achieve Least Privilege Access

Wed, 12 Oct 2022 13:00:00 GMT

Modern security teams are automating traditional compliance controls to reduce the risk posture for an organization – what we're calling security-led governance.

Dancin’ in September: What’s New in C1

Fri, 30 Sep 2022 13:00:00 GMT

C1 is excited to announce new features, including: OneLogin, Azure AD and Ramp connectors, as well as delegated provisioning for entitlements.

Hot Summer, Cool New Features: What’s New in C1

Thu, 25 Aug 2022 13:00:00 GMT

C1 is excited to announce new features, including: a Salesforce connector, Slack reminders for access review tasks, and the ability to connect Amazon S3 datasources.

Implementing Least Privilege Access: Tailscale + C1

Tue, 02 Aug 2022 15:00:00 GMT

C1 gives you the power to automate Tailscale access requests, build custom automated access review workflows, and pull audit reports in a few clicks.

C1 at Black Hat: Future Proofing Workforce Security

Tue, 26 Jul 2022 13:00:00 GMT

Meet C1 at Black Hat and learn about the future of identity governance.

Buckle Up! C1 Raises $15M In Series A Funding to Solve Identity Security Challenges

Thu, 23 Jun 2022 13:00:00 GMT

We are thrilled to share that C1 has raised our Series A.

Announcing our SOC2 Type 2 Certification

Fri, 03 Jun 2022 07:00:00 GMT

We are proud to announce that C1 has received SOC2 Type 2 certification.

Least Privilege Access: What You Need to Know

Thu, 19 May 2022 07:00:00 GMT

As one of the core tenants of zero trust, least privilege access is probably the least understood and the hardest to reach today. At the highest level, think of least privilege access as providing people – or identities more generally – the access they need to do a job, and for no longer than they need it.

Access Control: Taming Group Sprawl

Thu, 05 May 2022 07:00:00 GMT

IT, Security, and GRC teams have long held a love-hate relationship with directory groups. Groups enabled companies to scale permissions for a time, but the proliferation of directory groups is now causing major headaches for security.

4 Tips for Crafting Your Startup’s Values

Thu, 03 Jun 2021 07:00:00 GMT

Company values are critical to early-stage startups. Here are four tips that helped guide C1.

What’s Next for Zero Trust?

Wed, 26 May 2021 07:00:00 GMT

Zero Trust is accepted as a superior technical security architecture for the world outside of the corporate network. So what comes next?

Announcing C1’s $5M Seed Funding

Mon, 05 Apr 2021 13:30:00 GMT

Today we’re announcing that C1 has secured $5M in seed funding, in a round led by Accel, and joined by Fuel Capital, Active Capital, and Fathom Capital.

Why Identity Needs to Shift Left

Wed, 31 Mar 2021 07:00:00 GMT

“Shifting left” has become a critical mindset to fix problems in modern security practice that have remained unsolved, despite increased governance and visibility.

The Company We’re Building at C1

Sun, 21 Mar 2021 07:00:00 GMT

At C1, we've wanted to be intentional from day one, especially about our company values.

Hi, We're C1

Tue, 13 Oct 2020 07:00:00 GMT

We’re excited to tell you about our new company: C1. We’re on a mission to unify permission management for the web and modern infrastructure.