Attackers have pivoted from traditional malware to exploiting valid credentials, navigating across domains, and abusing Software as a Service (SaaS) applications. As a result, defense strategies must adapt to counter these emerging threats. Zeki Turedi, CrowdStrike's field CTO, emphasizes the need for enhanced visibility, hardened identity paths, and timely threat detection to prevent exploitation from spreading across hybrid environments1. The shift towards identity-based threats has significant implications for security posture, as attackers can now move laterally within networks using legitimate credentials. This evolution in tactics necessitates a proactive approach to securing identity pathways and monitoring for suspicious activity. The ability to detect and respond to these threats in real-time is crucial, as the consequences of a successful attack can be severe. So what matters most to security practitioners is recognizing that identity threats now pose a greater risk than traditional malware, requiring a fundamental shift in defense strategies.
Why Identity Threats Push Defense Beyond Malware
⚡ High Priority
Why This Matters
CrowdStrike's Zeki Turedi on Cross-Domain Identity Threats and SaaS Blind Spots Attackers have shifted from classic malware to valid credentials, cross-domain movement and SaaS.
References
- Bank Info Security. (2026, March 13). Why Identity Threats Push Defense Beyond Malware. Bank Info Security. https://www.bankinfosecurity.com/identity-threats-push-defense-beyond-malware-a-31014
Original Source
Bank Info Security
Read original →