Writing

Essays, analysis, and practitioner perspectives on identity governance, IT audit, and cybersecurity controls.

Featured

April 16, 2026 · Jeff Purrington

The Clock Is Ticking: Why Versionless Identity Security Is No Longer Optional

AI is collapsing the window to patch from five days to five minutes. In an era of AI-powered zero-days and supply chain attacks, your identity security vendor's update cadence is no longer a product detail — it's a risk decision.

identity securityversionlesszero-daySaaScybersecurityAISailPoint

Featured

April 3, 2026 · Jeff Purrington

The Ghost in the Machine: Why AI Agents Are the Next Frontier for IT Audit

The IT General Controls that have governed enterprise technology for decades weren't built for AI Agents. Here's what's breaking — and what to do about it.

agentic AIIT auditidentity governanceITGCnonhuman identities