InfosecTrain

The landscape of identity governance is shifting from manual workflows to intelligent, automated ecosystems. With the release of SailPoint IdentityIQ (IIQ) 8.5, organizations are gaining powerful new tools to secure the digital identity lifecycle.
In this deep dive, brought to you by InfosecTrain, we explore the extensive features of the 8.5 update from GenAI-generated entitlement descriptions to proactive risk detection.
Key Highlights of SailPoint IIQ 8.5:
Advanced Lifecycle Management (LCM): Moving beyond basic Joiner-Mover-Leaver (JML) processes. Learn how to trigger custom workflows for contract extensions and project-specific role expirations.

GenAI Integration: SailPoint now leverages AI to autogenerate clear, natural-language entitlement descriptions, making it easier for business users to understand what they are approving.

Microsoft Teams Connectivity: Approvers no longer need to log into the SailPoint dashboard. Decisions can be made directly within Teams, with all actions logged and synced back to the IIQ core.

Identity Access History: Building on the 8.4 foundation, 8.5 offers an enhanced graphical view of a user's access history, allowing admins to track every role change and provisioned application over time.

Anomaly & Risk Detection: Improved modeling to detect "toxic combinations" of access (Segregation of Duties) before they become security vulnerabilities.
Expert Integration Tips:

Prioritize REST APIs: Move away from delimited CSV files. REST APIs are lighter, more reliable, and provide better version control for cloud-based applications.

Version Control & Sandboxing: Always test integration compatibility in a dedicated sandbox before upgrading production environments to avoid Java or connector-level failures.

Automated Retry Mechanisms: Implement back-off and retry logic in your API calls to handle temporary system unavailabilities without breaking the user experience.

🎧 The future of IIQ: While 8.5 is the current gold standard, industry rumors suggest the next leap will be a major version 9 release. Stay ahead of the curve by mastering the 8.5 features today.

Watch the full episode on YouTube: https://www.youtube.com/watch?v=u25pnaJeGpQ

Google is a search engine. ChatGPT is a chatbot. But what is Perplexity? If you’ve ever felt like AI gives you outdated answers or "hallucinates" facts, you’re looking for an Answer Engine.
In this episode of InfosecTrain AI Mastery, we dive into the mechanics of Perplexity AI. We explore how it uses Retrieval-Augmented Generation (RAG) to scan the live web and fact-check its own answers in real-time. Whether you are a researcher, a developer, or a cybersecurity professional, understanding this "multibrand store" of AI models is a game-changer.
Key Discussion Points:
The "Answer Engine" Revolution: Why search engines provide links, but Perplexity provides synthesized truths.

The Power of RAG: Understanding Retrieval-Augmented Generation and how it kills AI hallucinations.

The Multimodel Feature: How to switch between Gemini, Claude, and GPT-4 inside a single interface.

Beyond the Chatbox: A live demo of "Comet," the AI browser agent that can negotiate prices and apply for jobs on your behalf.

Fact-Driven Synthesis: Why citations are the most important feature you didn't know you needed.

The Privacy Debate: How Perplexity stacks up against Claude and OpenAI in terms of data retention.

Stop searching and start finding. Learn how to use AI not just to write emails, but to navigate the live web with precision.
Watch the full episode on YouTube: https://www.youtube.com/watch?v=uwi3M_jXjnw

Is an IT Auditor just a "hacker with a clipboard"? Not even close. In a world where regulatory fines are skyrocketing and AI is rewriting the rules of governance, the role of a GRC Auditor has shifted from "ticking boxes" to becoming a critical pillar of business resilience.
In this episode of InfosecTrain Tech Talk, we break down the complete roadmap for anyone looking to enter or level up in the world of IT Audit. We move past the jargon to explain why technical knowledge is only half the battle and why "Business Context" is the ultimate tool in an auditor's arsenal.
What You’ll Learn in This Episode:
The IT Audit Myth: Why IT auditing is not about penetration testing or hacking, but about providing "Assurance".

The "Trust but Verify" Principle: How to maintain professional skepticism without being cynical.

Root Cause Analysis: Why you should always ask "Why" five times to find the real problem.

The Framework Overlap: Navigating ISO 27001, NIST, and SOC 2 without getting lost in the paperwork.

Top 11 IT Risks: A deep dive into strategy, governance, and the often-overlooked CMDB (Configuration Management Database).

The Certification Ladder: Which "C" should you chase first? Comparing CISA, CIA, CISM, and CISSP.

🎧 Success in audit isn't just about what you find; it's about how you communicate it. Learn how to translate a technical finding into a business impact that the Board of Directors actually cares about.
Watch the full episode on YouTube: https://www.youtube.com/watch?v=0KrocbLvlzw

What keeps a CISO up at night? Hint: It’s probably not what you think. While the headlines scream about "genius hackers", the real battle in 2026 is being fought over resilience, identity, and the psychological warfare of AI-driven scams.
In this episode of InfosecTrain Tech Talk: Real World Decoded, we sit down with seasoned risk professional Nizamuddin Khaja to peel back the curtain on the modern security leadership mindset. We move past the technical jargon to explore why cybersecurity is a "decision-making problem" rather than a "technology problem".

Key Discussion Points:
The Resilience Shift: Why the question is no longer "Will we be hacked?" but "How fast can we recover?"

The Invisible Boundary: Managing the nightmare of vendor and supply chain risks in a borderless digital world.

Human Psychology vs. Intelligence: Why even the smartest employees fall for phishing and how hackers exploit "urgency".

The 24-Hour War Room: A CISO's step-by-step checklist for the first 24 hours of a major airline or bank breach.

The Rise of the "Deepfake" Scam: How voice cloning and $25M impersonation frauds are changing the threat landscape.

A Passwordless Future: Is the era of the "Secret Question" finally over?.

🤚 Stop. Think. Act. Learn the "Verification Discipline" that every digital citizen needs to survive the next five years of AI evolution.

Watch the full episode on YouTube: https://youtu.be/LPnlRbplGJE?si=DPHCZD6DaSpAMsKR

Is AI Governance the new "must-have" for cybersecurity professionals? As AI transitions from a luxury to a corporate mandate, the need for certified experts to manage risk and compliance is skyrocketing. In this episode, we break down everything you need to know about the IAPP AIGP certification, the globally recognized gold standard for governing artificial intelligence.
Join the experts at InfosecTrain as we navigate the intersection of AI, data privacy (GDPR), and information security. Whether you are a risk manager, a privacy officer, or a tech enthusiast, this guide provides the strategy and mindset needed to master the AIGP exam and lead in the AI-driven IT service industry.

Inside This Episode:
The AIGP Value Proposition: Why AIGP is becoming a de facto requirement for AI governance roles.

Beyond the Code: Why you don’t need to be a developer to excel in AI governance.

The Three Pillars: Understanding the critical intersection of Privacy, AI Governance, and Information Security.

Exam Flavors & Bias: A deep dive into temporal bias, sampling bias, and how they impact regulatory compliance.

Governance Models: Comparing Centralized, Decentralized, and Hybrid models for your organization.

The "Black Box" Challenge: Tackling explainability and automated decision-making under GDPR.

Pro Exam Tips: How to handle case studies and the mindset of an AI Risk Manager.

🎧 Elevate your career with world-class training in AI, Cloud, and Cybersecurity.

📺 Watch the full episode on YouTube: https://youtu.be/36d8ykIHbNI?si=mEIIz8rCaiYnXByK