Cross-Silo Connectivity · Deep dive 01

The boundary that fails is usually the identity one

Token theft and credential capture cross trust boundaries that networks alone cannot hold. Identity controls that stand up even when one side is compromised.

Draft outline · Security lens
The anchor

Two 2025 patterns make the point: OAuth device-code phishing steals tokens that cross tenant and app boundaries, and Salt Typhoon captured TACACS+ credentials to move between networks. The boundary that gives way is rarely the firewall, it is the identity trust between the two sides.

Sources we build on
Primary

Primary source on token-theft and consent techniques that cross trust boundaries.

Journalism

Independent reporting on TACACS+ capture enabling movement between networks.

Article outline
  1. Silos trust each other via identity. The real connective tissue between boundaries.
  2. How that trust is stolen. Token theft and credential capture in 2025.
  3. Controls on both sides. Not assuming either side stays clean.
  4. Scoping and short lives. Least privilege and short-lived credentials across the boundary.
  5. Detecting cross-boundary abuse. What to watch and where.
How it aligns to what we do

A security piece that reframes cross-silo connectivity as an identity problem, which is both accurate and distinctive. It matches the product's identity lens and avoids the hardware cross-domain-solution framing we do not sell.

Points to hit
Control it ratifies
ISM / E8 ISM identity, authentication and cross-domain access controls; supports E8 MFA and restrict-admin on both sides of the boundary.