In the latest episode of Talking Security – MVP Security Insights, we (Frans Oudendorp & Pouyan Khabazi)had the pleasure of sitting down with Eric Woodruff, Chief Identity Architect at Semperis.
Eric’s journey in identity spans nearly two decades, from managing Active Directory in the New York State Courts to shaping the identity strategy for a leading identity-first security company. In this episode, we explore the evolution of his career, the current state of Entra ID, and what the future holds for identity and access management.
🔍 Highlights from the Conversation
✅ Finding His Place in Cybersecurity
Although Eric had years of experience managing AD and supporting customers as a Microsoft PFE, it wasn’t until joining Semperis that he felt truly “in” cybersecurity. That pivotal moment sparked a deeper focus on identity security, research, and the operational challenges many organizations face today.
🧭 Identity Strategy in the Cloud Era
As Chief Identity Architect, Eric is helping Semperis guide its own Entra tenant while building resilient, scalable identity strategies for their SaaS offerings. He shares the real-world challenges of navigating hybrid environments and cloud-first approaches.
🔐 Security Research That Matters
One of the standout topics was the UnOAuthorized project, where Eric and his team uncovered hidden privilege paths in Entra ID. This research continues to raise awareness about configuration gaps that can silently introduce risk in even well-managed environments.
🌍 Global Challenges, Local Realities
From regulatory pressure to complexity in multi-cloud and hybrid identity, Eric offers a grounded view of the most pressing identity challenges—and how organizations can respond with agility and clarity.
🧠 Learning Identity Today: Cloud-First, But Context-Aware
What does it mean to learn identity in a cloud-first world? Can someone new to the field thrive without an Active Directory background? Eric shares honest thoughts on building expertise in today’s IAM landscape.
🛡️ The Balance Between Security and Business Agility
Too much restriction can slow down operations, but too little leaves gaps. We asked Eric how he manages this tension—and whether airtight security really is like an “insurance policy.”
🤝 The Power of Community: IDPro and Beyond
Eric is a strong advocate for vendor-neutral collaboration and contributes to IDPro’s Body of Knowledge. We discuss how shared knowledge and community-driven standards are helping improve security outcomes across the industry.
🎧 Why You Should Listen
This episode is full of real-world insights, research-backed advice, and forward-looking perspectives on identity and access management. Whether you’re leading a security team, implementing Entra ID, or exploring your path in IAM, there’s something valuable here for you.
▶️ Watch or Listen Now
🎙️ Podcast Platforms: Available on Spotify, Apple Podcasts, and your favorite podcast app.
🎥 YouTube:
📌 Don’t forget to subscribe for more interviews with global experts in identity, cybersecurity, and modern workplace innovation.