Notifications
Clear all
Topic starter
06/06/2026 2:03 am
TL;DR: Identity security practitioners still use X as a fast signal channel, but signal quality depends on following the right analysts, researchers, and community voices rather than feed volume, according to Oasis Security. The practical issue is not social media itself, but whether identity teams can turn high-noise commentary into usable context for IAM, NHI, and security decisions.
NHIMG editorial — based on content published by Oasis Security: Top 15 identity security accounts to follow on X
By the numbers:
- With 556 million active users, sifting through X can be daunting.
- The post lists 15 identity security accounts to follow.
Questions worth separating out
Q: How should security teams use social media for identity security intelligence?
A: Security teams should use social media as a triage layer, not as evidence.
Q: Why do identity teams benefit from following practitioner voices instead of generic security feeds?
A: Identity teams benefit because practitioner voices usually connect incidents to the controls that failed, such as provisioning, federation visibility, entitlement design, or offboarding.
Q: What should IAM leaders look for in a useful security account on X?
A: Look for consistency, specificity, and identity depth.
Practitioner guidance
- Curate a small identity-first feed list Select accounts that regularly discuss IAM, privileged access, federation, breach analysis, and authentication standards.
- Map social signal to control domains Assign each trusted account to a control area such as provisioning, federation, privileged access, or NHI governance so posts can be routed to the right team quickly.
- Use outside commentary to challenge assumptions When a breach or identity trend appears, compare public commentary with your own access model, logging coverage, and lifecycle process to see where your programme may be behind reality.
What's in the full article
Oasis Security's full blog post covers the operational detail this post intentionally leaves for the source:
- Short profiles for each of the 15 identity security accounts and their specific areas of coverage
- The original list structure the vendor used to select analysts, researchers, and practitioners
- The publication context and update history that help you judge recency and relevance
- Direct links to the named accounts for practitioners who want to build a follow list
👉 Read Oasis Security's list of 15 identity security accounts to follow on X →
Identity security accounts on X: which voices matter most?
Explore further
06/06/2026 3:31 am
Curated identity feeds are an external control surface, not a marketing channel. Teams that follow the right voices gain faster awareness of breach patterns, governance failures, and control drift across IAM and NHI programmes. The value is not the platform itself, but the ability to filter identity-relevant intelligence from a noisy stream. Practitioners should treat social signal as an input to decision-making, not as a source of truth.
A few things that frame the scale:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
- 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to Ultimate Guide to NHIs.
A question worth separating out:
Q: How do teams turn identity chatter into action without creating noise?
A: Route posts into a simple review workflow. If an item maps to an active control area, send it to the relevant owner. If it does not, archive it. That keeps the feed useful while preventing social media from becoming another ungoverned alert stream.
👉 Read our full editorial: Identity security voices worth following in a crowded X landscape
