Using just-in-time credentials to minimize access-based DevOps security risks
While the rapid adoption of DevOps processes has helped companies assume an agile product position in the market, security has lagged. Specifically, DevOps's prioritization of tools and automation has led to an explosion of machine identities that traditional waterfall-based security mechanisms cannot keep pace with.
Verizon's 2021 Data Breach Investigations report highlighted the extent of the problem by revealing that 61 percent of data breaches involved misused credentials data. These breaches are rarely incidents of a malicious actor stealing a human entity's password. Instead, hackers leverage expired or unused machine identities, also known as workload identities, to penetrate networks. As a result, some 92 percent of respondents to a recent Enterprise Strategy Group (ESG) survey indicated that they see workload identities as "critical" or "very important" risks.