Articles about non-human identities

While 79 percent of organizations are already using AI in production environments, only six percent have implemented a comprehensive, AI-native security strategy.

This is among the findings in the new AI Security Benchmark Report from SandboxAQ, based on a survey of more than 100 senior security leaders across the US and EU, which looks at concerns about the risks AI introduces, from model manipulation and data leakage to adversarial attacks and the misuse of non-human identities.

Continue reading →

Non-human identities (NHIs) -- such as service accounts, tokens, API keys, and workloads -- are exploding in volume, now outnumbering humans 50 to one, but they remain under-observed, under-protected, and dangerously over-privileged.

New data from identity security platform Silverfort shows 40 percent of cloud NHIs do not have an owner. These accounts are often excluded from proper lifecycle management, leaving them unobserved, unprotected, and open to abuse.

Continue reading →

Non-human identities (NHIs) outnumber human identities by between 10 and 50 times, but the industry lacks solutions to properly address this hole in the security perimeter.

Traditional IAM solutions and best practices aren't sufficient when it comes to managing NHIs, as evidenced by some recent breaches that have stemmed from exploitation of NHIs.

Continue reading →

Compromised non-human identities have led to successful cyberattacks at that 66 percent of enterprises.

A new report from AppViewX, based on a survey of almost 370 IT, cybersecurity, and DevOps professionals by Enterprise Strategy Group (ESG), also shows 57 percent of the episodes where organizations suffered a successful attack tied to NHI compromises got the board of directors attention.

Continue reading →

New data shows that one in five organizations has experienced a security incident related to non-human identities; and only 15 percent remain confident in their ability to secure them.

A report from the Cloud Security Alliance (CSA), and Astrix Security reveals that there is a growing recognition of the importance of investing in NHI security with a quarter of organizations already investing in these capabilities and an additional 60 percent planning to within the next twelve months.

Continue reading →

Non-human identities (NHIs) refer to things like API keys, service accounts, system accounts, OAuth tokens. You may not give them too much thought, but a new report from Silverfort looks at the impact they have on an organization's cybersecurity.

Active Directory service accounts -- used for machine-to-machine communication within Microsoft’s Active Directory's (AD) environments -- are the most common and regularly compromised NHIs.

Continue reading →