今日已更新 80 条资讯 | 累计 20052 条内容
关于我们

Non-Human Identities: The Silent Attack Surface No One Is Monitoring

Ali-Funk 2026年06月22日 14:51 2 次阅读 来源:Dev.to

Most organizations know exactly how many employees they have. Far fewer know how many non-human identities currently have access to their cloud environment. That blind spot is becoming one of the fastest-growing attack surfaces in modern security. For years, enterprise security focused primarily on protecting human identities. We deployed Single Sign-On (SSO), enforced Multi-Factor Authentication (MFA), and implemented Conditional Access policies. And it worked — human identities have become significantly harder to compromise. Meanwhile, another class of identities has quietly exploded across cloud environments: service principals, workload identities, OAuth applications, CI/CD runners, and AI service roles. Today, these Non-Human Identities (NHIs) often outnumber human users by a factor of 10 to 50. As organizations accelerate cloud adoption and integrate AI into daily operations, this imbalance continues to grow. Defining the Non-Human Identity Landscape Unlike human users, machine identities rarely appear in HR systems or organizational charts. Yet they frequently hold some of the most privileged access in the environment. Common high-risk categories include: OAuth Applications and Third-Party Integrations — Apps granted broad access to Microsoft 365, Salesforce, Google Workspace, or Slack via delegated permissions. Service Principals and Managed Identities — AWS IAM roles, Azure Managed Identities, and GCP service accounts used by Lambda functions, EC2 instances, or Bedrock agents. Workload Identities — Kubernetes Service Accounts (e.g., Amazon EKS) and GitHub Actions OIDC roles. CI/CD Pipeline Identities — Tokens used by automation platforms to deploy infrastructure. AI Service Roles — Dedicated identities for Amazon Bedrock agents, model invocation, vector stores, and retrieval pipelines. Every new AI workflow creates additional machine identities. Why Attackers Are Targeting NHIs Attackers follow the path of least resistance. While human accounts are now heav

本文内容来源于互联网,版权归原作者所有
查看原文