Natoma

We had a wonderful time at our Executive Cybersecurity Dinner in New Orleans last night! We teamed up with Onyxia Cyber and Sparked Ventures to host a group of security leaders in financial services for an evening of Louisiana cuisine and engaging conversation ?

Excited for a great evening and the week ahead! If you're in New Orleans for the FS-ISAC Summit, let's connect! #FSISACsummit

Join us in The Big Easy for a lavish Executive Cybersecurity Dinner! Save your spot today as spaces are limited: https://lu.ma/i9sh0kyp We're partnering with Onyxia Cyber and Sparked Ventures to host an exclusive dinner for security leaders in financial services at one of New Orleans' premier restaurants in the Warehouse District, founded by James Beard award-winning chefs. If you’ll be attending the FS-ISAC 2025 Americas Spring Summit or are based in New Orleans, we’d love to see you!

The Key to Securing NHIs? Full Lifecycle Management Last week, we covered what NHIs are and why they’re a growing risk. Now, let’s focus on how security teams are tackling the problem and the vendors leading the charge. The Real Fix: NHI Lifecycle Management Here’s what that looks like in practice: 1/ Discovery & Inventory : Identify all NHIs and machine identities, across cloud and on-prem systems. Build a real-time inventory mapping their purpose, ownership, and access. 2/ Provisioning & Classification : NHIs need the right access from the start, not too much, not too little. Tag them by privilege level, owner, and function so they’re properly assigned and monitored. 3/ Monitoring & Threat Detection : NHIs shouldn’t have excessive access, and any unusual activity should trigger alerts. Continuous monitoring helps catch excessive permissions, misconfigurations, and potential compromises early. 4/ Secrets Rotation & Vaulting : Credentials shouldn’t last forever. Automate API key and service account rotation every 30, 60, or 90 days and store them in secure, encrypted vaults, no hardcoded secrets. 5/ Deprovisioning & Cleanup : Unused NHIs? Remove them. Set expiration dates, revoke old credentials, and run audits to prevent “zombie identities” from becoming security risks. Who’s Solving This? A new wave of vendors is stepping up to help enterprises get a grip on NHI security. Some of the companies leading the charge are Natoma, Entro Security, Astrix Security, Clutch Security ,Veza and Aembit. Read about this and more in our full report on NHI's : https://lnkd.in/evjmqXde Looking ahead, here are the bigger questions we need to answer: - Will human and non-human identity ecosystems converge, or will they remain distinct categories in the coming years? - As NHIs vastly outnumber human identities, how will CISOs manage and budget for this growing challenge? Drop your thoughts in the comments. Let’s discuss. ***** Please repost it ?? and follow us, SACR , for more similar posts.

Some insightful nighttime reading—an excellent Gartner report on Machine IAM and NHI. Erik Wahlstr?m and Felix Gaehtgens, as always, stellar report. However, I must strongly disagree on multiple fronts. 1. How is LEI (ISO 17442) an NHI? LEIs identifies corporations, financial institutions, and stock exchanges. Classifying them as NHIs in IAM and security context seems misaligned. 2. Classifying pet microchips as NHIs in IAM is a stretch. Sure pets need IDs, but not for authentication. My lab may look cute in a Natoma shirt, but I don't think he is logging into my laptop with paw print anytime soon. 3. If you want to overrate in this vein, I would challenge how are SaaS apps or mobile apps or RPA services classified as machines? Shouldn't machines be limited to devices, servers, VMs etc? Well I am sure Erik Wahlstr?m you would love a Shakespeare quote here :) - "“What's in a name??That which we call a rose by any other name would smell as sweet” For now how about we enjoy the most beloved "non-human" member of our family in Natoma t-shirt Erik Wahlstr?m Felix Gaehtgens Simon Moffatt Jack Poller Todd Thiemann Ian Glazer would love your thoughts.

??? Counting down the days until our Executive Cybersecurity Dinner in New Orleans! Financial services CISOs are invited to join us on March 10 for an evening of networking, insightful conversation, and delicious cuisine. Register today as spots are limited: https://lu.ma/i9sh0kyp

Roses are red ?? Chocolate is sweet ?? Natoma makes managing NHIs ?? A Valentine’s Day treat ?? Happy Valentine’s Day, from us to you ??

?? Love is in the air ?? To celebrate Valentine's Day, we've written a love letter to Non-Human Identities. Like all relationships, they take work, care, and attention -- but we're still hoping they'll be our Valentine: https://lnkd.in/gFYy5Ucq

We're thrilled to welcome Noa Kohavi to Natoma! Get to know her ??

?? This is a bigger jumpscare than being asked to share your screen on Zoom without warning ??