SlashID

At the #NHIGlobalSummit last month, I concluded the talk with three identity security predictions: 1. A surge in phishing attacks exploiting OAuth 2.0 flows to bypass Multi-Factor Authentication (MFA), similar to tactics seen with Midnight Blizzard. 2. Emergence of advanced credential harvesting methods, exemplified by Storm-0558's extraction of key material from Microsoft crash dumps. 3. Increased prevalence of persistence tactics in cloud environments using stolen authentication tokens from endpoints. This past weekend, two of these predictions became reality: StepSecurity?exposed a significant supply chain compromise in?tj-actions/changed-files, targeting GitHub runners’ memory to exfiltrate credentials. Proofpoint?identified a widespread phishing campaign against Microsoft users utilizing OAuth 2.0 consent flow to evade traditional MFA protections. These incidents reinforce two critical points: ?? Organizations must extend their Identity Threat Detection and Response (ITDR) capabilities. Simply ingesting alerts from Identity Providers (IdPs) is insufficient to detect and stop most sophisticated attacks. ?? Identity Governance and Administration (IGA) and Privileged Access Management (PAM) help with hardening your attack surface, but they are not built to?detect,?respond, or prevent identity attacks. Companies should also move away from long-lived credentials and use federation instead (including in GitHub) but it's important to recognize that this still wouldn't have prevented?tj-actions/changed-files?- it would have made remediation and response easier.

The Next Chapter of Identity Security: Beyond IAM, PAM & IGA For two decades, IAM, PAM, and IGA have shaped identity security—powering billion-dollar vendors like Okta, CyberArk, and SailPoint. But as AI, LLMs, and cloud-scale environments evolve, identity has become the #1 attack surface. The future of identity security won’t replace IAM, PAM, or IGA—it will unify them to close security gaps. The Next Big Shift in Identity Security We are VERY confident that the next wave of identity security will integrate three critical capabilities into a single platform: 1?? Visibility & Inventory – Mapping all human and non-human identities across hybrid environments. 2?? Identity Security Posture Management (ISPM) – Enforcing hygiene and eliminating misconfigurations before they become attack vectors. 3?? Identity Threat Detection & Response (ITDR) – Detecting and stopping identity-based attacks in real time. CrowdStrike’s ITDR product is proof of this shift—scaling from $10M to $400M ARR in just four years by securing the gaps left by IAM, IGA, and PAM solutions. Who are some of the vendors leading the next wave? - Silverfort – Strongest across all three areas, further strengthened by the Rezonate acquisition. - Hydden – Focused on visibility and real-time identity protection. - AuthMind – Identity observability for better posture and attack detection. - Axiad – Identity risk management and continuous insights. - SlashID – Specializing in real-time identity threat protection. - Acalvio Technologies – Deception-based security for identity threats. Our report dives deep into these trends, breaking down the Identity Attack Surface and how enterprises can defend against it. Read the full research report here: https://lnkd.in/gEu3Nvwe We'd love to hear your thoughts in the comments! *** Follow Software Analyst Cyber Research to keep on top of latest trends in identity security

We’re having a great time at the #NHIGlobalSummit! Vincenzo Iozzo just presented on defending against identity-based attacks where he shared his predictions on what we’ll see from the evolving identity threat landscape. If you’re in NYC, let’s connect! #NHI #IAM #Identity

We’re having a great time at the #NHIGlobalSummit! Vincenzo Iozzo just presented on defending against identity-based attacks where he shared his predictions on what we’ll see from the evolving identity threat landscape. If you’re in NYC, let’s connect! #NHI #IAM #Identity

Identity-based attacks are at the forefront of most data breaches. Next week, I’ll be talking at the NHI Global Summit about the Tactics, Techniques, and Procedures (TTPs) attackers use to exploit human and non-human identities. If you’re curious about Big Yellow Taxi, obscure OAuth 2.0 flows, or cross-tenant impersonation, this is the event for you! Join us on the 27th at Nasdaq for an outstanding lineup of speakers. Sign up here: https://lu.ma/gnoexoq3

Thank you Francis Odum & Software Analyst Cyber Research for including SlashID as a “representative vendor” in their first report of 2025: “Securing the Identity Attack Surface”! They introduce the three key components of Identity Attack Surface Management (IASM): ???Discovery & Visibility ???Posture & Hygiene ???Protection & Remediation The report highlights SlashID’s strong capabilities in securing the identity attack surface because we deliver on all three: ? Discovery & Visibility?– Our graph-based approach provides unique cross-cloud visibility for human and non-human identities. ??Posture & Hygiene?– We identify misconfigurations, excessive permissions, and dormant accounts to reduce attack risks and ensure compliance. ? Protection & Remediation?– Posture alone is not enough as we've seen in other cyber domains, active attack detection and remediation is a must. SlashID detects threats at runtime and automates the response to reduce the blast radius of identity based-attacks as they unfold. Thanks again to Francis! We're looking forward to all of the innovation and advancements that are sure to come in the IASM space ?? -- #IASM #ITDR #ISPM #NHI #IdentitySecurity

We are excited to co-sponsor this event with NHI Mgmt Group Entro Security Twine Security Andromeda Security Axiom Security Akeyless Security Aembit and P0 Security There's a lot of confusion in the industry about what's the best approach to tackling NHIs from both a governance and a security perspective. Join us as we discuss how to prevent, detect, respond to, and govern NHIs. If you are in NYC on Feb 27th, sign up here: https://lu.ma/jdh74psx

The recent Chrome extension breach brought malicious OAuth 2.0 Apps and phishing to the forefront. OAuth has been abused by several nation-state actors, like APT29, and it's quickly becoming common to obtain initial access instead of traditional phishing campaigns. We built a simple proof of concept to show how the attackers compromised the developers' identities and uploaded malicious code to the Chrome Web Store. Check out the blog post here: https://lnkd.in/ezZGdNxE

March 31st, 2025, is just around the corner, bringing new PCI DSS requirements for managing Non-Human Identities (NHIs). To help make sense of the changes, we’ve written a comprehensive blog post covering everything you need to know about NHIs and PCI compliance. Among the new mandates are several challenging requirements, including: 1. Restricting interactive use of NHIs: Only allow interactive access in exceptional circumstances. 2. Time-bound interactive access: Limit interactive use strictly to the duration needed for the exceptional circumstance. 3. Documenting justification: Maintain a clear business justification for any interactive use of NHIs. 4. Management approval: Require explicit approval from management for such access. 5. Identity verification: Confirm the identity of the individual requesting access. 6. Accountability: Ensure every action is attributable to an individual user.

Today our NHI Mgmt Group provides the most comprehensive view ever shared on #NHIBreaches, covering 40 major breaches that have occurred over the last few years. This should be a wakeup call to all organisations who are exposed to the significant risks associated with #NonHumanIdentities. NHIs are the primary attack vector used by external / internal threat actors to compromise systems and steal data. With the adoption of Cloud and SaaS services, this has created a huge Secrets Sprawl problem, leaving organisations further exposed to 3rd Party Supply Chain Attacks, as can be seen from many of the breaches we have shared. #cybersecurity #identitysecurity #cyberattack #Cybersecurity #Infosec #CloudSecurity #DigitalSecurity #Digital #digitaltransformation cc Entro Security, Astrix Security, Oasis Security, SlashID, Corsha, P0 Security, Andromeda Security, GitGuardian, Unosecur, AxisNow, Whiteswan Identity Security, TrustFour Technologies, Natoma, Aembit, Clarity Security, Britive, Veza, Clutch Security, Permiso Security, Silverfort, Rezonate (acquired by Silverfort), Token Security, Oleria, AppViewX, ObserveID, Breeze Security, Hopr, SPIRL, Saviynt, Akeyless Security, Anetac, Venafi, a CyberArk Company, AKA Identity, Legit Security, Keyfactor, Zluri, Opal Security, CodeShield, Twine Security