Non-human identities (NHIs) - service accounts, API keys, certificates, tokens, automation scripts, and countless cloud roles - now outnumber human identities by roughly 50 to 1 in the average enterprise, and the gap keeps widening. Each of these "invisible" accounts can authenticate, move laterally, and reach sensitive data, yet most operate far outside traditional IAM and PAM controls. Because they're spun up programmatically, left to run unattended, or are inherited from legacy integrations, NHIs often retain excessive privileges and static credentials that attackers love to hijack.
The result is a rapidly growing attack surface nobody sees. Silverfort's upcoming NHI Spotlight Report found that only 5.7% of organizations have complete visibility into their NHIs, 80% of those identities show critical posture issues, and more than 60% have no clear human owner or governance policy. Dormant service accounts in on-prem AD, unused access keys in AWS or Azure AD, and sprawling machine to machine connections give adversaries a perfect pivot point into SaaS platforms, cloud workloads, and back to the datacenter. Traditional MFA or vaulting can't protect what security teams can't even inventory.
In this Real Training for Free session, we’ll pull back the curtain on the NHI crisis and discuss why it's exploding, where the blind spots live, and how you can regain control before attackers do.
Up first, 4-time Microsoft MVP Nick Cavalancia takes my seat as he sets the stage by discussing:
- What counts as an NHI in modern hybrid and multi-cloud environments
- The explosive growth of machine identities—and the operational shortcuts that create them
- Real breaches (Microsoft OAuth token abuse, Dropbox Sign compromise, and others) where NHI exposures enabled stealthy lateral movement
- How NHI techniques map to the MITRE ATT&CK Framework to reveal how adversaries exploit over-privileged automation and service accounts
Next, we’ll hear from Roy Akerman – VP of Identity Security Strategy at Silverfort. Roy brings fresh research and real-world insights to unpack the complexities of non-human identity security. You'll learn how:
- Existing risks, hidden gaps in visibility, and lifecycle management make securing NHIs so difficult—and how these blind spots create serious risk.
- Attackers exploit over-permissioned, dormant, and "ownerless" identities to move laterally across SaaS apps, cloud workloads, and on-prem environments.
- To establish behavioral baselines for NHIs by mapping their access patterns, sources, destinations, and privileges to detect anomalies in real time.
- Adaptive security controls like virtual fencing and privilege reduction can stop malicious use of NHIs before damage is done.
- Comprehensive discovery and classification of NHIs can give you full visibility across cloud, SaaS, and on-prem environments—while connecting each to a human owner.
- Integrating with all identity providers, cloud and on-prem, enables unified monitoring of every authentication and access attempt made by NHIs.
- Coordinating NHI lifecycle management and in-line risk assessment across IAM, SOC, IR, and compliance teams fosters unified governance and streamlined security operations.
Roy will also discuss key findings from Silverfort's upcoming NHI Spotlight Report.
Join us to learn how to reclaim control of the fastest growing-and most overlooked-identity class in your environment and walk away with an action plan to shrink your NHI attack surface before it's weaponized.
This Real Training for Free session will be loaded with practical real-world application to your cybersecurity strategy and execution.