Notices by Dan Kennedy :verified: :verified: :verified: :verified: (danielkennedy74@infosec.exchange)

"But we've been talking about this <insert security thing> for a while now..."

Steps:

1. Talk about problem, build scale in talking about problem.
2. Market begins to think about different ways to solve problem.
3. Approaches are tried, funding happens, some fail, some win, many become part of larger platforms.
4. Solutions begin to scale, and become widely adopted, practitioners become familiar with them, attackers adjust, advancements are made, common (best) practices develop.

Every step is worth talking about, every shift is news, and Rome wasn't built in a day.

Stop being bored with progress in security.

Nonhuman identities (NHIs) — such as machine identities, service accounts and application credentials — have always been a distinctive part of identity management, where approaches focus on persistent credentials for human users rather than emphasizing ephemeral access for machine users. With some reports indicating that NHIs outnumber human identities 50 to one, managing the sprawl of these identities, including permissions that maintain the principle of least privilege and knowing who owns what, has always been a challenge for security teams. Yet, NHIs are a vital component of automation strategies. Some key challenges include a lack of visibility into their activity and related difficulties in auditing, over-permissioning, and even application security issues, such as secrets management. The rise of agentic AI, especially agents acting on behalf of users, promises to make an already complex issue even more complicated. In fact, agent behavior blurs the line between human users and NHIs. Two-fifths (41%) of organizations are already using third-party security tools to help manage NHIs, 18% are running proof-of-concept projects, and another 15% plan to implement them within the next six months.

https://blog.451alliance.com/agentic-ai-complicates-an-already-complicated-picture-around-non-human-identities/

@briankrebs