Astrix Security

We're thrilled to announce the FIRST EVER Non-Human Identity Security Conference in the heart of NYC, co-hosted with Cloud Security Alliance! 🗽✨ 𝐖𝐡𝐞𝐧:  Sep 18, 2024 𝐖𝐡𝐞𝐫𝐞:  World Trade Center, New York 𝐖𝐡𝐲: 🔹 Dive into real NHI case studies from top enterprises 🔹 Engage in conversations with leading security executives pioneering the NHI security space 🔹 Enjoy unbeatable networking over delicious breakfast and lunch This is your chance to take part in the future of NHI security and connect with the brightest minds in the field. Ready to be part of something big? Register now and secure your spot! 👇 https://lnkd.in/dt6pa2tg Gary Owen John Yeoh Timothy Youngblood, CISSP E Coleen C. Vinay P. Gerhard Eschelbeck Dr. Chase Cunningham Dmitriy Sokolovskiy, CISSP, QTE Emilio E. Heather Hinton

Welcome aboard, Brian! We’re thrilled to welcome Brian Kennedy to the Astrix Security team as our new Regional Sales Director. Brian brings a wealth of experience in enhancing security and identity programs across various organizations, making him a valuable addition to our team. Join us in giving Brian a warm welcome 🤗 #TeamAstrix #Cybersecurity #Leadership #Innovation

🚀 Astrix is featured in two new Gartner Hype Cycles🚀 We’re excited to share that Gartner continues to recognize Astrix in its research papers. This time, Gartner highlights Astrix as a Machine Identity Management vendor in two separate reports: 📄 2024 Hype Cycle for Digital Identity 📄 2024 Hype Cycle for Identity Government Services Machine Identity Management (a subset of Non-Human Identity Management) is currently at a stage called the “Trough of Disillusionment.” This reflects the realization among security leaders that despite the initial hype around this security practice, there are still gaps that must be addressed to achieve effective management of machine credentials. 🔒 This is exactly where Astrix comes in—with our security-first approach to Non-Human Identities (#NHIs) and machine credential management. Astrix not only enables you to manage the entire lifecycle of NHIs but also secures them with the first Non-Human ITDR capabilities, including anomaly detection and auto-remediation. Thank you for your recognition Felix Gaehtgens Erik Wahlström Rebecca (Becky) Archambault Link to the full reports:  https://lnkd.in/dQSui5kb https://lnkd.in/dsfS8GpD #NHISecurity #MachineCredentials #HypeCycle

Can you feel the excitement in the air? 🤭 Only 1 month to go till the 1st Non-Human Identity Security Conference in NYC! 𝐖𝐡𝐞𝐧: Sep 18, 2024 𝐖𝐡𝐞𝐫𝐞: World Trade Center, New York 𝐖𝐡𝐲: 🔹 Dive into real NHI case studies from top enterprises 🔹 Engage in conversations with leading security executives pioneering the NHI security space 🔹 Enjoy unbeatable networking over delicious breakfast and lunch Register now and secure your spot: https://hubs.la/Q02LFrVb0

🚨 Massive NHI Attack: Insecure AWS stored credentials lead to compromise of 230 Million cloud environments 🌩️🔓 Improperly secured non-human identities (#NHIs) have once again proven to be a prime target for attackers, serving as a gateway to breach organizations. Palo Alto Networks Unit 42 uncovered a massive data extortion campaign that compromised AWS resources by exploiting NHIs and machine credentials. The campaign's scale is enormous—attackers accessed .env files across over 110,000 domains and targeted over 230 million unique endpoints. How? The attackers employed sophisticated tactics to exploit exposed environment variable (.env) files on cloud infrastructures. These .env files contained NHIs with access to various programs and services, including AWS access keys 🔑, database credentials, social media account credentials, API keys for SaaS applications, email services, and access tokens for a variety of cloud services. The compromised NHIs allowed the attackers to escalate privileges, deploy malware 🦠, and compromise sensitive data, such as S3 buckets, for extortion purposes. These sophisticated attack tactics underscore the importance of implementing a robust NHI security program. 🔒 Machine credentials should be governed by strict IAM policies, just as user identities are. Additionally, secret scanning 🔍 and continuous monitoring of NHI behavior through anomaly detection 📈 are crucial for identifying the real-time abuse of leaked secrets. The Astrix Security Platform enables you to do just that. Sign up for a demo and meet with our NHI security expert to see if this breach has affected your environment, detect risky NHIs that might have been compromised, and rotate credentials swiftly to minimize your attack surface quickly. ⏳ Click here to schedule a demo: https://lnkd.in/dviPSwXg #NHISecurity #AWSBreach #NHIs

Boomi Leverages Astrix to control third-party NHI access and cut mitigation time ⌛ Watch Carl Siva, Boomi's CISO, as he shares how his team used Astrix to swiftly respond to the #Snowflake breach, his top priorities when it comes to security solutions, and why he feels that he has an extended security team. 😍 Read more about it here: https://hubs.la/Q02LHmRd0

Calling all NYC security professionals - you don’t want to miss this panel! 💯 Join us for an exclusive panel discussion featuring 4 leading CISOs as they dive into the business case for Non-Human Identities (NHI): Why is NHI security crucial right now? What are the risks of delaying action? How do you measure ROI for NHI initiatives? Who should be driving the NHI strategy? And more… This panel is an amazing opportunity to learn from industry experts and take your NHI strategy to the next level. 🦸 Save your spot here: https://lnkd.in/dt6pa2tg Cloud Security Alliance Timothy Youngblood, CISSP E Coleen C. Moriah Hara Cory Scott

Do you have App-Specific Passwords in your organization's Google environment? Does it matter? 🤔 In our latest article, our own Researcher Tomer Yahalom shares an in-depth exploration of App-Specific Passwords: their origins, how they work, and the security risks they still pose. From the early days of Less Secure Apps to the modern challenges of managing App-Specific Passwords, this article dives deep into the evolution and ongoing concerns of this often-overlooked non-human access. 🚨 Read it here: https://hubs.la/Q02L8ymX0

Pagaya uses Astrix to control #NHIs through visibility and risk prioritization across environments. 👀🔐 Pagaya's Global CISO, Yaniv Toledano, shares his experience with the Astrix platform and the team behind it, as well as his view about non-human identity risks. Watch what he has to say 👇 , or read about it here: https://lnkd.in/dHK2wiYs

🔦 Session Spotlight: Exploiting service accounts, secrets, and API keys to perform a supply chain attack Ever wonder how attackers exploit #NHIs to gain access, move laterally, and escalate privileges in organizations' environments, all undetected? 👀 Join us for a live demo where Chris H. and Michael Silva will dive into a real-life attack scenario across GitHub, AWS, and Slack. You'll see exactly how these attacks unfold and, more importantly, learn practical ways to protect your environment. Don't miss this eye-opening session at the 1st NHI Security Conference on September 18 in NYC. Register here: https://lnkd.in/dt6pa2tg