Blog
The latest on non-human identity risks, best practices, research insights, Astrix platform updates and more
Featured
OAuth attack against Microsoft by Midnight Blizzard
January 28, 2024
Midnight Blizzard, the Russian state-sponsored actors, were abusing OAuth applications as part of their attack against Microsoft’s corporate environment. Learn about the attack flow and get the recommended remediation steps.
Read more
Story 4: Detecting compromised secrets & careless 3rd-party vendors
July 16, 2024
Join Astrix customers as they lead the non-human identity security frontier in this series “The Astrix stories: Real customer wins”. From building an automated process around NHI offboarding, to a collaboration between security and engineering to remove super-admin tokens in two hours – these real stories will help you understand what an NHI security strategy […]
Read more
Story 3: Catching the Red-Team Red-Handed
July 2, 2024
Join Astrix customers as they lead the non-human identity security frontier in this series “The Astrix stories: Real customer wins”. From building an automated process around NHI offboarding, to a collaboration between security and engineering to remove super-admin tokens in two hours – these real stories will help you understand what an NHI security strategy […]
Read more
How generative AI impacts non-human identity security?
The popularity of Generative AI apps such as ChatGPT, Gemini, GPT4, Adobe, and many more is undeniably changing how organizations operate. While these AI-powered apps offer exceptional capabilities to automate tasks and boost productivity, they also pose significant threats and expand an organization’s attack surface through various threat vectors – a major one of them […]
Read more
From Radio Shack to the Fortune 500 And now Astrix : My Cybersecurity Journey
June 26, 2024
I started my career in technology at the age of 10 years old. I was a self-taught hacker who didn’t even own a computer. I read computer magazines and then played on computers at the local electronics store, Radio Shack. I’m lucky because I always knew I would be in technology. Hacking was a way […]
Read more
What is Identity Threat Detection And Response (ITDR)
June 16, 2024
Identity Threat Detection and Response (ITDR) is a framework that focuses on protecting your organization from being compromised by threat actors exploiting your organization’s identities. Practically, ITDR solutions include system policies, best practices, and effective tools to monitor, detect, and respond to identity-based threats in real-time across an organization’s environments. Some other known identity threat […]
Read more
NHI attacks making waves: Insights on latest 5 incidents
June 14, 2024
Non-human identity (NHI) attacks are making waves in the cybersecurity landscape, with five high-profile incidents reported in the past few weeks alone. To help you stay on top of this threat vector, our research team provides insights on the latest incidents in this short article. Let’s get started. Incident 1: Snowflake data breach by UNC5537 […]
Read more
Top 4 use cases of non-human identity security: Live event recap
June 13, 2024
Last week we held an insightful live event featuring our solutions engineer, Michael Silva, and our CISO in Residence, Tim Youngblood. The event focused on the top four non-human identity (NHI) use cases that are crucial for security teams. Here’s a recap of the key points discussed during the session, as well as the recording […]
Read more
Securing non-human identities in AWS environments (and beyond)
May 28, 2024
Non-human identities (NHIs) such as IAM users, roles, service accounts, external keys, and secrets are crucial for accessing resources within AWS environments. However, managing and securing these identities presents unique challenges. In this article, we will cover how Astrix helps you with the toughest questions of identity security: what permissions NHIs have, to which resources, […]
Read more
Bridging the NHI security gap: Astrix and Torq partner up
May 22, 2024
While zero-trust policies and identity-centric programs excel at protecting user identities and login credentials with IAM policies and security tools like MFA or IP restrictions, non-human identities (NHIs) like API keys, OAuth apps, service accounts, and secrets often lack visibility, monitoring, and governance. This gap has not gone unnoticed by attackers.
Read more
What are Service Accounts, and why are they important to secure?
What are service accounts? Service Accounts are Non-Human Identity accounts used by machines or apps to communicate with one another within a system, unlike user or human accounts. Service Accounts, using machine credentials, provide privileged identities and permissions for applications, scripts, services, or virtual machines to perform tasks or access resources. This allows different systems […]
Read more
What are Machine Credentials, And Why Are They Important to Secure in Your Organization?
WHAT are Machine Credentials? Machine Credentials are a collective noun for Non-human Identities that operate as digital access keys used by systems. They are used to authenticate and communicate securely with other applications or services in the organization’s environment. By verifying a machine’s unique identity, machine credentials allow safe, agreed-upon interaction. Machine credentials come in […]
Read more
What are OAuth Tokens, and why are they important to Secure?
What are OAuth Tokens? OAuth (Open Authorization) Tokens are Non-Human Identities that work as a secure authentication mechanism. They delegate access to third parties or external apps without exposing your environment’s sensitive credentials. Organizations that rely on third-party applications and service integrations in their environments commonly use OAuth tokens. There are different kinds of OAuth […]
Read more
Story 2: Reducing new risk by 97% – The automation of security awareness
May 7, 2024
Join Astrix customers as they lead the non-human identity security frontier in this series “The Astrix stories: Real customer wins”. From building an automated process around NHI offboarding, to a collaboration between security and engineering to remove super-admin tokens in two hours – these real stories will help you understand what an NHI security strategy […]
Read more
Story 1: Removing super-admin tokens across 33 GitHub tenants in 2 hours
April 22, 2024
Join Astrix customers as they lead the non-human identity security frontier in this series “The Astrix stories: Real customer wins”. From building an automated process around NHI offboarding, to a collaboration between security and engineering to remove super-admin tokens in two hours – these real stories will help you understand what an NHI security strategy […]
Read more
Astrix takes home three 2024 Global InfoSec Awards
May 6, 2024
Astrix Security, the enterprise’s trusted solution for securing non-human identities, has earned three awards from Cyber Defense Magazine (CDM): “While 49% of breaches involve stolen credentials, 90% of credentials are not protected by existing IAM solutions. Service accounts, API keys, OAuth apps, and other non-human identities hold privileged access to enterprise environments and stay under […]
Read more
What are non-human identities?
March 19, 2024
Non-human identities (NHI) are digital, automated and programmable access credentials that play a crucial role in securing systems, managing access, and ensuring the integrity of digital environments. NHIs come in the form of API keys, OAuth tokens, service accounts, and secrets, and are created daily by employees as they delegate access to external entities to automate tasks and increase business efficiency. Unlike human access, or user access, that are rigorously protected with Identity Access Management (IAM) policies and tools like multi-factor authentication (MFA) and single sign-on (SSO), NHI’s are more difficult to secure due to lack of visibility, monitoring, and governance.
Read more
How attackers exploit non-human identities: Workshop recap
March 11, 2024
In the workshop we demonstrated a full attack path exploiting non-human identities, starting with initial access to AWS through an exposed secret in a public GitHub repo. We then continued to privilege escalation through a service account, gained access to source code, and managed to steal customer details and perform a supply chain attack.
Read more
Astrix integrates with Slack
February 22, 2024
Astrix is now available on the Slack App Directory and enables enterprises to secure non-human identities in Slack environments leveraging AI detection capabilities. In addition, Astrix offers deeper integration with Slack, which enables customers to accelerate and streamline the remediation of non-human identity threats across additional core environments like Azure AD, Salesforce, AWS, Github, GCP, […]
Read more
Part 3: The anatomy of supply chain attacks: Non-human identities & TPRM failure
February 7, 2024
“Identity is the new perimeter.” This catch phrase is present in almost every website of identity security vendors, and for a good reason. Human access, more commonly referred to as user access, is an established security program in most organizations – big or small. The realization that user identities and login credentials need to be […]
Read more
Breach analysis: Cloudflare falls victim to Okta attack
February 5, 2024
In a not-so-surprising turn of events, one of the victims in Okta’s supply chain attack reveals further exploits. Cloudflare recently reported that their entire Atlassian suite – Bitbucket, Jira and Confluence were breached back in November by the same threat actor that breached Okta’s support systems. In this article we will cover what happened in […]
Read more
Part 2: How attackers exploit OAuth: A deep dive
January 25, 2024
“Identity is the new perimeter.” This catch phrase is present in almost every website of identity security vendors, and for a good reason. Human access, more commonly referred to as user access, is an established security program in most organizations – big or small. The realization that user identities and login credentials need to be […]
Read more
Part 1: Non-human identity security – The complete technical guide
January 9, 2024
“Identity is the new perimeter.” This catch phrase is present in almost every website of identity security vendors, and for a good reason. Human access, more commonly referred to as user access, is an established security program in most organizations – big or small. The realization that user identities and login credentials need to be […]
Read more
Top 5 non-human identity attacks of 2023
January 2, 2024
2024 is here, and before we delve into new year resolutions and looking to the future, we wanted to take a moment and look back at some of the most high profile non-human identity attacks in 2023, rank the top 5, and see what we can learn from them. For that, our research team set […]
Read more
Practical ways to combat Generative-AI security risks
December 7, 2023
As many have come to realize in the cyber world, all that glitters is not gold. Generative AI, and its ability to automate work processes and boost productivity, is increasingly being used across all business environments. While it’s easy to get wrapped up in the excitement of these tools, like Otter.ai being able to recap […]
Read more
Astrix partners with Google Cloud
December 4, 2023
Astrix is excited to announce our partnership with Google Cloud. This collaboration is all about providing protection for Google Workspace and Google Cloud services, tackling non-human access and minimizing risks like supply chain attacks, data breaches, and compliance violations. With Astrix, organizations using Google services can now benefit from deep visibility and protection for all […]
Read more
Not just code vulnerabilities: The overlooked cause of software supply chain attacks
November 15, 2023
According to Gartner: “Software supply chain attacks have added a new dimension to software security problems because the software delivery pipelines and the tools used to build and deploy software are the new attack vectors.” While the software supply chain has been a huge catalyst for vulnerabilities, and consequently attacks, there is a new type […]
Read more
Astrix wins 2023 CISO Choice Awards in Cloud Security Solution category
November 13, 2023
We are thrilled to announce that Astrix Security has been recognized as the winner of the 2023 CISO Choice Awards in the Cloud Security Solution category. “I would like to congratulate Astrix Security for winning the 2023 CISO Choice Awards Cloud Security Solution Category. The field was exceptionally competitive this year, and our esteemed CISO […]
Read more
Sumo Logic: Compromised non-human access leads to potential supply-chain exploits
November 9, 2023
On Friday, November 3rd, Sumo Logic discovered that a compromised credential was used to access Sumo Logic’s AWS account. Since then, Sumo Logic rotated the exposed AWS credentials and locked down potentially affected infrastructure, and reported they didn’t detect access to customer’s data. Nonetheless, Sumo Logic still suggested that customers rotate all Sumo Logic API […]
Read more
The White House mentions Astrix as one of innovators for AI security Executive Order
November 6, 2023
Astrix Security Joins President Biden’s Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence In a significant step toward shaping the future of AI technology, the Biden Administration issued an Executive Order aimed at maximizing the potential of AI while managing its risks. The order is supported by members of Congress, labor unions and AI […]
Read more
13 non-human identity attacks in 16 months
May 19, 2024
A new generation of supply chain attacks has been rising in recent years. In such attacks, hackers abuse third-party & internal non-human identities as a means of accessing core business systems. While many conversations about supply chain security risks focus on vulnerabilities in software application components themselves, or in their human-to-app connections, they overlook a […]
Read more
The Okta breach: The results of a leaked service account
November 6, 2023
Two weeks ago Okta reported that attackers managed to steal credentials and access Okta’s support case management system. This allowed the attackers to view files uploaded by some Okta customers as part of recent support cases. Some of the affected customers are Cloudflare and BeyondTrust, which have since released their own reports about the effects […]
Read more
Securing non-human identities in Slack
There are more than 2,400 apps in the Slack app directory, and many more from other, non-verified marketplaces that can be integrated via OAuth tokens and Webhooks. In fact, only about 10% of connections to Slack come from the official app directory, meaning that many organizations are using numerous third-party app connections with zero vetting, […]
Read more
Securing non-human identities in Microsoft 365 & Azure AD
To streamline workflows and maximize its functionality, Microsoft 365 & Azure Active Directory (AAD) can be connected to thousands of apps and services, as well as a large number of non-marketplace apps that can be connected via webhooks, OAuth tokens, API keys and workflow automation platforms. Each and every connection made between Microsoft 365 and […]
Read more
Securing non-human identities in Salesforce
Salesforce environments across the world are connected to 11,225,724 AppExchange services, as well as countless other non-exchange services that can be integrated into Salesforce environments via API keys, OAuth tokens, service accounts and more. All these non-human connections accessing sensitive Salesforce environments significantly expand the attack surface, exposing companies to supply chain attacks, data breaches […]
Read more
Securing non-human identities in Google Workspace
Google Workspace is a core productivity engine for many businesses. As such, employees are increasingly connecting third-party applications into their Google Email, Calendar, Docs, Drive and more in a bid to increase productivity. These connections are also created when users sign in to third-party apps using the Google Single Sign-On feature. Many of these third-party […]
Read more
Astrix Security Takes Home Three Coveted Global InfoSec Awards
Company Also Recognized as Innovation Sandbox Finalist at RSA Conference 2023 [New York, April 25, 2023] – Astrix Security, the enterprise’s trusted solution for securing non-human connections and identities, has been awarded three Global InfoSec Awards by Cyber Defense Magazine (CDM): “As we’ve seen the countless supply chain attack headlines – from GitHub to Slack […]
Read more
Astrix Discovers 0-Day Vulnerability in Google Cloud Platform
The vulnerability, dubbed “GhostToken”, allows attackers to gain permanent and unremovable access to a victim’s Google account by converting an already authorized third-party application into a malicious trojan app, leaving the victim’s personal data exposed forever. This may include data stored on victim’s Google apps, such as Gmail, Drive, Docs, Photos, and Calendar, or Google Cloud Platform’s services (BigQuery, Google Compute, etc.).
Read more
Forbes – Shadow Connections: How They’re Impacting Your Production Environment And Software Supply Chain Security
June 13, 2023
Astrix CEO & Co-Founder Alon Jackson’s latest article for Forbes emphasizes the risks posed by unmonitored third-party app-to-app connections in corporate environments. With the increasing use of interconnected applications, security teams often overlook these shadow connections, leaving potential vulnerabilities in the software supply chain.
Read more
Security Magazine – Non-human identities: Secure them now, not later
June 13, 2023
Astrix CTO & Co-Founder Idan Gour shares his insights with Security Magazine about identity-related attacks being on the rise, with credential misuse becoming a prominent attack vector.
Recent high-profile incidents have highlighted the exploitation of insecure non-human identities, such as API keys and OAuth tokens, to breach organizational systems, steal sensitive data, and cause disruptions.
Read more
Key takeaways about GenAI risks from Gartner reports
As the buzz around GenAI security continues to grow, research reports around the burning subject continue to arise. In this article we will share key takeaways from two recent Gartner reports about GenAI related threats, why Astrix was mentioned in them, and the way we see them representing the new security landscape surrounding GenAI. In […]
Read more
Looking Back at Our Journey in the 2023 RSA Innovation Sandbox Contest
With Q4 around the corner, a reflection on the year so far highlights a standout moment for us at Astrix Security – our achievement as a top 10 finalist in the esteemed RSA Innovation Sandbox contest. The RSA Innovation Sandbox contest isn’t your run-of-the-mill event. It’s a meeting ground for cybersecurity leaders, investors, and tech […]
Read more
Astrix Security was mentioned in a 2023 Gartner® report as a Representative Vendor for SSPM
In the recent Gartner report titled Quick Answer: Cloud, Kubernetes, SaaS — What’s the Best Security Posture Management for Your Cloud? Astrix Security is mentioned as a Representative Vendor in the SaaS Security Posture management (SSPM) market. In this short article we will cover key points from the Gartner report, and cover how the Astrix […]
Read more
Astrix Security mentioned in a 2023 Gartner® report under Secure Access to Machine and Environments tool
In a recent Gartner report titled How to Select DevSecOps Tools for Secure Software Delivery, Astrix Security is mentioned as one of the vendors that addresses the need to secure access to machines and environments in the DevOps pipeline. In this short article we will cover key points from the report, and explain how Astrix […]
Read more
Astrix Security Raises $25M in Series A Funding
The investment will allow enterprises to further secure non-human identities and safely leverage the soaring adoption of third-party apps and Generative AI services Your browser does not support the video tag. [New York, June 28, 2023] – Astrix Security, the enterprise’s trusted solution for securing non-human identities, has secured $25 million in Series A funding […]
Read more
Astrix Security is mentioned in two 2023 Gartner® reports
Astrix Security is proud to announce it was mentioned as a representative vendor in a recent Gartner report Quick Answer: Cloud, Kubernetes, SaaS — What’s the Best Security Posture Management for Your Cloud?, and as a tool that addresses the need to secure access to machines and environments in the DevOps pipeline in Gartner’s report […]
Read more
GhostToken – Exploiting GCP application infrastructure to create invisible, unremovable trojan app on Google accounts
The Astrix Research Group revealed a 0-day flaw in Google’s Cloud Platform (GCP) which affects all Google users. Our new research blog covers this vulnerability in detail. In it, we deep dive into everything from how it works to what makes it so severe and how it was eventually mitigated.
Read more
Astrix Security Wins 2022 Cybersecurity Breakthrough Award for Cloud Security
October 6, 2022
Astrix claims the title of “PaaS Security Solution of the Year” in the sixth annual Cybersecurity Breakthrough Awards program by CyberSecurity Breakthrough, a leading independent market intelligence organization.
Read more
20 Minute Leaders: Leadership & the Future of App-to-App Security
November 10, 2022
Astrix Security Co-Founder & CEO, Alon Jackson, recently caught up with Michael Matias of 20 Minute Leaders to discuss everything from the founding of Astrix Security, his background & leadership, to the need of app-to-app security.
Read more
VentureBeat – Astrix emerges from stealth with 15M$ funding to secure 3rd-party app integrations
February 23, 2022
Today, Enterprise app security startup Astrix Security emerged from stealth with a $15 million seed funding round led by Bessemer Venture Partners with an app integration access management solution designed to protect enterprises’ third-party apps.
Read more
