Bridging the NHI security gap: Astrix and Torq partner up

While zero-trust policies and identity-centric programs excel at protecting user identities and login credentials with IAM policies and security tools like MFA or IP restrictions, non-human identities (NHIs) like API keys, OAuth apps, service accounts, and secrets often lack visibility, monitoring, and governance. This gap has not gone unnoticed by attackers.

Danielle Guetta May 22, 2024

While zero-trust policies and identity-centric programs excel at protecting user identities and login credentials with IAM policies and security tools like MFA or IP restrictions, non-human identities (NHIs) like API keys, OAuth apps, service accounts, and secrets often lack visibility, monitoring, and governance. This gap has not gone unnoticed by attackers.

Astrix Security stepped in as the first solution to fill this gap, and we are thrilled to announce our partnership with Torq, making it easier than ever to manage, secure, and remediate NHI risks seamlessly within your SOC automation processes.

Simplifying NHI security with Astrix and Torq

By integrating Torq with Astrix, security teams can automate identifying and responding to anomalies, excessive permissions, unused credentials, and non-rotated non-human identities through streamlined workflows. This integration helps eliminate silos, allowing teams to operationalize Astrix effortlessly within their existing Torq setup.

Automated response and remediation

Astrix brings behavioral analysis, typically used for human identities, to non-human identities – enabling real-time detection of unusual activities. To that extent, Torq allows customers to respond automatically using remediation playbooks driven by preset logic, allowing immediate threat responses without switching between different tools.

Posture management and risky integrations

Unused permissions, risky connections, and unrotated tokens increase your NHI attack surface. Using Astrix and Torq, customers can customize rules to detect unused, overly permissive, and malicious NHI access. These rules are converted into automated playbooks through Torq, ensuring continuous reduction of attack surfaces by removing risky access and non-rotated tokens.

Enhanced change management

Astrix and Torq enhance change management for non-human identities by automating data flows and remediation tasks. When Astrix detects a high-risk NHI event, it feeds this information into Torq, which then creates a ticket in workflow management systems like Jira or ServiceNow. Torq’s automation capabilities then trigger specific playbooks to handle these changes, such as decommissioning NHIs. This automation minimizes manual intervention, ensuring swift and accurate updates and reducing potential errors.

Enter the era of security hyper-automation

The integration of Astrix and Torq transforms how security teams manage non-human identities. This partnership simplifies complex processes and reduces the burden on security teams by automating the detection and response to unusual activities and poorly managed permissions.
Ready to see it in action? Request a demo.

Learn more

The Service Accounts Guide Part 2: Challenges, Compliance and Best Practices

The Service Accounts Guide Part 2: Challenges, Compliance and Best Practices

The Service Accounts Guide Part 1: Origin, Types, Pitfalls and Fixes

The Service Accounts Guide Part 1: Origin, Types, Pitfalls and Fixes

Detect and Rotate Exposed Secrets with Astrix

Detect and Rotate Exposed Secrets with Astrix