Book a demo

How RevMed Solved Token and Key Management Challenges with Astrix

Danielle Guetta December 24, 2024

RevMed, a biotech company specializing in pancreatic cancers like RAS and mutant cancers, faced significant security challenges in managing their non-human identities. Alec Lessard, RevMed’s Information Security Senior Manager, shares how Astrix transformed their approach to token and key management.

Visibility into token access

The growing prevalence of token-based attacks, such as Midnight Blizzard, drove RevMed’s security team to take a close look at their NHI security posture. Like many organizations, they struggled with understanding what their tokens could access within their environment. This lack of visibility left them vulnerable to over-privileged applications and unmonitored token activity.

By integrating Astrix into their security stack, RevMed gained critical insights into token access from a non-human perspective. According to Lessard, “With Astrix complementing our security stack, we were able to gain visibility as to what tokens could actually access. Applications had over-privileges, but it helped us clean up really quick and provided us a perfect monitoring solution.”

Simplified key management

Key management had long been a pain point for RevMed. The rapid generation of keys to connect services often resulted in hygiene issues and tracking challenges. RevMed adopted Astrix as the central platform for managing keys, streamlining their approach across the organization.

“With Astrix, that worry goes away,” says Lessard. “You get a holistic view through the platform of which keys are talking where. It gives you a chance to reconcile what keys belong to what products, even if you had a hygienic issue in the past.”

A game-changing partnership

Beyond solving immediate challenges, the Astrix platform became a cornerstone of RevMed’s security strategy. The relationship with Astrix also helped RevMed grow its understanding of the NHI security landscape and refine its approach.

“It’s definitely been a game changer as far as the impact the product has had on RevMed,” Lessard shares.

Learn more

Introducing the OWASP NHI Top 10: Standardizing Non-Human Identity Security

Introducing the OWASP NHI Top 10: Standardizing Non-Human Identity Security

Tal Skverer
Tal Skverer 7 Jan, 2025
Securing NHIs in Jira and Confluence
General

Securing NHIs in Jira and Confluence

Danielle Guetta
Danielle Guetta 6 Jan, 2025
Securing NHIs in NetSuite

Securing NHIs in NetSuite

Danielle Guetta
Danielle Guetta 6 Jan, 2025

© 2025 Astrix Security. All rights reserved.