WHY ASTRIX
It’s Time to Secure the Biggest Identity Blindspot of Modern Times
Human identities and login credentials are tightly monitored and secured. Non-Human Identities (NHIs) like API keys and service accounts provide the same (or more) privileged access to corporate IP and customer data, but remain under the radar.
EXPONENTIAL EXPOSURE
20,000 Non-human identities for every 1,000 employees
NHIs are the building blocks of automation and innovation, so they will only continue to grow in number. Astrix allows you to gain visibility and governance over NHIs across environments.
NHI ATTACKS ARE ON THE RISE
Threat actors love NHIs
CircleCI
Jan 2023
Malware bypassed antivirus on an engineering employee’s computer, allowing attackers to steal session tokens, which gave them full access to accounts, even those protected by two-factor authentication.
Slack
Jan 2023
Threat actors gained access to Slack’s externally hosted GitHub repositories via a “limited” number of stolen Slack employee tokens.
Jumpcloud
Jul 2023
During an ongoing investigation of a breach, Jumpcloud invalidated all API keys and later urged its customers to rotate all tokens provided.
Microsoft365
Jul 2023
Hackers stole an inactive signing key from a breached Azure system, used it to create valid email access tokens, and accessed Office365 accounts across multiple Azure AD cloud customers.
Microsoft
Sep 2023
A published SAS token by Microsoft’s AI researchers exposed 38TB of sensitive data for over 2 years.
GitHub Dependabot
Sep 2023
Hackers stole GitHub Personal Access Tokens and used them to make unauthorized commits as Dependabot to various repositories.
Okta
Oct 2023
Attackers used a leaked service account to access Okta’s support case management system, viewing files from recent customer support cases.
Cloudflare
Nov 2023
Hackers breached Cloudflare’s Atlassian suite via an unrotated token and service account credentials, despite Cloudflare rotating 5000 credentials after the Okta breach.
Microsoft
Jan 2024
Russian state-sponsored hackers abused OAuth applications to breach Microsoft’s Office 365 email server, exposing internal email correspondences.
Dropbox Sign
May 2024
Threat actors stole customer data, including API keys and OAuth tokens. Dropbox recommended rotating these keys and tokens for Google Workspace, Office 365, and Salesforce.
Snowflake
May 2024
Hundreds of Snowflake instances were breached by the financially motivated threat actor UNC5537, affecting approximately 165 organizations.
New York Times
Jun 2024
Attackers stole the New York Times’ source code by exploiting an over-privileged GitHub token, granting access to all repositories.
HuggingFace
Jun 2024
HuggingFace reported an unauthorized access to their servers, resulting in the theft of tokens and API keys from its Spaces platform.
JetBrains
Jun 2024
JetBrains found a vulnerability in their GitHub Plugin for IntelliJ IDEs, risking unauthorized access to GitHub repositories. They urged customers to revoke the plugin’s access by deleting PATs and OAuth app tokens.
GitHub
Jun 2024
The threat actor Gitloker exploited malicious OAuth apps to target GitHub users, causing significant data loss and ransom demands.
AWS
Aug 2024
Massive NHI Attack: Insecure AWS stored NHIs and machine credentials lead to compromise of 230 Million cloud environments.
“We recommend rotating all credentials”
Even if you don’t get hit, when one of your vendors is breached, you will need to spend 100s-1000s of man-hours to find and rotate compromised credentials – and still be unsure if you covered all of them.
Astrix expedites IR efforts by automatically mapping every associated NHI, and showing you its risk and everything it’s connected to, so you can remove or rotate in a jiff.
THE ASTRIX ADVANTAGE
All NHIs. All environments. Threat-driven.
All NHIs & environments
Supporting corporate & production env. across IaaS, PaaS, SaaS, and On-Prem. API keys, secrets, OAuth tokens, SSH keys, service accounts, webhooks, IAM roles, certificates, and more.
Threat-driven
The only NHI Security solution with threat detection engines, exposing anomalous behavior, policy deviations, and supply chain compromises.
Secret scanning
Secure your secrets across cloud environments with rich context and risk prioritization.
Leading research team
Platform is supported by the most advanced NHI research group in the industry. Discovered a Zero-Day vulnerability in GCP.
Enterprise-ready
Integrate remediation with your tech stack and workflows. Connect to your SIEM/SOAR/ITSM from the get-go, and easily apply granular RBAC.
Market leader
NHI Security pioneers and innovators. Supporting Fortune 500 enterprises. Monitoring 2 Million NHIs.
“Astrix strengthens our identity security program by providing us with continuous visibility and governance over thousands of NHIs.”
“Astrix is more than a security tool. It’s an extension of security throughout the whole company.”
“Astrix helps us significantly reduce response time to NHI risks and quickly get to the root cause of the problem, which is key for mitigation.”
“Astrix took something that could have been a day or two of work and made it 30 minutes.”
“Astrix helps us us reduce the risk of data exfiltration, remediate third-party integration risks and go down to a least-privileged model.”
With Astrix we get a holistic view of which keys are talking where and what product they belong to.
Ready to see Astrix in action?
See how Astrix can help you discover and remediate NHI risks across your environments.