WHY ASTRIX

It’s Time to Secure the Biggest Identity Blindspot of Modern Times

Human identities and login credentials are tightly monitored and secured. 
Non-Human Identities (NHIs) like API keys and service accounts provide the same (or more) privileged access to corporate IP and customer data, but remain under the radar.

EXPONENTIAL EXPOSURE

20,000 Non-human identities for every 1,000 employees

NHIs are the building blocks of automation and innovation, so they will only continue to grow in number. Astrix allows you to gain visibility and governance over NHIs across environments.

NHI ATTACKS ARE ON THE RISE

Threat actors love NHIs

CircleCI

CircleCI

Jan 2023

Malware bypassed antivirus on an engineering employee’s computer, allowing attackers to steal session tokens, which gave them full access to accounts, even those protected by two-factor authentication.

Slack

Jan 2023

Threat actors gained access to Slack’s externally hosted GitHub repositories via a “limited” number of stolen Slack employee tokens.

Jumpcloud

Jul 2023

During an ongoing investigation of a breach, Jumpcloud invalidated all API keys and later urged its customers to rotate all tokens provided.

Microsoft365

Jul 2023

Hackers stole an inactive signing key from a breached Azure system, used it to create valid email access tokens, and accessed Office365 accounts across multiple Azure AD cloud customers.

Microsoft

Sep 2023

A published SAS token by Microsoft’s AI researchers exposed 38TB of sensitive data for over 2 years.

GitHub Dependabot

Sep 2023

Hackers stole GitHub Personal Access Tokens and used them to make unauthorized commits as Dependabot to various repositories.

Okta

Oct 2023

Attackers used a leaked service account to access Okta’s support case management system, viewing files from recent customer support cases.

Cloudflare

Nov 2023

Hackers breached Cloudflare’s Atlassian suite via an unrotated token and service account credentials, despite Cloudflare rotating 5000 credentials after the Okta breach.

Microsoft

Jan 2024

Russian state-sponsored hackers abused OAuth applications to breach Microsoft’s Office 365 email server, exposing internal email correspondences.

Dropbox Sign

May 2024

Threat actors stole customer data, including API keys and OAuth tokens. Dropbox recommended rotating these keys and tokens for Google Workspace, Office 365, and Salesforce.

Snowflake

May 2024

Hundreds of Snowflake instances were breached by the financially motivated threat actor UNC5537, affecting approximately 165 organizations.

New York Times

Jun 2024

Attackers stole the New York Times’ source code by exploiting an over-privileged GitHub token, granting access to all repositories.

HuggingFace

Jun 2024

HuggingFace reported an unauthorized access to their servers, resulting in the theft of tokens and API keys from its Spaces platform.

JetBrains

Jun 2024

JetBrains found a vulnerability in their GitHub Plugin for IntelliJ IDEs, risking unauthorized access to GitHub repositories. They urged customers to revoke the plugin’s access by deleting PATs and OAuth app tokens.

GitHub

Jun 2024

The threat actor Gitloker exploited malicious OAuth apps to target GitHub users, causing significant data loss and ransom demands.

AWS

Aug 2024

Massive NHI Attack: Insecure AWS stored NHIs and machine credentials lead to compromise of 230 Million cloud environments.

“We recommend rotating all credentials”

Even if you don’t get hit, when one of your vendors is breached, you will need to spend 100s-1000s of man-hours to find and rotate compromised credentials – and still be unsure if you covered all of them.

Astrix expedites IR efforts by automatically mapping every associated NHI, and showing you its risk and everything it’s connected to, so you can remove or rotate in a jiff.

THE ASTRIX ADVANTAGE

All NHIs. All environments. 
Threat-driven.

All NHIs & environments

Supporting corporate & production env. across IaaS, PaaS, SaaS, and On-Prem. API keys, secrets, OAuth tokens, SSH keys, service accounts, webhooks, IAM roles, certificates, and more.

Threat-driven

The only NHI Security solution with threat detection engines, exposing anomalous behavior, policy deviations, and supply chain compromises. 

Secret scanning

Secure your secrets across cloud environments with rich context and risk prioritization. 

Leading research team 

Platform is supported by the most advanced NHI research group in the industry. Discovered a Zero-Day vulnerability in GCP. 

Enterprise-ready

Integrate remediation with your tech stack and workflows. Connect to your SIEM/SOAR/ITSM from the get-go, and easily apply granular RBAC.

Market leader

NHI Security pioneers and innovators. Supporting Fortune 500 enterprises. Monitoring 2 Million NHIs.

“Astrix strengthens our identity security program by providing us with continuous visibility and governance over thousands of NHIs.”

Yaniv Toledano Global CISO

“Astrix is more than a security tool. It’s an extension of security throughout the whole company.”

Kyle Kurdziolek Director of Cloud Security

“Astrix helps us significantly reduce response time to NHI risks and quickly get to the root cause of the problem, which is key for mitigation.”

Carl Siva, CISO

“Astrix took something that could have been a day or two of work and made it 30 minutes.”

Branden Wagner Head of Information Security

“Astrix helps us us reduce the risk of data exfiltration, remediate third-party integration risks and go down to a least-privileged model.”

Rob Preta Director of Cybersecurity

With Astrix we get a holistic view of which keys are talking where and what product they belong to.

Alec Lessard Information Security, Senior Manager

Ready to see Astrix in action?

See how Astrix can help you discover and remediate NHI risks across your environments.