Ep 6: Non-Human Identities - The Silent Risk in Cloud Security
Episode 4 of the Access Granted podcast, hosted by Britive, titled "Ep 6: Non-Human Identities - The Silent Risk in Cloud Security" was published on December 5, 2024 and runs 52 minutes.
December 5, 2024 ·52m · Access Granted
Summary
Explore Britive’s Multi-Cloud PAM platform: https://www.britive.com/ In this episode of Access Granted, Nauman Mustafa dives into the critical, and often overlooked topic of securing non-human identities (NHIs) in cloud environments. Lalit Choda, founder of the Non-Human Identity Management Group, joins in the conversation to explore how and why they’ve become a significant security risk and what organizations can do to address them. Key discussion topics include: What’s considered an NHI? Examples include API keys, service accounts, automations, and more. How static credentials, secrets sprawl, and stale accounts create vulnerabilities and increase the attack surface. Practical steps for organizations, including scanning repos for hard-coded credentials, cycling tokens, and creating a full NHI inventory. The importance of Zero Standing Privileges (ZSP) and just-in-time (JIT) access to securing NHIs without impeding developer agility. The intersection of AI, NHIs, and security – and balancing innovation with robust protection 👥: Visit the Non-Human Identity Management Group: https://www.linkedin.com/groups/13038250/ 🎧 Listen to Access Granted on Spotify: https://open.spotify.com/show/7ukJOqUhDmTRj2pm3ykibS
Episode Description
Explore Britive’s Multi-Cloud PAM platform: https://www.britive.com/
In this episode of Access Granted, Nauman Mustafa dives into the critical, and often overlooked topic of securing non-human identities (NHIs) in cloud environments. Lalit Choda, founder of the Non-Human Identity Management Group, joins in the conversation to explore how and why they’ve become a significant security risk and what organizations can do to address them.
Key discussion topics include:
- What’s considered an NHI? Examples include API keys, service accounts, automations, and more.
- How static credentials, secrets sprawl, and stale accounts create vulnerabilities and increase the attack surface.
- Practical steps for organizations, including scanning repos for hard-coded credentials, cycling tokens, and creating a full NHI inventory.
- The importance of Zero Standing Privileges (ZSP) and just-in-time (JIT) access to securing NHIs without impeding developer agility.
- The intersection of AI, NHIs, and security – and balancing innovation with robust protection
👥: Visit the Non-Human Identity Management Group: https://www.linkedin.com/groups/13038250/
🎧 Listen to Access Granted on Spotify: https://open.spotify.com/show/7ukJOqUhDmTRj2pm3ykibS
Similar Episodes
Apr 6, 2026 ·15m
Apr 6, 2026 ·6m
Apr 6, 2026 ·5m
Apr 6, 2026 ·6m
Apr 6, 2026 ·6m
Apr 6, 2026 ·6m