Black Hat 2022: Why machine identities are the most vulnerable
Couldn't attend Transform 2022? Check out all the summit sessions in our on-demand library now! Look here.
Enterprises struggle to secure machine identities because hybrid cloud setups are too complex to manage, leading to security holes that cyberattackers exploit. Adding to the confusion are the differences between public cloud providers' approaches to defining machine-based identities using their native Identity Access Management (IAM) applications. Additionally, due to differences in IAM management and machine identity management across cloud platforms, it can be difficult to enforce zero-trust principles, enabling least-privilege access in a hybrid cloud environment.
Managing certificate lifecycles on hybrid cloud deployment models for machine identities is a technical challenge that many enterprise IT teams lack the resources to address. According to Osterman Research, 61% of organizations cannot track the certificates and keys of their digital assets. Given how quickly workload-based machine identities can be created, including containers, transaction workflows, and virtual machines (VMs), it's understandable that only around 40% of machine identities are followed. IAM is becoming more difficult every day, as the average employee has over 30 digital identities on average, with a typical business having over 45 times more machine identities than human identities.
Machine identities are high risk in hybrid cloudsTwo sessions from the Black Hat 2022 cybersecurity conference discussed why machine identities are a high-risk attack surface, made more vulnerable in hybrid cloud setups. The first session, entitled IAM The One Who Knocks, presented by Igal Gofman, Research Director at Ermetic and Noam Dahan, Research Director at Ermetic. The second was titled I AM whoever I Say I Am: Infiltrating Identity Providers Using a 0Click Exploit, presented by Steven Seeley, a security researcher at the 360 Vulnerability Research Institute. Both presentations provided recommendations on what companies can do to reduce the risk of breach.
In the presentation, IAM The One Who Knocks, researchers IGofman and Dahan illustrated how different mainstream cloud platforms' approaches to IAM are. Protecting machine identities with each public cloud platform's native IAM support simply doesn't work because gaps in hybrid cloud setups leave machines vulnerable. Their presentation provided insight into what makes the IAM approaches of Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) different.
EventMetaBeat 2022
MetaBeat will bring together thought leaders to advise on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
Couldn't attend Transform 2022? Check out all the summit sessions in our on-demand library now! Look here.
Enterprises struggle to secure machine identities because hybrid cloud setups are too complex to manage, leading to security holes that cyberattackers exploit. Adding to the confusion are the differences between public cloud providers' approaches to defining machine-based identities using their native Identity Access Management (IAM) applications. Additionally, due to differences in IAM management and machine identity management across cloud platforms, it can be difficult to enforce zero-trust principles, enabling least-privilege access in a hybrid cloud environment.
Managing certificate lifecycles on hybrid cloud deployment models for machine identities is a technical challenge that many enterprise IT teams lack the resources to address. According to Osterman Research, 61% of organizations cannot track the certificates and keys of their digital assets. Given how quickly workload-based machine identities can be created, including containers, transaction workflows, and virtual machines (VMs), it's understandable that only around 40% of machine identities are followed. IAM is becoming more difficult every day, as the average employee has over 30 digital identities on average, with a typical business having over 45 times more machine identities than human identities.
Machine identities are high risk in hybrid cloudsTwo sessions from the Black Hat 2022 cybersecurity conference discussed why machine identities are a high-risk attack surface, made more vulnerable in hybrid cloud setups. The first session, entitled IAM The One Who Knocks, presented by Igal Gofman, Research Director at Ermetic and Noam Dahan, Research Director at Ermetic. The second was titled I AM whoever I Say I Am: Infiltrating Identity Providers Using a 0Click Exploit, presented by Steven Seeley, a security researcher at the 360 Vulnerability Research Institute. Both presentations provided recommendations on what companies can do to reduce the risk of breach.
In the presentation, IAM The One Who Knocks, researchers IGofman and Dahan illustrated how different mainstream cloud platforms' approaches to IAM are. Protecting machine identities with each public cloud platform's native IAM support simply doesn't work because gaps in hybrid cloud setups leave machines vulnerable. Their presentation provided insight into what makes the IAM approaches of Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) different.
EventMetaBeat 2022
MetaBeat will bring together thought leaders to advise on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
