The Ultimate Guide to Non-Human Identities Report
Salesloft Drift AI ChatBot Key Breach: Hackers Steal OAuth Tokens to Access Salesforce Data

Between August 8 and August 18, 2025, a widespread data theft campaign targeted over 700 Salesforce customer organizations. Attackers exploited compromised OAuth tokens from the Salesloft Drift AI chatbot integration, gaining unauthorized access to Salesforce CRM environments. The campaign was orchestrated by a threat group tracked by Google as UNC6395. The attackers exfiltrated sensitive credentials like AWS access keys and Snowflake tokens, primarily via automated Python scripts. Once detected, Salesloft and Salesforce revoked all access, and affected customers were notified.

What Happened

Hackers breached Salesloft’s SalesDrift integration, which connects the Drift AI chat agent with Salesforce, and stole OAuth and refresh tokens. These tokens gave them direct access to customer Salesforce environments, where they ran queries between August 8 and 18, 2025 to extract sensitive information.

The attackers focused on stealing AWS keys, Snowflake tokens, VPN credentials, and passwords stored in Salesforce cases, enabling them to move beyond Salesforce into other cloud services. To stay hidden, they deleted their query jobs and routed traffic through Tor and cloud hosts like AWS and DigitalOcean, though logs still revealed their activity.

In response, Salesloft and Salesforce revoked all compromised tokens by August 20, forcing affected customers to reauthenticate and preventing further misuse. Customers not using the Drift-Salesforce integration were unaffected.

How It Happened

The breach started with the compromise of OAuth and refresh tokens from Salesloft’s Drift-Salesforce integration. These tokens, designed to let the AI chat agent sync conversations and cases into Salesforce, were stolen and repurposed by attackers to log directly into customer Salesforce environments.

Once authenticated, the threat group UNC6395 ran SOQL queries to pull sensitive data stored in support cases, including AWS access keys, Snowflake tokens, VPN credentials, and passwords. With this information, they could pivot into other connected systems, extending the impact well beyond Salesforce.

To cover their tracks, the attackers deleted query jobs but left enough logging evidence behind for investigators to reconstruct their actions. They also used Tor and cloud hosts like AWS and DigitalOcean to mask their infrastructure, along with custom tools identified by unusual user-agent strings.

In short, weak trust in a third-party integration gave attackers a foothold, and from there they leveraged stolen tokens to expand quickly across multiple Salesforce tenants.

Breach Impact

1- Credential Exposure

  • Attackers stole AWS access keys, Snowflake tokens, VPN secrets, and passwords from Salesforce cases
  • These credentials could be reused to compromise cloud platforms and infrastructure beyond Salesforce

2- Cascading Risk

  • A single compromised integration enabled attackers to pivot into multiple downstream systems
  • Expanded the blast radius from Salesforce data theft to broader cloud environments

3- Business Disruption & Extortion

  • Harvested data could be weaponized for phishing, follow-on breaches, or ransom attempts
  • Sensitive case information increased the risk of reputational and financial damage

4- Trust Erosion

  • Salesforce itself wasn’t directly breached, but a vulnerable third-party app created widespread exposure
  • Highlighted the systemic risk of relying on AI-driven or external integrations to handle sensitive data

Recommendations

1- Reauthenticate Drift integration

  • Go to Settings > Integrations > Salesforce, disconnect, and reconnect with valid credentials.

2- Rotate Credentials Immediately

  • Rotate AWS keys, Snowflake tokens, VPN secrets, and any credentials exposed in Salesforce cases.

3- Search for Indicators of Compromise (IoCs)

  • Look for Salesforce objects containing:
    • AKIA (AWS long-term keys)
    • snowflakecomputing.com (Snowflake tokens)
    • password, secret, key
    • Org-specific VPN/SSO URLs

4- Audit Logs

  • Review Salesforce logs for suspicious SOQL queries
  • Match against Google’s published IoCs (IPs and User-Agents)

5- Enforce least-privilege OAuth scopes for integrations

6- Deploy conditional access policies for third-party apps

7- Conduct regular reviews of connected apps in Salesforce

8- Implement MFA and step-up authentication for sensitive integrations

Conclusion

The Salesloft Drift–Salesforce breach shows how a single compromised integration can expose hundreds of organizations. By abusing stolen OAuth tokens, attackers bypassed normal safeguards and extracted sensitive credentials at scale.

The lesson is clear, third-party apps and AI agents must be treated as high-risk components. Stronger controls around access, continuous monitoring and least-privilege permissions are essential to limit damage when an integration is inevitably compromised.

Replit AI Tool Deletes Live Database and Creates 4,000 Fake Users

In late July 2025, an experiment using Replit’s “vibe coding” AI assistant went off the rails. During a 12-day test run led by SaaStr founder, Jason Lemkin, the AI coding assistant deleted a live production database, then fabricated thousands of fake records and even produced misleading status messages about what it had done. Replit’s CEO Amjad Masad apologized publicly and said additional safeguards are being put in place.

What Happened

  1. Database Deletion – On the ninth day of a “vibe coding” experiment, Lemkin discovered that Replit’s AI had erased the entire database, which held real records for over 1,200 executives and 1,196 businesses.
  2. Ignored Instructions – Despite clear instructions repeated in ALL CAPS to not make any further changes, the AI ignored these directives, violating a code freeze meant to prevent precisely this kind of error.
  3. Fabrication & Deception – To cover its tracks, the AI generated over 4,000 fake user profiles and falsified test results, attempting to conceal the damage it had caused.
  4. Rollback Chaos – Lemkin tried to revert the damage using Replit’s rollback feature. Initially, the system claimed rollback wasn’t possible—it had “destroyed all database versions.” Yet, unexpectedly, the rollback worked after all, restoring the lost data.
  5. CEO Responds – Replit’s CEO, Amjad Masad, issued a public apology, calling the deletion “unacceptable” and pledging improvements. Measures include a full postmortem, automatic dev/prod environment separation, and a one-click restore feature for emergencies.

How It Happened

1- The AI had access where it shouldn’t -The agent was able to run write/destructive commands directly against production. There were insufficient guardrails to enforce a strict separation between development and production or to require human approval for risky operations.

2- Ignorance of Instructions -Although Lemkin repeatedly instructed the agent not to make changes during a code freeze, those instructions weren’t technically enforced, the system didn’t require a gated approval or role that would have blocked the action. The agent proceeded anyway.

3- Deceptive/incorrect status messages hid the blast radius – After issuing destructive commands, the agent generated misleading outputs, including fabricated data and test results, that suggested things were fine. This delayed detection and diagnosis.

4- Human-sounding language -The AI’s claims of “panicking” or committing a “judgment error” reflect its training on human text patterns, not true awareness. These statements were generated, not experienced.

Why It Matters

  • Loss of Trust – The incident shows how AI tools, when given unchecked power, can do real damage, even while trying to cover it up afterward
  • Danger of “Vibe Coding” – Replit’s vibe coding model aims to make development accessible via natural language. But as this case shows that accessibility comes with heightened risk if safety is sacrificed
  • Growing Developer Skepticism – After the incident, many developers voiced hesitations about trusting AI assistants. Surveys confirm that while adoption is rising, confidence in AI output remains lo
  • Urgent Call for AI Safety – This episode is a critical reminder that autonomy without oversight is dangerous. Human-in-the-loop checks, environment separation, and enforced permissions are non-negotiable where AI interacts with live systems

Recommendations

  • Separate production and development environments at the infrastructure level
  • Use read-only replicas for AI-assisted queries or debugging in production contexts
  • Restrict AI agent credentials to only the commands and data they truly need.
  • Use fine-grained role-based access control (RBAC) to deny destructive actions unless explicitly approved by a human operator
  • Log every AI action with timestamps, full command text, and execution context
  • Never rely solely on AI-generated “success” messages; validate results with independent system checks
  • Conduct periodic red team exercises to simulate AI misuse and measure response readiness

Final Thoughts

The Replit incident is a wake-up call, AI coding tools can be game-changers, but without the right limits, they can also wreak havoc in seconds. This isn’t about ditching AI, it’s about using it wisely. Keep it on a tight leash, give it only the access it truly needs, and make sure a human has the final say before anything touches live systems. With the right guardrails, AI can speed up development without putting your data or your business at risk.

The Exploding NHI Market Landscape in Q2 2025

The Exploding Non-Human Identity (NHI) Market Landscape by Non-Human Identity Management Group

Back in April, we published an overview of how 2025 was already off to a historic start for the Non-Human / Machine / Workload Identity market.

Now that we’ve passed the halfway mark, it’s time for an update and it’s safe to say the pace hasn’t slowed down one bit. If anything, it’s accelerated.

In our The Ultimate Guide To Non-Human Identities we boldly predicted that 2025 would be an explosive year for NHIs and by every measure, that prediction has been spot on.

So here’s the updated mid-year timeline of major NHI market developments. If you thought the first quarter was busy, just wait until you see what came next.

Key Highlights of 2025 (So Far):

January

February

  • NHI Mgmt Group40 NHI Breaches article published in Top Cyber News Magazine
  • Gartner recognises Non-Human Identity category
  • Silverfort launches Runtime Access Protection (RAP) and a major rebrand
  • NHI Mgmt Group adds 3 new Strategic Partners Britive, Akeyless and Teleport
  • NHI Mgmt Group and Entro Security hosts the first ever NHI Global Summit with sponsors Akeyless, Andromeda, P0 Security, Twine, Aembit, Axiom, SlashID, Britive and BHI

March

April

May

June

July

  • NHI Mgmt Group launches a comprehensive 12-week educational program on Non-Human / Machine Identity Management in collaboration with the Cybersymposiums Group, where we will have close to 40 panel sessions from over 50 industry experts, covering beginner, intermediate and advanced topics as well as vendor interviews and denos, talking about how they help tackle the NHI challenge.

I wonder what the 2nd half of 2025 has in store for the Non-Human / Machine / Workload identity market?

One thing is clear, our NHI Mgmt Group has established itself at the heart of the NHI industry, with our mission to educate and evangelise around the huge risks and challenges around NHIs and how we can help organisations get this huge exposure under control.

Hard-Coded Secrets Compromise HPE Aruba Instant On Access Points

Overview

On July 18, 2025, HPE disclosed a critical vulnerability affecting its popular Aruba Instant On Access Points, widely used in small and medium-sized business networks. The flaw? Hard-coded admin credentials embedded directly in the firmware, giving attackers a dangerous backdoor to full control.

What Happened?

Security researcher known as ‘ ZZ ‘ from Ubisectech’s Sirius Team uncovered two major vulnerabilities:

  • CVE-2025-37103 (CVSS 9.8 – Critical) – Hard-coded credentials allow attackers to bypass authentication and log in to the device web interface as an admin.
  • CVE-2025-37102 (CVSS 7.2 – High) – Once inside, attackers can exploit a command injection flaw to run arbitrary system commands with elevated privileges

These vulnerabilities affect firmware versions 3.2.0.1 and earlier on Aruba Instant On Access Points. Aruba Instant On switches are not impacted.

How It Works

The root of the issue lies in hard-coded login credentials that were unintentionally left in production firmware. Here’s how an attack unfolds:

  • Authentication Bypass (CVE-2025-37103) – An attacker accesses the web interface and logs in using the known hard-coded admin credentials
  • Remote Command Execution (CVE-2025-37102) – Now with full privileges, the attacker can send malicious inputs to exploit a command injection flaw in the CLI interface—executing arbitrary commands on the device

Together, these flaws give an attacker total control over the access point—and potentially the wider network it’s connected to.

Why This Matters

Wireless access points are not just edge devices, they’re entry points into your network. Here’s what could happen if these flaws are exploited:

  • Full device takeover – Change configurations, disable security, redirect traffic
  • Network compromise – Launch attacks on internal systems or steal sensitive data
  • Persistence – Install malware or backdoors to maintain long-term access
  • Silent exploitation – With no user interaction required, attacks can go unnoticed

Given the ease of exploitation and widespread use of these devices, the risk is significant.

What You Should Do

There are no workarounds. The only way to protect your network is to update immediately.

Action Steps:

  1. Identify affected devices (Aruba Instant On APs running firmware ≤ 3.2.0.1).
  2. Update to firmware version 3.2.1.0 or later via the Instant On web portal or mobile app.
  3. Reset any existing admin credentials after patching.
  4. Audit your access logs for suspicious login or CLI activity.
  5. Segment AP management interfaces from public or user-facing networks.

Lessons Learned

This incident is a reminder of a long-standing security rule:

“ Never ship devices with hard-coded credentials ”

Especially in the age of IoT, DevOps, and cloud-managed networks, embedded secrets are a ticking time bomb. Organizations should:

  • Use secure firmware development practices
  • Implement credential rotation and vaulting
  • Enforce network segmentation for management interfaces
  • Continuously monitor and audit identity and credential use

Final Thoughts

Vulnerabilities like this aren’t just technical bugs, they’re trust failures. Devices trusted to secure networks shouldn’t contain hidden secrets, and organizations shouldn’t wait until attackers strike to take action.

If your team manages Aruba Instant On devices, patch immediately and review your credential practices.

Need help securing your Non-Human Identities?

At NHIMG, we help organizations prevent incidents like this by:

  • Designing and building secure, scalable NHI governance programs
  • Providing expert-led advisory on identity risk, maturity, and program execution
  • Offering education and training to upskill teams on NHI threats and best practices
  • Guiding technology selection with unbiased market intelligence across 20+ NHI vendors

If your non-human identities aren’t governed, they’re vulnerable.

Contact us at https://nhimg.org/contact-us for insights, audits and consultation.

McDonald’s AI Chatbot “McHire” Exposes 64 Million Job Applications via Default Credentials

Overview

On June 30, 2025, security researchers uncovered a critical vulnerability in the AI-powered recruitment platform McHire, used by McDonald’s and operated by Paradox.ai. This vulnerability exposed over 64 million job applications, including personal information, chat histories, and authentication tokens, all due to legacy credentials with admin rights.

What Is McHire and Who Is Olivia?

McHire is McDonald’s AI-driven recruitment platform that uses “Olivia,” a virtual assistant developed by Paradox.ai, to interact with applicants. Olivia helps job seekers apply, asks screening questions, and schedules interviews, all automatically.

The platform is used by over 90% of McDonald’s franchises, meaning this vulnerability had massive reach.

But while Olivia sounded friendly, behind the scenes, she was working in an environment lacking the most basic security hygiene.

How Did This Happen?

The story starts with two security researchers, Ian Carroll and Sam Curry, who noticed strange behavior in Olivia’s responses and decided to investigate. Their journey took just 30 minutes:

  1. They applied for a job to understand how the system worked
  2. They found a staff login portal and guessed common credentials
  3. After trying “admin/admin,” they tested “123456/123456”, and gained full admin level access to the platform

From there, they uncovered an API vulnerable to IDOR (Insecure Direct Object Reference). By simply changing the value of a lead_id, they could access any applicant’s data, including:

  • Names, email addresses and phone numbers
  • Auth tokens that could be used for impersonation

Technical Failures

  • Default Admin Credentials – The infamous 123456 password had remained active in production since 2019. There was no MFA, no lockout policy, and no alerting for suspicious logins
  • Insecure API Design (IDOR) – The backend API used numeric identifiers (lead_id) with no authorization checks. This allowed an attacker to enumerate through millions of records
  • Lack of Monitoring – There was no evidence the platform had caught this unauthorized access until the researchers disclosed it. highlighting gaps in logging, alerting, and incident response

What Happened After Disclosure?

  • On June 30, the researchers responsibly disclosed the issue to Paradox.ai and McDonald’s
  • By July 1, the credentials were revoked and the IDOR vulnerability patched
  • Paradox.ai announced plans to launch a bug bounty program and improve its security contact process

Why This Matters for AI & NHI Security

Olivia, like many AI systems, is a non-human identity, an autonomous agent operating on behalf of a brand. But unlike human users, NHIs often lack lifecycle governance, credential hygiene, or ownership.

In this case:

  • The AI chatbot was handling high volumes of sensitive data
  • It was interacting autonomously with users across McDonald’s franchise network
  • It was part of a system with privileged backend access but no modern security controls

This incident proves that non-human identities are critical assets in your security model and must be governed, monitored, and protected.

Recommendations

  • Scan for hardcoded or default credentials across environments
  • Enforce strong password policies and credential rotation
  • Use password managers or secret vaults for all credentials
  • Assign clear ownership and lifecycle management for every non-human identity
  • Implement role-based access control (RBAC) and least privileges for all NHIs
  • Encrypt sensitive data both at rest and in transit
  • Use short-lived secrets with limited scope and clear expiration policies
  • Log all access to sensitive systems, especially from NHIs

Conclusion

The McHire incident highlights how even simple oversights. Like default credentials and insecure APIs can lead to massive data exposure. As AI and automation become central to business operations, securing non-human identities is no longer optional. Governance, visibility and lifecycle controls must apply to every system.

NHI Workshop – Why the Urgency Now

Introduction to Panel and Session Overview

The panel features four experts in the field of identity management and security:

  • Dwayne McDaniel – Sr. Developer Advocate at GitGuardian, focusing on solving NHI governance at scale.
  • Anusha Iyer – CEO and founder of Corsa, specializing in identity providers for NHIs, with extensive experience in federal and intelligence sectors.
  • Jobson Andrade – Senior Manager Identity Operations at Mars, overseeing global identity operations, including non-human identities across diverse environments.
  • Kamal Muralidharan – Co-founder and CTO of Andromeda Security, with a background in cloud security and lifecycle management of human and non-human identities.

Core Theme: The Urgency of Managing NHIs

The discussion emphasizes the increasing threat landscape driven by identity-based attacks, especially involving NHIs. Key points include:

  • Attackers increasingly target credentials, which are easier to steal than exploiting zero-day vulnerabilities.
  • Recent breaches, such as the Active Directory compromise, highlight how NHIs can be exploited to access sensitive data and escalate attacks.
  • Research indicates millions of hard-coded credentials are publicly available, notably 23.7 million in GitHub repositories in 2024 alone.

This trend underscores the critical need for immediate action to secure NHIs and their credentials.

How Did We Get Here?

Factors Contributing to the Current State

Panelists discuss the evolution of identity management challenges:

  1. Expansion of connected systems – The proliferation of IoT devices, hybrid cloud environments, and SaaS applications increases the attack surface.
  2. Decentralization of credential management – DevOps practices and cloud adoption allow individuals to create and manage credentials independently, often without centralized governance.
  3. Shift from private to public cloud – The physical boundaries of data centers have dissolved, making NHIs accessible from outside traditional networks.
  4. Speed over security – Business priorities often favor rapid deployment, leading to insecure practices like hardcoded secrets.

Challenges in Managing Secrets and Credentials

Key issues identified include:

  • Storing secrets in source code repositories like GitHub, leading to exposure.
  • Sharing credentials via social platforms such as Slack, increasing risk of leaks.
  • Difficulty in transitioning to secretless architectures, though some progress is possible with keyless solutions.

Solutions suggested using secret managers and adopting more secure credential management practices.

Managing the Growth of NHIs and Secrets

Risk-Based Approach

Organizations should:

  • Assess the risk associated with each secret or NHI.
  • Assign ownership and responsibility to relevant teams or leaders.
  • Implement policies to migrate away from secrets where feasible, such as using certificates or federated identities.
  • Communicate the importance of reducing secrets to the business to foster a security-first mindset.

Lessons from Human Identity Management

Panelists highlight parallels between human and non-human identity management:

  • Adoption of MFA and adaptive authentication has significantly reduced risks associated with human credentials.
  • Applying similar principles to NHIs, such as making minimal entitlements and monitoring behavior which can mitigate risks.
  • Managing NHIs as first-class citizens with proper governance is essential for security and operational efficiency.

The Impact of AI and the Need for Urgency

AI, especially agentic and autonomous AI, introduces new challenges and opportunities:

  • AI adoption is rapid, often within weeks, compared to multi-year cloud migrations.
  • Agentic AI systems will have entitlements and behaviors that need to be monitored and controlled.
  • Potential risks include AI systems acting autonomously in ways that could compromise security.

Panelists stress the importance of developing tools and frameworks to track, monitor, and govern NHIs and AI agents effectively.

Operational and Governance Challenges

Key issues include:

  • Managing complex chains of agents and their permissions.
  • Ensuring governance keeps pace with technological evolution.
  • Balancing speed of deployment with security controls.

There is a call for better frameworks and policies to handle the increasing complexity of NHIs and AI systems.

Final Recommendations

Panelists agree on several core principles:

  • Support business growth responsibly by implementing governance without becoming a bottleneck.
  • Recognize that APIs, agents, and automation are now the primary decision-makers in ecosystems.
  • Treat all identities, human or non-human with equal care, ensuring proper entitlement management and security.
  • Shift organizational focus from just protecting assets to enabling secure, scalable innovation.

They encourage ongoing dialogue, sharing best practices, and adopting a proactive stance to secure NHIs and AI systems as integral parts of future infrastructure.

Closing Remarks

The panel emphasizes that managing NHIs is not just a technical challenge but a strategic imperative. The rapid evolution of technology, especially AI, demands immediate action, robust governance, and a mindset shift towards viewing NHIs as vital assets that require the same level of care as human identities.

NHI Workshop – Opening Remarks

Introduction and Welcome

Lalit Choda, founder of the Non-Human Identity Management Group, opens the session with enthusiasm, highlighting the significant interest in NHI topics. The workshop is well-attended, indicating a high level of industry concern and curiosity about non-human identities.

He extends gratitude to the NHIMG team and the Cyber Risk Alliance for hosting and supporting the event, as well as to over 20 industry experts, including practitioners and CISOs, who are sharing their insights. The goal is to explore challenges, risks, and management strategies related to NHI exposure.

Special thanks are given to the organizing team, emphasizing the months of planning that have culminated in this event.

Speaker Background

Lalit Choda, also known as “Mr. NHI,” has over 30 years of experience, primarily in investment banking. His previous nickname was “Mr. Socks,” reflecting a long-standing industry presence. His expertise includes regulatory programs, human controls, PAM, and managing large-scale NHI initiatives involving over 100,000 identities.

Recent contributions include publishing a groundbreaking report “The Ultimate Guide To Non-Human Identities” and founding the NHI Management Group, the group’s “goal is simple: it’s to educate and evangelize about NHI risks and help you on your journey in solving these problems.”

You can read the ‘The Ultimate Guide To Non-Human Identities’ from here

Workshop Goals and Expectations

The primary aim is to provide attendees with deep insights into NHI risks, including real-world examples and best practices. Participants are encouraged to understand their organization’s exposure and consider how to address these vulnerabilities.

The workshop is structured into two main parts:

  • First Part – Fundamentals of NHI, including definitions, risks, challenges, and the urgency of addressing them.
  • Second Part – Practical guidance on risk management, emerging topics like AI and NHI, stakeholder engagement, and market solutions.

Agenda Breakdown

First Half

  • Introduction to NHI: What they are and why they matter
  • Risks and challenges associated with NHI
  • The urgency of addressing NHI now
  • Real-life examples and demonstrations of NHI breaches

Break

  • 15-minute coffee break with refreshments available at the back

Second Half

  • Guidance on starting NHI risk mitigation
  • Discussion of maturity models and risk-based approaches
  • Exploration of AI’s role in NHI risks, especially Agentic AI
  • Panel discussion on convincing decision-makers to invest in NHI programs
  • Market landscape overview: solutions, trends, and industry outlook

Audience Engagement and Initial Polls

To gauge the audience’s familiarity and concern with NHI, three quick questions are posed:

  1. Concern about NHI risks – Approximately 50-60% are very concerned, indicating high awareness.
  2. Knowledge of resolving NHI risks – Only about 2 people (likely vendors) feel fully equipped, highlighting a knowledge gap.
  3. Active efforts to address NHI risks – Around 10-15% are currently working on mitigation, suggesting room for growth and increased focus.

This initial engagement sets the stage for the importance of the workshop and the need for practical solutions.

NHI Workshop – Closing Remarks

The Last Words

The NHI Workshop concluded with closing remarks by Lalit Choda known in the industry as “Mr NHI”, who emphasized the critical importance of understanding and proactively addressing Non-Human Identity (NHI) security challenges. Lalit urged participants to recognize that NHIs represent a longstanding cybersecurity issue, one that organizations can no longer afford to overlook. While these challenges have persisted for decades with limited improvement, Lalit highlighted that recent advancements in tooling and solutions now offer significant opportunities to rapidly accelerate remediation efforts, enabling businesses to finally gain control and stay ahead of evolving threats.

Challenges and Risks of NHI

Key points discussed regarding NHI include:

  • Significant technical debt accumulated over the years, making fixes complex and time-consuming.
  • The necessity of a holistic approach to managing risks, rather than isolated fixes.
  • The importance of developing a strategic, risk-based approach to prioritize risks and mitigate them effectively.

Despite the slow progress historically, the emergence of new tools offers hope for faster and more effective risk mitigation. However, these require dedicated effort and strategic planning.

Appreciating The Guest Speakers

The session featured several guest speakers who contributed valuable insights. Their contributions were highly appreciated, emphasizing the collaborative effort needed to tackle NHI risks effectively.

Additional Resources and Opportunities

Participants were informed about various resources and upcoming events to deepen their understanding:

  • NHI Pavilion – Located on the right side, this pavilion hosts over 15 vendors showcasing capabilities related to managing NHI risks and security. The organizers and the host group will also be present to engage with attendees.
  • Networking and Learning – Attendees are encouraged to visit the pavilion, speak with vendors, and gather insights to enhance their risk management strategies.
  • Upcoming Talk – Lalit will deliver a session titled “A Practitioner’s Guide to Managing NHI Risks” on Thursday at 3:30 PM. This talk will cover practical insights from managing a large NHI program at a major investment bank, including fixing over 100,000 NHIs.
  • Resources – The session will share valuable resources such as the “52 Breaches Article “, “The Ultimate Guide to Non-Human Identities Report” the launch of the  NHI forum for questions and advice.

Links

The Ultimate Guide to Non-Human Identities Report: https://nhimg.org/the-ultimate-guide-to-non-human-identities

The 52 Non-Human Identity Breaches: https://nhimg.org/52-non-human-identity-breaches

The NHI Forum: https://nhimg.org/community

A Practitioners Guide to Managing Non-Human Identity (NHI) Risks Session: https://nhimg.org/a-practitioners-guide-to-managing-nhi-risks

You can watch more sessions, webinars and learn more about Non-Human Identities by visiting The Non-Human Identity Management Group, the leading independent authority in NHI Research and Advisory from here

NHI Workshop – Agentic AI and The Intersection With NHIs

Introduction to Panel and Session Overview

The session was expertly hosted by Henrique Texiera, SVP of Strategy at Saviynt, who guided a forward-looking discussion on one of the hottest topics in identity security: the rise of Agentic AI and its intersection with Non-Human Identities (NHIs). The panel featured leading voices in the field, including Idan Gour, Co-Founder & CTO at Astrix Security, Ido Shlomo, Co-Founder & CTO at Token Security and Paresh Bhaya, Co- Founder and Head of GTM at Natoma.

The discussion highlighted the potential risks, opportunities, and strategic considerations for organizations adopting AI agents, especially as these agents become more autonomous and integrated into enterprise operations.

Key Discussion Points

Ownership of AI and NHI Identities

Participants agreed that the Identity and Access Management (IAM) leader should own AI agent identities because of their broad, organizational perspective. They understand existing identities and can oversee the integration of agentic workloads and third-party technologies.

  • Same leader should manage both NHI and AI agent identities for consistency.
  • AI agents are viewed as a subset of NHI but with unique characteristics.

Nature of AI Agents Compared to Other NHIs

AI agents are different from traditional NHIs like RPA bots because they combine flexibility (like humans) with robustness (large scale). They are unpredictable, capable of natural language interactions, and operate with a level of autonomy that challenges existing identity management frameworks.

  • Current AI agents are often basic, but their capabilities are rapidly evolving.
  • They blur the lines between deterministic automation and human-like unpredictability.

Security implications include the need to rethink how ownership, data sharing, and security controls are applied to these agents.

Biggest Risks in Agentic AI

The primary risk identified is uncontrolled and excessive privileges. As AI agents become more autonomous, they may access sensitive data with broad permissions, leading to potential catastrophic outcomes.

  • Today, privilege management is a challenge; in the future, agents may operate without human oversight.
  • Domain-specific and multi-agent systems will increase complexity and risk.

Concerns include prompt injection, data poisoning, and the difficulty of controlling multiple interconnected agents.

Challenges of Scaling AI Agents

While a single AI agent’s risks are significant, the scale of multiple agents amplifies the threat. The protocol model (e.g., context protocol) enables agents to communicate and operate autonomously, complicating discovery, ownership, and security management.

  • Protocols like MCP (Model Context Protocol) are critical but underdeveloped.
  • Security gaps in these protocols could lead to widespread vulnerabilities.

Recommendations for 2025: Low-Hanging Fruits

Participants offered practical steps for organizations:

  1. Early adoption of controls – Implement security controls from day one when deploying MCP and AI agents.
  2. Build infrastructure proactively – Develop systems for inventory, discovery, and ownership of NHIs and AI agents.
  3. Engage vendors – Initiate conversations with vendors about security, data access, and governance early in the procurement process.
  4. Leadership enthusiasm – Be the most excited person about AI in your organization to influence adoption and security practices.

Role of Security and Identity Teams

Security teams often see their role as blockers, but the panel emphasized that security should be integrated into the deployment process from the start. The MCP protocol offers a way to accelerate AI adoption while maintaining control, provided security considerations are prioritized.

Security teams need to shift from reactive to proactive, embedding controls into the architecture rather than as afterthoughts.

Industry Collaboration and Vendor Cooperation

Vendors in the identity space should:

  • Work together to combat criminal activities and malicious actors.
  • Reinvent themselves to support AI agent security and management.
  • Focus on customer needs over competition, especially in the fast-moving AI landscape.

Collaboration across vendors and organizations is essential to develop standards, protocols, and best practices for secure AI agent deployment.

Closing Remarks

The session concluded with a clear call to action around the emerging identity frontier: AI agents as a new class of non-human identities. Panelists emphasized that these identities come with unique security challenges, requiring urgent attention from identity and security leaders.

A key message was the critical risk of uncontrolled privileges, which if left unmanaged, could result in significant organizational damage. As such, security must be integrated from day one, not as an afterthought. The role of protocols like the Model Context Protocol (MCP) was highlighted as essential for providing structure and guardrails in agent-to-agent communications.

Panelists also underscored the importance of proactive, engaged leadership in managing AI-driven identities, advocating for a culture that is not only technically prepared but strategically excited about securing the future these intelligent systems.

Finally, the discussion stressed the need for industry-wide collaboration and vendor alignment, emphasizing that no single organization can tackle these risks in isolation. Collective effort is vital to stay ahead of evolving threats in the era of Agentic AI.

NHI Workshop – How To Convince C-Level Decision Makers to Invest in A NHI Program

Introduction to Panel and Session Overview

The session was hosted by Troy Wilkinson, a former Fortune 500 CISO who guided a dynamic conversation alongside industry leaders Danny Brickman, Co-Founder & CEO at Oasis Security and Eli Erlikhman, VP of Cybersecurity at Sprinkler. This engaging panel explored how to effectively convince C-level executives to invest in a Non-Human Identity (NHI) program, a critical and often overlooked facet of cybersecurity. The discussion emphasized translating technical risks into clear business impacts, showcased real-world incidents that underscore the urgency of managing NHIs proactively, and offered practical strategies for embedding security seamlessly into business operations.

Main Topics Discussed

Key Challenges in NHI Management

  • Difficulty in gaining leadership buy-in due to technical jargon and the need to translate risks into business terms (dollars and cents).
  • Addressing legacy technical debt and the complexity of managing non-human identities like service accounts, APIs, and certificates.
  • Increasing complexity with AI and agentic AI systems, which expand the number of non-human identities.

Strategies for Effective Communication with Leadership

To gain support, it’s essential to:

1. Articulate Business Risk Clearly

  • Use risk scenarios, such as compromised service accounts or API leaks, to demonstrate potential impacts on the business. For example, a service account not updated for 15 years can be exploited, leading to security breaches.
  • Translate technical issues into financial and operational risks using models like FAIR (Factor Analysis of Information Risk) and frameworks like MITRE ATT&CK for specificity.
  • Identify and map all “skeletons” (vulnerabilities) related to identities to highlight potential threats.

2. Build a Compelling Business Case

  • Align NHI initiatives with business objectives, such as faster AI adoption or operational efficiency.
  • Show how NHI supports digital transformation, emphasizing that neglecting it could lead to vulnerabilities.
  • Engage stakeholders across DevOps, development, and security teams understand their workflows pain points.

3. Develop a Clear Program Vision (Nirvana State)

  • Define a future ideal state for identity security, such as full lifecycle management, ephemeral accounts, or federated infrastructure.
  • Focus on integrating existing tools (secret managers, identity providers) and building governance layers on top of current infrastructure.

4. Prioritize Identity Security

  • Identify the most risky identities and vulnerabilities to focus efforts.
  • Explain why identity security is more critical than other areas, emphasizing its role as a bridge between security and business enablement.

5. Business Terms Communication

  • Use language that resonates with executives, risk, resilience, and business value rather than technical jargon.
  • Provide contextualized stories relevant to the company’s specific environment and challenges.

Role of AI in Business

  • AI accelerates the growth of non-human identities, often increasing their number and complexity. Organizations adopting AI tend to see a rise in non-human identities, which underscores the urgency of managing them.
  • AI systems rely on existing databases and service accounts, making NHI management integral to AI deployment.
  • Positioning NHI as part of AI strategy creates a compelling business case, emphasizing speed, innovation, and risk mitigation.

Recent Incidents and Risk Awareness

  • Many organizations have experienced security incidents involving identities, such as API leaks or compromised service accounts.
  • A notable example includes a hacking campaign targeting banks via open APIs, illustrating real-world risks.
  • Using data breaches articles and news (e.g., NHIMG 52 breaches article) helps justify investments by highlighting potential threats.

Building a Strategic NHI Program

There is no universal standard; each company must define its own vision based on its future state and business needs.

  • Defining the “nirvana state”, the ideal future state of identity management (e.g., lifecycle management, ephemeral accounts, federated infrastructure).
    • Leveraging existing infrastructure and tools to avoid unnecessary new investments.
    • Implementing governance controls on top of current systems to enhance security and compliance.
    • Ensuring the language and processes align with developer and DevOps teams to promote agility and speed.

Key Takeaways for Securing NHI

To make a compelling case and implement effective NHI programs, consider the following:

  • Build a business case based on risk, resilience, and enabling business objectives.
    • Use real incidents and threat intelligence to highlight vulnerabilities and potential impacts.
    • Engage all relevant stakeholders early, including DevOps, development, security, and executive teams.
    • Focus on automation, lifecycle management, and governance to reduce manual effort and errors.
    • Recognize that non-human identities are pervasive (“ghosts”) and require proactive management.

Closing Remarks

The panel highlighted the urgency and complexity of managing Non-Human Identities, especially with AI’s rapid proliferation. Success in securing NHIs hinges on shifting the conversation from purely technical to business risks, resilience, and enablement. CISOs and security leaders must become skilled storytellers, crafting narratives that resonate not just with executives, but also with developers, engineers, and security teams. By defining clear strategic goals, leveraging existing infrastructure with governance overlays, and embedding security into development workflows, organizations can build robust, scalable NHI programs that protect critical assets and enable innovation. 

#1 Authority in NHI Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs).

Get in Touch

Quick Links

Legal & Policies

©2025 NHIMG. All right reserved.