Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Identity visibility at BlackHat 2025: what changed for IAM teams?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9439
Topic starter  

TL;DR: BlackHat 2025 exposed a visibility crisis in enterprise identity management, with security teams unable to answer basic access questions and Gartner naming Identity Visibility and Intelligence Platforms as an emerging category, according to Linx Security. Traditional IAM is no longer keeping pace with machine identity sprawl, and visibility alone is now only the starting point.

NHIMG editorial — based on content published by Linx Security: The Identity Intelligence Awakening, what BlackHat 2025 revealed about the future of enterprise security

By the numbers:

Questions worth separating out

Q: How should security teams build visibility into non-human identities across cloud and SaaS?

A: Start by normalising identity data from directories, cloud platforms, SaaS tools, and workload sources into one inventory.

Q: Why do machine identities make access governance harder than human IAM?

A: Machine identities are created in large numbers, change quickly, and often lack clear owners or lifecycle discipline.

Q: What breaks when organisations rely on visibility tools without identity intelligence?

A: You can see more accounts without understanding which ones are risky.

Practitioner guidance

  • Rebuild your identity inventory around actual privilege paths Map where administrative and machine identities really exist across cloud, SaaS, and infrastructure.
  • Treat service accounts and API keys as governed identities Bring non-human identities into the same lifecycle discipline as human access, including ownership, review, and offboarding.
  • Add correlation before automation Do not automate access decisions until your tooling can correlate identity, entitlement, and behaviour across domains.

What's in the full article

Linx Security's full blog post covers the operational detail this post intentionally leaves for the source:

  • How Linx positions its conversational query workflow for identity investigations and access review tasks
  • The specific platform behaviours it describes for autonomous governance and predictive risk assessment
  • Examples of how the vendor frames identity intelligence as a replacement for fragmented reporting
  • The product-led narrative around identity lifecycle unification and access control automation

👉 Read Linx Security's analysis of BlackHat 2025 and identity intelligence →

Identity visibility at BlackHat 2025: what changed for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8923
 

Identity visibility has become a prerequisite for governance, not a governance outcome. BlackHat 2025 made clear that many teams still treat visibility as the finish line, when in fact it is the minimum condition for any meaningful access control programme. Without a defensible inventory of human, machine, and workload identities, certification and least privilege are operating on partial truth. The implication is that governance maturity now depends on discovery quality before policy sophistication can matter.

A few things that frame the scale:

  • 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
  • Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.

A question worth separating out:

Q: Which frameworks should teams use to govern identity visibility and machine access?

A: For non-human identities, OWASP NHI, Zero Trust, and NIST CSF are the most relevant starting points. If AI-driven decisioning is involved, add AI risk governance so you can bound autonomy, trace decisions, and keep human accountability intact across access workflows.

👉 Read our full editorial: Identity visibility and intelligence became the BlackHat 2025 fault line



   
ReplyQuote
Share: