They spread because trusted integrations connect multiple systems that already share credentials, data, or automation rights. Once attackers control one delegated connection, they can often move through legitimate paths rather than breaking new defenses. That makes the blast radius a function of integration density as much as of the original compromise.
Why This Matters for Security Teams
saas supply chain incidents spread quickly because the first compromised app is rarely isolated. Integrations often carry OAuth grants, API keys, service accounts, webhook trust, and delegated admin rights into other systems. That means attackers can reuse legitimate pathways, blend in with normal automation, and avoid noisy exploit chains. The risk is not just data exposure in one vendor, but credential propagation across the whole connected workflow.
This is why NHI governance has to extend beyond the breached application itself. A token stolen in one place can unlock access elsewhere if it has not been scoped tightly, rotated quickly, or revoked in response to downstream activity. NHIMG’s reporting on supply chain credential abuse, including the The 52 NHI breaches Report and the Reviewdog GitHub Action supply chain attack, shows how quickly a single trust edge can become a multi-system event. In practice, many security teams encounter lateral spread only after delegated access has already been abused, rather than through intentional monitoring of the integration graph.
How It Works in Practice
The technical reason spread happens is simple: modern SaaS stacks are connected by machine identities, not just users. A compromised app may hold refresh tokens, signing keys, CI/CD secrets, or SCIM and API permissions that let it query records, trigger automation, or impersonate trusted services. If those secrets are long-lived, broadly scoped, or shared across environments, one foothold becomes a reusable credential set.
Current guidance suggests treating every integration as a separate trust boundary. That means inventorying which system issued the credential, which workload uses it, what it can reach, and how quickly it can be revoked. Pair that with least privilege, short TTLs, and explicit blast-radius testing. The OWASP Non-Human Identity Top 10 is useful here because it frames secrets exposure, over-privileged service accounts, and missing rotation as operational risks rather than abstract policy gaps.
- Map every SaaS-to-SaaS connection, including hidden ones in automations, tickets, and chat workflows.
- Replace shared credentials with workload-specific identities and narrowly scoped tokens.
- Use JIT issuance where possible so access expires when the task ends.
- Revoke on compromise signals, not just on the next scheduled rotation.
- Audit where a stolen token could pivot before you discover the original breach.
GitGuardian’s The State of Secrets Sprawl 2026 underscores the operational problem: 64% of valid secrets leaked in 2022 are still valid and exploitable today, so detection without revocation leaves the spread path open. These controls tend to break down when integrations are embedded in legacy automation, because ownership is unclear and revocation breaks business-critical workflows.
Common Variations and Edge Cases
Tighter integration control often increases operational overhead, so organisations have to balance containment against developer and platform friction. There is no universal standard for this yet, especially when SaaS products expose limited telemetry or when business users create unsanctioned automations outside central IAM.
One common edge case is the “trusted vendor” assumption. Teams may trust a known SaaS app while overlooking the upstream plugin, marketplace extension, or CI runner that supplied its credentials. Another is over-reliance on role-based access control when the real risk is context and runtime intent: a static role can be harmless in one workflow and dangerous in another. The Anthropic — first AI-orchestrated cyber espionage campaign report is a useful reminder that autonomous systems can chain actions quickly once they inherit valid tool access. For broader incident patterns, see Salesloft OAuth token breach and Snowflake breach, where trust in one integration amplified access elsewhere. Guidance is evolving, but the safest default is to assume any delegated SaaS trust can become a propagation path unless it is explicitly bounded, monitored, and revocable.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Service secrets and rotation gaps enable cross-app spread. |
| NIST CSF 2.0 | PR.AC-4 | Least privilege limits how far a stolen SaaS grant can move. |
| NIST AI RMF | AI RMF helps govern autonomous tool use that can amplify spread. |
Define accountability, monitoring, and escalation paths for automated actions across connected systems.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on May 28, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
