Subscribe to the Non-Human & AI Identity Journal
Home Glossary Threats, Abuse & Incident Response End-Of-Life Device
Threats, Abuse & Incident Response

End-Of-Life Device

← Back to Glossary
By NHI Mgmt Group Updated July 11, 2026 Domain: Threats, Abuse & Incident Response

Hardware or software no longer receiving full vendor support, security updates, or reliable maintenance. These assets can remain connected and trusted in production long after their risk profile has changed, making them attractive for exploitation and persistence.

Expanded Definition

An end-of-life device is hardware or software that no longer receives meaningful vendor support, security patches, or dependable maintenance. In NHI environments, the term matters because these assets often still hold credentials, tokens, certificates, cached sessions, or API integrations that continue to function after the product itself is effectively abandoned.

Definitions vary across vendors when a product enters this state. Some treat end-of-life as the final date for all updates, while others distinguish between end-of-support, end-of-maintenance, and end-of-sale. For security teams, the practical question is not the label but whether the asset can still authenticate, transmit data, or be trusted inside a production identity path. That makes end-of-life assessment closely related to lifecycle governance in the NIST Cybersecurity Framework 2.0 and to the broader NHI lifecycle concerns described in Ultimate Guide to NHIs.

The most common misapplication is treating a device as “low risk” because it is still powered on and operational, which occurs when teams confuse availability with ongoing vendor-backed security.

Examples and Use Cases

Implementing end-of-life controls rigorously often introduces replacement and compatibility constraints, requiring organisations to weigh continuity of service against the cost and disruption of accelerated migration.

  • A legacy network appliance still validates service-account traffic even though the vendor has stopped issuing firmware updates, creating a durable foothold for persistence.
  • An industrial controller continues to run a critical workflow but can no longer receive signed patches, so its embedded credentials become a long-term exposure point.
  • A retired SaaS connector still holds an API key in a configuration file, and that key remains active until the integration is explicitly decommissioned.
  • A virtual machine image built from an unsupported operating system is reused in CI/CD, carrying outdated libraries and stale tokens into new workloads.
  • Asset owners use lifecycle registers from the Ultimate Guide to NHIs alongside NIST Cybersecurity Framework 2.0 to decide when a device must be isolated, replaced, or fully revoked.

In practice, end-of-life planning should include inventory accuracy, dependency mapping, credential rotation, and shutdown procedures for every identity or secret the asset can reach.

Why It Matters in NHI Security

End-of-life devices matter because attackers do not need a product to be modern, only reachable. Unsupported systems often retain privileged trust relationships, hard-coded credentials, or integration tokens that outlive the intended service life. NHIMG research shows that 91.6% of secrets remain valid five days after the targeted organisation is notified, and that 71% of NHIs are not rotated within recommended time frames, which makes stale assets especially dangerous once support ends. The risk is amplified when teams lose visibility: the Ultimate Guide to NHIs reports that only 5.7% of organisations have full visibility into their service accounts.

From a governance perspective, end-of-life status should trigger revocation, isolation, or compensating controls rather than assumptions of residual safety. Unsupported assets also undermine zero trust because trust decisions become disconnected from current patch status, vendor assurance, and identity hygiene. The issue is especially severe when an old device sits in a privileged network zone and still authenticates as a trusted machine account.

Organisations typically encounter the operational impact only after an incident or audit discovers that an unsupported device still had active credentials, at which point the end-of-life condition becomes operationally unavoidable to address.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 and CSA MAESTRO address the attack and risk surface, while NIST CSF 2.0, NIST Zero Trust (SP 800-207) and NIST SP 800-63 set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
OWASP Non-Human Identity Top 10NHI-01Lifecycle and inventory gaps let unsupported NHIs and assets remain trusted too long.
NIST CSF 2.0ID.AM-2Asset management requires knowing what exists and whether it is still supported.
NIST Zero Trust (SP 800-207)AC-4Zero Trust limits implicit trust in devices whose security posture is no longer assured.
NIST SP 800-63Digital identity assurance depends on current trust in authenticators and their lifecycle state.
CSA MAESTROAgentic systems inherit risk when underlying devices or tool hosts are no longer supported.

Remove agent tooling from unsupported devices and migrate execution to governed platforms.

NHIMG Editorial Note
Reviewed and updated by the NHIMG editorial team on July 11, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org