Oasis Security has introduced a groundbreaking NHI Ownership Discovery Engine, the first of its kind in the industry. This AI-powered engine enables Oasis Security users to automatically identify human owners of NHIs, even without prior knowledge or supporting metadata such as tags or names.
NHIs outnumber human identities on average by a factor of 20x in enterprise environments, leaving organizations vulnerable to significant risks. Identifying NHI owners is critical to properly managing NHIs, mitigating risk, and initiating remediation tasks, yet it is often missing context that many organizations struggle to maintain.
The Oasis NHI Ownership Discovery Engine is powered by purpose-built AI and ML algorithms that suggest and assign NHIs owners in a user’s environment by analyzing the digital footprint and behaviors of those who consume them and for what resources. Unlike solutions that rely on pre-existing information for ownership context, Oasis autonomously processes information collected from logs and Configuration Management Databases to suggest and assign the correct owner. Through integrations with email and enterprise messaging platforms such as Slack, ownership context can be verified and attested without the need for error-prone manual processes.
“Understanding who owns a non-human identity is a foundational pillar of any successful NHI governance strategy,” said Amit Zimerman, Co-Founder and Chief Product Officer of Oasis Security. “Ownership context empowers identity and security teams to enforce security policies, ensure compliance, and manage risk with greater precision. As today’s threat landscape grows more complex and unmanaged NHIs become high-stakes vulnerabilities, ownership attribution provides the visibility and accountability needed to protect critical systems and data. At Oasis, we’re proud to equip our customers with this essential capability, enhancing both their security posture and operational resilience.”
Oasis Security’s new NHI Ownership Discovery Engine empowers users to:
- Reduce the operational complexities that come with managing thousands of NHIs across diverse systems
- Minimize security risk by safely implementing remediation and lifecycle actions
- Ensure accountability, streamlining compliance
- Respond faster to incidents
Unlike human identities, which are managed through well-established governance processes and mature governance and privileged access management (PAM) systems, NHIs are decentralized, lack a single source of truth, and frequently bypass standard IT workflows and security checks. Unmanaged NHIs create hidden vulnerabilities that attackers can easily exploit. Research from Enterprise Strategy Group indicates that more than 46% of organizations have been subject to an NHI breach in the last 12 months.
Ownership context is a key foundational step in any NHI lifecycle process. After NHI ownership is established and attested, lifecycle management actions can be implemented with the necessary approvals and without breaking tools or processes. Ownership context is critical to move from alerting to action, underscoring the need for these new capabilities.
Learn more about the Oasis NHI Ownership Discovery Engine capabilities at the website here.
Related News:
Cybersecurity Awareness Month : Security Expert Thoughts
XM Cyber Launches its Vulnerability Risk Management Solution