From PAM to Non-Human Identity Management: Securing Machine Access

API keys, service accounts, and bots now outnumber humans 45:1, creating a massive "Shadow IT" attack surface. In this session, Ryan Frillman, CISO of Equifax Workforce Solutions, explains why traditional Privileged Access Management (PAM) is no longer enough to secure the modern cloud.

In this video, we discuss the transition from legacy PAM to modern Non-Human Identity (NHI) Management.

You will learn:

🔸Why relying on Cloud Service Providers (CSPs) for identity creates dangerous visibility gaps.
🔸How "one-click" API integrations are fueling a new wave of Shadow IT.
🔸The critical balance between developer velocity (automation) and security governance.
🔸 Best practices for discovering the "unknown unknowns" in your machine identity inventory.

Timestamps:
0:00 - Intro: The explosive growth of Machine Identities
02:30 - Defining Non-Human Identity (NHI) vs. Human Identity
04:05 - Shadow IT 2.0: The risk of "Free" SaaS & API connections
06:48 - The "One-Click" Problem: Who manages these credentials?
11:15 - Why 71% of breaches now involve identity (Verizon DBIR)
13:35 - The inherited risk of hardcoded secrets in DevOps
15:53 - Moving from manual rotation to automated lifecycle management 19:55 - How to communicate NHI risk to the Board and stakeholders

Resources:

Book a Demo: https://www.oasis.security/demo
Read the Report: https://www.oasis.security/resources/...
Connect with Ryan Frillman:   / ryan-frillman  

#NonHumanIdentity #CISO #AppSec #OasisSecurity #ShadowIT