The NHI Global Summit - Defending Against Identity Breaches
Podcast: The Non-Human & AI Identity PodcastPublished On: Thu Sep 04 2025
Description: Our NHI Mgmt Group (https://nhimg.org) hosts the NHI Global Summit at the Nasdaq Building, Times Square on February 27th 2025.Vincenzo Iozzo (Founder & CEO, SlashID) shared amazing insights on tactics, techniques and procedures (TTPs) and how you can stop them79% of attacks today are malware free31% of all breaches involve stolen credentials+583% increase in kerberoasting attacks YoY66% of AWS breaches are caused by leaked/stolen credentialsStateless tokensComplex protocolsBroken permission modelsIdentity attacks don’t target only NHIs - need to cover human identities alsoPosture, lifecycle management and PAM are not enough - ITDR capabilities are key to reduce dwell timeIdP audit logs have partial visibility - need a comprehensive view of your environmentMFA and FIDO are not enough – attackers get around both - ITDR + device bound tokensOver-permissioned and long-lived identities make lateral movement trivial - migrate to JIT accessVincenzo explained the anatomy of a breachPhishing or Credential Lead - Initial Compromise - Credential Harvesting - Data Exfiltrationand the root causesFinally he spoke about how to defence against these attacksFor more great content on Non-Human Identities, go to our portal https://nhimg.org/, where we have the most comprehensive knowledge centre on Non-Human / Machine Identities, including Research, White Papers, Breaches, Discussion Forum, Blogs and Products that support the risk management of NHIs.
The note was deleted
The note was saved
Your message was sent