Cyberattacks and Security: New Insights from Entro Security Labs on Non-Human Identities

Cybersecurity Advisory: Non-Human Identities Revealed

Entro Security Labs has published a crucial report analyzing millions of real-world Non-Human Identity (NHI) secrets, drawing attention to significant vulnerabilities in cybersecurity practices. The report, titled “2025 State of Non-Human Identities and Secrets in Cybersecurity,” indicates that 97% of NHIs possess excessive privileges, which broadens the attack surface and increases unauthorized access risks. Shockingly, 44% of tokens are at risk, being mishandled over platforms like Teams, Jira, and Confluence, exposing sensitive information.

Key Findings in Cybersecurity Practices

• 92% of organizations are inadvertently exposing NHIs to third-party risks.
• Misconfigurations in security practices are prevalent across industries.
• Organizations face critical vulnerabilities that necessitate immediate reassessment of NHI and secrets management protocols.

The report uses a mixed-methods approach, incorporating both quantitative data analysis and qualitative industry insights, revealing a vital need for vigilance in the management of NHIs.

For comprehensive findings and more details, organizations are encouraged to access the complete report available on Entro Security's website.