Cyberattacks and Security: New Insights from Entro Security Labs on Non-Human Identities
Cybersecurity Advisory: Non-Human Identities Revealed
Entro Security Labs has published a crucial report analyzing millions of real-world Non-Human Identity (NHI) secrets, drawing attention to significant vulnerabilities in cybersecurity practices. The report, titled “2025 State of Non-Human Identities and Secrets in Cybersecurity,” indicates that 97% of NHIs possess excessive privileges, which broadens the attack surface and increases unauthorized access risks. Shockingly, 44% of tokens are at risk, being mishandled over platforms like Teams, Jira, and Confluence, exposing sensitive information.
Key Findings in Cybersecurity Practices
- 92% of organizations are inadvertently exposing NHIs to third-party risks.
- Misconfigurations in security practices are prevalent across industries.
- Organizations face critical vulnerabilities that necessitate immediate reassessment of NHI and secrets management protocols.
The report uses a mixed-methods approach, incorporating both quantitative data analysis and qualitative industry insights, revealing a vital need for vigilance in the management of NHIs.
For comprehensive findings and more details, organizations are encouraged to access the complete report available on Entro Security's website.
This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.