FILTERING BY: CLEAR FILTER

Cloud-Native Ecosystems and Non-Human Identity NHI Exploitation

Cloud-native architectures have shifted the security perimeter from human users to Non-Human Identities (NHIs), including service accounts, OAuth tokens, and API keys. With machine identities outnumbering human users by a ratio of approximately 144:1, attackers target the visibility gap in automated environments. Exploitation chains leverage hardcoded secrets in CI/CD pipelines or Infrastructure as Code (IaC) templates to achieve initial access, followed by privilege escalation through "Super NHIs" and over-permissive IAM wildcard (*) policies. This facilitates lateral movement via cross-account trust relationships and Cloud Metadata Service (IMDS) exploitation, enabling full organizational takeover and rapid, automated data exfiltration.


LINK COPIED TO CLIPBOARD