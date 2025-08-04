New data from Identity Security Risk Assessments reveals critical blind spots in non-human identity posture

BeyondTrust’s latest solution brings secrets into full view, just as Agentic AI spins up at scale

LAS VEGAS, Aug. 04, 2025 (GLOBE NEWSWIRE) -- BeyondTrust, the global leader in identity security protecting Paths to Privilege™, today announced the expansion of its Identity Security Insights™ solution to include Secrets Insights, a new capability designed to illuminate and secure the hidden attack surfaces created by secrets and non-human identities.

As Agentic AI systems begin to autonomously interact with infrastructure, make decisions, and even provision access themselves, the hidden risks posed by unmanaged secrets and non-human identities become exponentially more dangerous.

This launch comes on the completion of the initial class of Identity Security Risk Assessment engagements conducted across a wide range of industries and company sizes. The results are eye-opening:

Dormant service accounts with privilege were found in over 70% of environments

Overly permissive Entra Service Principals create direct pathways to Global Admin privileges, exposing entire Microsoft 365 environments to potential takeover

Credentials reused across multiple service accounts by human admins, enabling a single compromised password to compromise numerous non-human accounts

Low-privileged users can escalate to administrative access across Active Directory, Entra, AWS, Okta, and GitHub through hidden privilege escalation paths built on configuration oversights, federation, synchronization

AD Service accounts bridge on-premises and cloud environments with Active Directory accounts holding privileged Entra roles, creating cross-platform attack vectors

Ineffective GitHub repository access management, leading to uncontrolled secret access and unauthorized access to sensitive code, often accessible through personal Github accounts

“These identity infrastructure issues aren’t just misconfigurations, they’re invitations,” said Marc Maiffret, CTO at BeyondTrust. “Our Identity Security Risk Assessment data shows that many organizations lack the complete story when it comes to their identity attack surface. For many, overlooked hygiene issues silently open the door to attackers. And with the rise of Agentic AI, the stakes have never been higher, especially as most organizations lack visibility into how compromised accounts can be leveraged to seize control of application secrets, which often carry elevated privileges.”

The new Secrets Insights capability builds on the success of BeyondTrust’s Identity Security Insights platform, which already provides deep visibility into Active Directory, Entra ID, AWS, Azure, Google Cloud Platform, Okta, and Ping Identity, and GitHub. Now, organizations can extend that same level of insight to secrets, such as API keys, service account credentials, tokens, and more, across hybrid and multi-cloud environments and their vaults.

Key Benefits of Secrets Visibility:

Discovery of unmanaged secrets across cloud and on-prem environments

Discovery of users with direct and indirect access to secrets

Risk scoring and prioritization based on exposure and privilege level

Integration with BeyondTrust Password Safe for automated remediation

“As organizations embrace automation and Agentic AI, securing the invisible layers of access - secrets, tokens, and service identities - will define the next frontier of identity security”, said Maiffret.

Secrets Insights will be available later this year.

BeyondTrust continues to offer complimentary Identity Security Risk Assessments, often completed in less than 48 hours, to qualified organizations, helping them uncover hidden privilege and secrets risks and chart a path toward Zero Standing Privilege (ZSP) and Just-in-Time (JIT) access.

To learn more or schedule an Identity Security Risk Assessment, visit: https://www.beyondtrust.com/products/identity-security-insights/assessment

About BeyondTrust

BeyondTrust is the global identity security leader protecting Paths to Privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders.

BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners.

Learn more at www.beyondtrust.com.

