Oasis Security announced an industry-first NHI Ownership Discovery Engine
October 2024 by Marc Jacob
Oasis Security announced an industry-first NHI Ownership Discovery Engine. With this new AI-powered engine, Oasis Security users can auto-discover human owners of NHIs without pre-existing knowledge and even in the absence of metadata, like tags or naming.
NHIs outnumber human identities on average by a factor of 20x in enterprise environments, leaving organizations vulnerable to significant risks. Identifying NHI owners is critical to properly managing NHIs, mitigating risk, and initiating remediation tasks, yet it is often missing context that many organizations struggle to maintain.
The Oasis NHI Ownership Discovery Engine is powered by purpose-built AI and ML algorithms that suggest and assign NHIs owners in a user’s environment by analyzing the digital footprint and behaviors of those who consume them and for what resources. Unlike solutions that rely on pre-existing information for ownership context, Oasis autonomously processes information collected from logs and Configuration Management Databases to suggest and assign the correct owner. Through integrations with email and enterprise messaging platforms such as Slack, ownership context can be verified and attested without the need for error-prone manual processes.
Oasis Security’s new NHI Ownership Discovery Engine empowers users to:
• Reduce the operational complexities that come with managing thousands of NHIs across diverse systems
• Minimize security risk by safely implementing remediation and lifecycle actions
• Ensure accountability, streamlining compliance
• Respond faster to incidents
Unlike human identities, which are managed through well-established governance processes and mature governance and privileged access management (PAM) systems, NHIs are decentralized, lack a single source of truth, and frequently bypass standard IT workflows and security checks. Unmanaged NHIs create hidden vulnerabilities that attackers can easily exploit. Research from Enterprise Strategy Group indicates that more than 46% of organizations have been subject to an NHI breach in the last 12 months.
Ownership context is a key foundational step in any NHI lifecycle process. After NHI ownership is established and attested, lifecycle management actions can be implemented with the necessary approvals and without breaking tools or processes. Ownership context is critical to move from alerting to action, underscoring the need for these new capabilities.