Vendor Capability:
Comprehensive discovery of non-human identities across various authentication methods in different environments such as cloud providers, AI agents technologies, on-premise servers, workloads, databases, Corporate SaaS applications, CI/CD tools, IDPs, and vaults. This includes identities in Kubernetes, cloud providers, AI/LLM applications, and homegrown apps, ensuring broad security visibility across all platforms and technologies.
Questions to ask an NHI Provider:
What types of non-human identities do you support, and how do you handle various authentication methods and credential/secret types (API keys, OAuth tokens, SSH keys, etc.)?
Which cloud providers, workloads, and infrastructure environments (Kubernetes, serverless, etc.) does your solution cover?
How do you manage NHIs across corporate SaaS applications, databases, and CI/CD tools to ensure full security visibility?
Do you support on-prem and self-hosted IAM technologies (Active Directory, SQL Server, etc.)?
Functionalities
Description
NHI Types and Authentication Methods
User / Pass, service accounts, principles, access keys, storage accounts, K8S, service principles, RDS users, EC2/VM roles, OIDC, SSH keys, API keys, OAuth 2.0 tokens, SAML.
All Major IaaS apps
AWS, Microsoft Azure, GCP.
Workloads
Automatically identify human owners of any service account and detect involved infrastructures as a code (IaC), to ensure clear accountability. This improves visibility and operational efficiency and reduces time to mitigate security posture findings.
Databases and Data Warehouses
Snowflake, MySql, Databricks, PostgreSQL, Redis, MongoDB, and more.
Critical SaaS apps
Salesforce, Snowflake, Workday, NetSuite, etc.