Non-human identities (NHIs) outnumber human identities 20:1, but visibility into NHIs is really poor, according to research from ESG.
“Non-human identities and emerging technologies like AI agents are the unknown unknowns for many organizations today. Security leaders are often unable to identify just how many of these entities are operating within their environments—let alone who is responsible for managing them—making it all but impossible to secure this expanding attack surface,” said Alex Bovee, co-founder and CEO, ConductorOne.
Identity governance and security firm ConductorOne this week has launched new capabilities that will help organizations address the lack of visibility into NHIs and mitigate the risks involved, including risks associated with agentic AI.
ConductorOne's solution discovers, inventories, maps ownership of, and provides risk alerts for NHIs such as service accounts, API keys, tokens, certificates, and AI agents. This allows customers to manage and secure all identities, whether human or machine, across their entire environment from a single platform. It's an interesting solution to a big problem.
Now, here's today's MSSP update. Drop me a line at
[email protected] if you have news to share or want to say hi!
Today's MSSP Update
1. CYFOX's GenAI vCISO: CYFOX has launched a generative AI-powered vCISO solution to help lighten CISOs' workloads while maintaining compliance, the company said in a statement.
OmniSec automates security posture auditing and uses production-level compliance gap analysis. The solution uses a dynamic framework to build and update compliance frameworks on the fly.
2. Forcepoint DDR: Forcepoint unveiled an AI-powered data detection and response (DDR) solution today that enables continuous data risk intelligence and remediation. Forcepoint DDR works with Forcepoint Data Security Posture Management (DSPM) to deliver contextual insights into data risk and security gaps, and in combination with Forcepoint’s AI Mesh technology, users can get high-accuracy classification, deep data context, and precise, dynamic remediation, the company said.
3. New president at Billington CyberSecurity: Billington CyberSecurity today announced Troy Schneider has been promoted to president, enabling founder Thomas K. Billington to become the organization's CEO and chairman. Schneider has built and led organizations encompassing media, technology and government for 30+ years, and joined Billington CyberSecurity in July 2024 as executive vice president and general manager. He previously served as president of GovExec 360, editor-in-chief of FCW and GCN, and was the leader of the Federal 100 awards, and general manager of 1105 Media’s Public Sector 360. Congratulations!
4. NETSCOUT AI-enhanced DDoS protection: NETSCOUT has released enhancements to its
Arbor Threat Mitigation System (TMS) Adaptive DDoS Protection solution, including additional AI/ML functionality to better detect and block malicious traffic, the company said. These enhancements include geo-IP location functionality to identify and pinpoint malicious IPs to geographic locations, Adaptive DDoS Protection to automatically detect and block attacks from over 65 known DDoS threat actors, and AI/ML-powered source host misuse detection to track misbehaving subscribers, infected hosts, compromised IoT devices, and other internal attack sources.
5. Halcyon RDR: Anti-ransomware solutions firm Halcyon today
announced Halcyon Ransomware Detection and Recovery (RDR), a no-cost integrated service included with every deployment of the Halcyon Anti-Ransomware Platform. The RDR service is supported by Halcyon’s RISE ransomware experts team to help identify and stop ransomware attacks before they disrupt business operations.
