Veza, a leading identity security company, recently announced a major platform expansion aimed at securing Non-Human Identities (NHIs). This comes as a timely response to the growing risks associated with the rapid adoption of artificial intelligence (AI) in business processes. As enterprises increasingly deploy AI models, each training run and inference call generates new machine identities that often lack proper oversight and control. These NHIs, encompassing service accounts, secrets, keys, and workloads, are now outnumbering human identities 17 to 1, posing a significant security challenge. Threat actors, such as the notorious Volt Typhoon, are exploiting these identities as their primary attack vector due to their invisibility and overprivileged status. To address this issue, Veza’s new NHI Security product offers a structured, automated solution for discovering, governing, and securing machine identities. The tool provides a comprehensive view of all NHIs across various environments, including SaaS, cloud, infrastructure, and on-premises systems. Lena Taylor, VP and Chief Information Security Officer at Crocs, highlighted the importance of Veza’s solution, stating that their Azure estate had previously been a blind spot in terms of service principals, managed identities, and secrets supporting custom applications. With the rollout of Veza, Crocs will gain a single, centralized view to monitor and govern these machine identities, reshaping their approach to identity security. Key features of Veza’s NHI Security product include: Comprehensive NHI Discovery and Visibility: The platform offers a unified inventory of NHIs, including those from AWS, Azure, and GCP, among others. It automatically classifies these identities and allows users to refine them according to specific enrichment rules, tailoring the tool to their unique environments. Automated Risk Detection and Mitigation: Pre-built access risk dashboards identify critical issues such as dormant keys, unrotated secrets, orphaned accounts, and excessive permissions. Users can delve into detailed metadata to understand the last usage, rotation status, and active state of keys and secrets across multiple systems, enhancing their ability to mitigate risks proactively. Human to Non-Human Ownership Management: Real-time alerts notify users when an NHI lacks an owner or when a human owner leaves the organization. Veza suggests new owners using access intelligence and enables reassignment with a single click, ensuring continuous oversight and management. Integrated Compliance Control: The product helps maintain compliance by automatically tracking NHI ownership, credential hygiene, and enforcing least privilege. Access Graph visualizations and risk scoring for each NHI provide clear insights and actionable data. Tarun Thakur, CEO and Co-Founder of Veza, emphasized the mission-critical nature of NHI discovery and lifecycle management in the context of cloud complexity and AI adoption. He stated that traditional directory services do not adequately cover the broad range of machine identities present in modern environments. Veza’s solution, built on permissions and entitlements metadata, is designed to help organizations achieve least privilege at scale, forming the foundation of a Zero Trust security model. The launch of Veza’s NHI Security product has been met with enthusiastic adoption, as evidenced by the surge in interest from global enterprises like Crocs. These companies recognize the immediate need to secure their machine identities to prevent becoming the next security breach headline. By providing a robust, automated solution for NHI management, Veza is positioning itself as a crucial player in the identity security landscape. Veza was founded in 2020 and is headquartered in Los Gatos, California. The company is backed by prominent investors such as Accel, Bain Capital, Ballistic Ventures, Google Ventures (GV), NEA, Norwest Venture Partners, and True Ventures. Its Access Platform extends beyond conventional identity governance and administration (IGA) tools, offering advanced visualization, monitoring, and control over entitlements to ensure compliance and least privilege access. Veza’s clients, including Wynn Resorts, Expedia, and Blackstone, trust the platform for a wide range of identity security use cases, making it a vital tool in today's complex digital ecosystem. Industry insiders and security experts commend Veza’s proactive approach to addressing the NHI security challenge. They see the new NHI Security product as a game changer, providing the much-needed visibility and control over machine identities that are essential in the fast-evolving AI era. The ability to govern NHIs effectively is expected to significantly enhance the overall security posture of organizations, helping them navigate the increasing complexity and potential threats associated with AI workloads and cloud infrastructure.