While zero-trust policies and identity-centric programs excel at protecting user identities and login credentials with IAM policies and security tools like MFA or IP restrictions, non-human identities (NHIs) like API keys, OAuth apps, service accounts, and secrets often lack visibility, monitoring, and governance. This gap has not gone unnoticed by attackers.
Astrix Security stepped in as the first solution to fill this gap, and we are thrilled to announce our partnership with Torq, making it easier than ever to manage, secure, and remediate NHI risks seamlessly within your SOC automation processes.
By integrating Torq with Astrix, security teams can automate identifying and responding to anomalies, excessive permissions, unused credentials, and non-rotated non-human identities through streamlined workflows. This integration helps eliminate silos, allowing teams to operationalize Astrix effortlessly within their existing Torq setup.
Astrix brings behavioral analysis, typically used for human identities, to non-human identities – enabling real-time detection of unusual activities. To that extent, Torq allows customers to respond automatically using remediation playbooks driven by preset logic, allowing immediate threat responses without switching between different tools.
Unused permissions, risky connections, and unrotated tokens increase your NHI attack surface. Using Astrix and Torq, customers can customize rules to detect unused, overly permissive, and malicious NHI access. These rules are converted into automated playbooks through Torq, ensuring continuous reduction of attack surfaces by removing risky access and non-rotated tokens.
Astrix and Torq enhance change management for non-human identities by automating data flows and remediation tasks. When Astrix detects a high-risk NHI event, it feeds this information into Torq, which then creates a ticket in workflow management systems like Jira or ServiceNow. Torq’s automation capabilities then trigger specific playbooks to handle these changes, such as decommissioning NHIs. This automation minimizes manual intervention, ensuring swift and accurate updates and reducing potential errors.
The integration of Astrix and Torq transforms how security teams manage non-human identities. This partnership simplifies complex processes and reduces the burden on security teams by automating the detection and response to unusual activities and poorly managed permissions.
Ready to see it in action? Request a demo.
The post Bridging the NHI security gap: Astrix and Torq partner up appeared first on Astrix Security.
*** This is a Security Bloggers Network syndicated blog from Astrix Security authored by Danielle Guetta. Read the original post at: https://astrix.security/bridging-the-nhi-security-gap-astrix-and-torq-partner-up/