Apono has announced a significant update to its Cloud Access Management Platform, introducing advanced capabilities to secure both human and non-human identities (NHIs). This release addresses the growing complexity of cloud environments by offering a unified solution that automates just-in-time and just-enough access, enhancing security without compromising operational efficiency. With NHIs increasingly outnumbering human users in cloud ecosystems, this update provides critical tools to manage and mitigate associated risks.
Apono’s platform now secures both human and non-human identities with automated access.
New features include NHI discovery, risk assessment, and least privilege enforcement.
The update identifies and quarantines dormant or risky NHIs to reduce vulnerabilities.
Just-in-time and just-enough access supports zero-trust architecture principles.
Apono enhances visibility and automates remediation for secure cloud operations.
The platform maintains development velocity while enforcing robust security measures.
The rapid expansion of cloud infrastructure has driven a surge in non-human identities, such as service accounts, API keys, and IAM roles. These NHIs are essential for powering cloud-native applications but often carry excessive privileges, creating significant security blind spots. Apono’s updated platform tackles this challenge by providing tools to discover, manage, and secure NHIs, ensuring organizations can maintain control over their cloud ecosystems.
"The widespread growth of over-privileged non-human identities in the cloud presents a critical security challenge – they are prime targets for attackers and introduce substantial risk and blind spots into vital cloud infrastructure," said Ofir Stein, CTO at Apono. "Our latest platform update is specifically designed to combat this by giving organizations the essential tools to discover, manage, assess, and even quarantine identities."
Apono’s enhanced platform introduces several key capabilities to address NHI management:
Discovery and Observability: Identifies various NHIs, including service accounts, secrets, API keys, IAM roles, IAM users, and permission sets.
Risk Assessment and Recommendation: Evaluates risks associated with NHIs and suggests actionable mitigation steps.
Just Enough Access: Automates provisioning of minimal permissions for NHIs, supporting a least privilege model.
Dormant NHI Quarantine: Detects unused or abandoned identities and safely removes their access to reduce risks.
"The rise of NHI usage in the past two years has reaffirmed the need for organizations to firstly discover and understand their NHI posture, but more importantly, move towards a strategic path of risk analysis and remediation," said Simon Moffatt, Founder & Research Analyst, The Cyber Hut. "NHI management requires more than just credential rotation, and should leverage the same concepts developed over the past three decades in the human-identity space: namely, strong governance, least privilege access, and linkage to business processes."
By eliminating standing privileges and enforcing just-in-time and just-enough access, Apono’s platform aligns with zero-trust architecture principles. This approach ensures that both human and non-human identities operate with minimal permissions, reducing the attack surface while maintaining operational efficiency. The platform’s automation capabilities streamline remediation processes, allowing organizations to address risky permissions without disrupting workflows.
Apono’s update positions it as a leader in unified identity and access management, offering end-to-end coverage for all identities. Unlike traditional solutions that focus solely on visibility, Apono provides actionable insights and automated remediation to bring NHIs under control, making it a vital tool for organizations navigating complex cloud environments.
This update marks a significant step toward secure and efficient cloud access management. By addressing the challenges of NHIs and human identities alike, Apono empowers organizations to achieve robust security while supporting innovation and scalability in their cloud operations.
Founded in 2022 by Rom Carmel (CEO) and Ofir Stein (CTO), Apono's leadership leverages over 20 years of combined expertise in Cybersecurity and DevOps Infrastructure. Apono's Cloud Privileged Access Platform offers companies Just-In-Time and Just-Enough privilege access, empowering organizations to seamlessly operate in the cloud by bridging the operational security gap in access management. Today, Apono's platform serves dozens of customers across the US, including Fortune 500 companies, and has been recognized in Gartner's Magic Quadrant for Privileged Access Management.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.