Machine identity news stories

Digital transformation is driving an average of 42% annual growth in the number of machine identities, according to a new study from Venafi.

As a society, we have all individually developed significant yet quiet relationships over the past decade, many of us without even realising it.

Bots and infrastructure-as-code automation are common additions to the business landscape, and their explosion has not gone unnoticed by threat actors.

Venafi, the provider of machine identity management, finds that malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink.

Despite the prolific usage of TLS certificates within organisations, many CIOs aren't concerned about security risks associated with TLS machine identities.

Organisations worldwide could recover a collective total of between US$51 billion to as much as US$72 billion just by repairing their poorly protected machine identities.

These mistakes increase security risks and negatively impact the reliability and availability of business-critical network resources, Venafi has found.

Less than half of DevOps professionals believe developers always request certificates that serve as machine identities through authorised channels.

Eliminating certificate-related outages within complex, multi-tiered architectures can feel like an impossible effort.

Keyfactor Code Assure aims to deliver secure code signing to software vendors, mobile app developers, enterprise IT organisations, and manufacturers of IoT devices.

These services deliver machine-identities-as-a-service to cybercriminals who wish to spoof websites, eavesdrop on encrypted traffic, perform man-in-the-middle attacks and steal sensitive data.

Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.

The study focused on enterprise machine identity protection challenges and included responses from 350 senior IT security professionals.

As companies integrate more digital tools into their business, many of them remain unaware of the risk code-signing certificates are exposing them to.