Astrix Security

We're thrilled to announce the FIRST EVER Non-Human Identity Security Conference in the heart of NYC, co-hosted with Cloud Security Alliance! 🗽✨ 𝐖𝐡𝐞𝐧:  Sep 18, 2024 𝐖𝐡𝐞𝐫𝐞:  World Trade Center, New York 𝐖𝐡𝐲: 🔹 Dive into real NHI case studies from top enterprises 🔹 Engage in conversations with leading security executives pioneering the NHI security space 🔹 Enjoy unbeatable networking over delicious breakfast and lunch This is your chance to take part in the future of NHI security and connect with the brightest minds in the field. Ready to be part of something big? Register now and secure your spot! 👇 https://lnkd.in/dt6pa2tg Gary Owen John Yeoh Timothy Youngblood, CISSP E Coleen C. Vinay P. Gerhard Eschelbeck Dr. Chase Cunningham Dmitriy Sokolovskiy, CISSP, QTE Emilio E. Heather Hinton

Incident report: PyPI Admin Personal Access Token leak 🚨 The PyPI team recently reported a security incident where an admin's personal access token was accidentally leaked. This token was used to modify several packages on the platform. Fortunately, the PyPI team acted swiftly, revoked the token, and restored the affected packages to their previous states. This incident highlights the persistent risk of credential leakage. Often, organizations are unaware that a key has been leaked until it is actively being exploited. To mitigate such risks, the Astrix Research team suggests the following best practices: ✅ Limit access: Ensure that personal access tokens have minimal privileges necessary for their function. ✅ Set expiration times: Tokens should have an expiration date to reduce the risk window in case of a leak. ✅ Monitor for abnormal behavior: Implement automated monitoring to detect any unusual activities as a last line of defense. To learn how Astrix can help with leaked PATs and any other NHI, watch the product in action: https://lnkd.in/gk-BRzQA

We are thrilled to welcome Ryan Rockenbaugh as our new Senior Field Marketing & Lead Gen Manager! 🎉 With a wealth of experience leading field marketing efforts in top companies across diverse industries, Ryan brings a fresh approach to our team that will surely propel Astrix to new heights. Join us in giving Ryan a warm welcome 🤗

A must-read piece ahead! 📰 Our CISO in Residence Timothy Youngblood, CISSP talked to Gomboc.ai about aligning security with business goals, the challenges of #NHI security, and the future of AI threats. From actionable strategies to real-world examples, this article is a treasure trove of insights for any cybersecurity professional. Happy reading! 🤓

On this 4th of July, we've got some fireworks-worthy news🎆 Astrix is named one of CRN's Top-10 Hottest Cloud Security Startups of 2024! Huge thanks to our awesome team, partners, and clients, and a very happy 4th!🌭🗽 Check us out at the top of the list: https://lnkd.in/dq9WyuvQ

What do Snowflake ❄, New York Times 📰, Gitloker 👩💻 and HuggingFace 🤗 have in common? You guessed it – NHI breaches, all within 30 days. Check out our carousel for a quick recap of each incident. For a deeper dive into the details, read the full recap here: https://lnkd.in/dnKpu4az

𝐇𝐨𝐰 𝐀𝐬𝐭𝐫𝐢𝐱 𝐬𝐩𝐨𝐢𝐥𝐞𝐝 𝐭𝐡𝐞 𝐑𝐞𝐝 𝐓𝐞𝐚𝐦'𝐬 𝐩𝐚𝐫𝐭𝐲 🌩 In our recent #AstrixStory we uncover how an e-commerce company's security team caught their Red Team in the middle of a simulated attack, using Astrix's anomaly engines. This is a true story that perfectly depicts the importance of advanced threat detection capabilities to identify and stop abnormal activity that indicates a potential attack. Read the full story here: https://lnkd.in/dcQ4jxBN

𝐖𝐡𝐚𝐭 𝐢𝐬 (𝐍𝐨𝐧-𝐡𝐮𝐦𝐚𝐧) 𝐈𝐝𝐞𝐧𝐭𝐢𝐭𝐲 𝐓𝐡𝐫𝐞𝐚𝐭 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐚𝐧𝐝 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐞? 🔍 Identity Threat Detection and Response (ITDR) is a crucial aspect of modern cybersecurity, especially with #NHI attacks popping up almost weekly. Our latest article explains: - What is ITDR - What is Non-human ITDR, and why it’s important - The key components of an effective Non-human ITDR strategy This is a quick read for anyone looking to understand the basics of identity security 👇 https://hubs.la/Q02C14hZ0

Check out the new blog by Timothy Youngblood, CISSP, our CISO in Residence 🛡! Tim has transitioned from Radio Shack to leading cybersecurity initiatives for Fortune 500 companies. In his latest blog, Tim shares his journey and his decision to join Astrix Security. He emphasizes the importance of NHI security and his commitment to ensuring that the Astrix platform meets the challenges and practices of enterprise security teams. We are fortunate to have Tim on our team! Explore Tim's journey and Astrix Security's innovative approach here: https://lnkd.in/gntKr5pW #Cybersecurity #NHIs #Innovation #AstrixSecurity #CISO

𝐖𝐡𝐲 𝐚𝐭𝐭𝐚𝐜𝐤𝐞𝐫𝐬 𝐥𝐨𝐯𝐞 𝐞𝐱𝐩𝐥𝐨𝐢𝐭𝐢𝐧𝐠 𝐍𝐇𝐈𝐬: 𝐎𝐧-𝐝𝐞𝐦𝐚𝐧𝐝 𝐰𝐨𝐫𝐤𝐬𝐡𝐨𝐩 📺 With multiple #NHI attacks in less than 30 days (Snowflake, New York Times, JetBrains, HuggingFace), understanding how attackers exploit NHIs is the first step towards better securing this attack vector. 🔐 In this live workshop we held a couple of months ago, our security experts demonstrated a real attack path, showing how NHIs like API keys, service accounts, and secrets are exploited to penetrate an organization, escalate privileges, and eventually steal source code and customer data. This is a must-watch for anyone looking to understand attackers' minds and why they love NHIs so much. 👉 https://hubs.ly/Q02C14hR0