With this release, Apono provides customers a unified cloud access solution that delivers automated, Just-in-Time, Just Enough access for every identity—whether person or machine
NEW YORK – Apono, the leader in privileged access for the cloud, today announced a significant update to the Apono Cloud Access Management Platform, introducing new capabilities for managing and securing Non-Human Identities (NHIs). This expansion provides organizations with essential tools to discover, manage, assess, and quarantine NHIs, enabling a move towards a just-enough least privilege access model across their cloud ecosystem. Building off the platform’s existing capabilities, this update delivers a unified cloud access solution that delivers automated, Just-in-Time, Just Enough access for every identity, whether person or machine.
“The widespread growth of over-privileged non-human identities in the cloud presents a critical security challenge – they are prime targets for attackers and introduce substantial risk and blind spots into vital cloud infrastructure,” said Ofir Stein, CTO at Apono. “Our latest platform update is specifically designed to combat this by giving organizations the essential tools to discover, manage, assess, and even quarantine identities. This enables a crucial shift to a just-enough, least privilege model for non-human access at scale.”
The scale and complexity that cloud infrastructures have enabled have been crucial catalysts for innovations today. NHIs have served as vital tools in enabling automation within these complex environments. Scaling alongside cloud adoption led to an explosion in the number of NHIs, with NHIs often vastly outnumbering human users. While these NHIs are fundamental to powering modern cloud-native applications and services, their widespread presence and often-overlooked privileges create significant blind spots and introduce substantial risk.
The new capabilities in the Apono platform are designed to eliminate these blind spots and provide a unified approach to identity and access management across human and non-human entities. This innovation allows organizations to eliminate standing privilege effectively, achieve just enough privilege for NHIs, and enforce end-to-end least privilege, a critical component of a zero-trust architecture, while maintaining development velocity and operational efficiency.
Key capabilities of the Apono platform update include:
- Discovery and Observability: The platform can identify various types of NHIs, such as service accounts, secrets, API keys, IAM roles, IAM users, and Permission sets.
- Risk Assessment and Recommendation: It can determine the risk associated with discovered NHIs and recommend actions to mitigate those risks.
- Just Enough Access and Least Privilege Migration: The update reduces permission levels on NHIs, automates Just-Enough Access provisioning, and enables migration to a least-privilege access model.
- Dormant and Zombie NHI Identification and Quarantine: The platform can identify unused or abandoned Identities that pose a high risk due to their access levels and safely quarantine them by removing assigned access.
“The rise of NHI usage in the past two years has reaffirmed the need for organizations to firstly discover and understand their NHI posture, but more importantly, move towards a strategic path of risk analysis and remediation,” said Simon Moffatt, Founder & Research Analyst, The Cyber Hut. “NHI management requires more than just credential rotation, and should leverage the same concepts developed over the past three decades in the human-identity space: namely, strong governance, least privilege access, and linkage to business processes. Apono’s investment in this area is testament to significant growth in market demand for these use cases.”
This update significantly enhances Apono’s ability to offer end-to-end coverage for all identities, providing just-in-time and just-enough access without negatively impacting business operations. Unlike many existing solutions, Apono provides not just visibility but also the ability to assess risky permissions, recommend actions, and automate remediation to bring NHIs under control.
Apono will be at Identiverse 2025, which will take place from June 3 to 6 in Las Vegas, Nevada. Attendees can learn more about Apono’s latest NHI capabilities and view a live demonstration at the Apono booth [Booth # 232] on the main conference floor and the NHI Pavilion. In addition, Apono will be a panelist during the NHI Workshop, in a session titled “The Market Landscape—Types of Solutions to Manage NHI Risks and Market Trends.”
More information about this platform update is available here: https://www.apono.io/securing-nhi/
About Apono:
Founded in 2022 by Rom Carmel (CEO) and Ofir Stein (CTO), Apono’s leadership leverages over 20 years of combined expertise in Cybersecurity and DevOps Infrastructure. Apono’s Cloud Privileged Access Platform offers companies Just-In-Time and Just-Enough privilege access, empowering organizations to seamlessly operate in the cloud by bridging the operational security gap in access management. Today, Apono’s platform serves dozens of customers across the US, including Fortune 500 companies, and has been recognized in Gartner’s Magic Quadrant for Privileged Access Management.
