Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

apono

What is Just Enough Privilege? Definition, Examples, and Best Practices

Nov 27, 2025 By The Apono Team In Apono
Every automated workflow, microservice, and CI/CD integration needs credentials to run, but those credentials often live far longer and reach far wider than anyone intends. The result is a growing attack surface hidden in plain sight. Concerningly, 26% of organizations believe more than half of their service accounts are over-privileged. This is a staggering figure when you consider that machine identities now vastly outnumber human users by 80:1.
Read Post
apono

Inside the $862K Insider Attack: How One Contractor Misused Access

Nov 25, 2025 By Gabriel Avner In Apono
Some incidents make security teams wince, not because of a complex exploit, but because they were entirely preventable. This one starts with a contractor getting fired. In May 2021, Maxwell Schultz, a contract IT worker from Ohio, was terminated. Instead of moving on, he re-entered his former employer’s network by impersonating another contractor and using their credentials.
Read Post
apono

Top 10 NHI Management Tools in an AI World

Nov 25, 2025 By The Apono Team In Apono
In today’s AI-driven world, machine identities are multiplying faster than humans can manage them. Every API key and automation script is a digital identity, often with standing access privileges that attackers can exploit through leaked credentials or misconfigured policies. Recent research shows that non-human identities (NHIs) now outnumber human users by more than 80:1 across enterprise cloud environments.
Read Post
apono

When the Internet Blinks: What Cloudflare's Outage Teaches Us About Standing Privileges

Nov 20, 2025 By Gabriel Avner In Apono
If you were online yesterday, you probably noticed that a surprising amount of the internet simply wasn’t there. Uber, X, Canva, ChatGPT, and dozens of others all began returning internal server errors. For a few hours, it looked like the web had taken the afternoon off. As usual, the immediate assumption was that someone must be attacking the internet. Even Cloudflare initially suspected a large-scale DDoS event. When many unrelated services break at once, it often signals malicious activity.
Read Post
apono

Apono Releases MCP Server for Admins

Nov 19, 2025 By Gabriel Avner In Apono
We’re excited to announce the launch of our MCP server for Apono administrators — giving security and DevOps teams the ability to surface complex access data instantly, without the endless API queries, spreadsheets, or manual digging that slows everyone down. Admins are the guardians of access. But when they need answers like “Which users are included in this access flow?” or “Who has access to production?”, getting that data today can take hours.
Read Post

Admin MCP

Nov 18, 2025 By Apono In Apono
Apono announces the launch of our Admin MCP (Model Context Protocol), a new tool that simplifies organizational access management through natural language queries. The product works with MCP-supported clients like Claude and Cursor, allowing administrators to quickly answer access questions without manually navigating through dashboards and permissions. This demo shows how users can instantly check if someone can access database resources or get comprehensive audit reports for AWS production accounts.
View Video
apono

Apono Raises $34M Series B to Redefine Privileged Access for the Agentic Era

Nov 18, 2025 By The Apono Team In Apono
NEW YORK – November 18, 2025 – Apono, the cloud identity-security company pioneering Zero Standing Privilege (ZSP) access management, today announced a $34 million Series B led by U.S. Venture Partners (USVP), with participation from Swisscom Ventures, Vertex Ventures, 33N Ventures, and existing investors. The round brings Apono’s total funding to more than $54 million. Over the past year, Apono established product-market fit with a fourfold increase in client count.
Read Post
apono

Cephalus Weaponizes Stolen RDP Credentials to Deploy Ransomware

Nov 11, 2025 By Gabriel Avner In Apono
New research out of AhnLab documents the Cephalus ransomware group has been aggressively exploiting stolen Remote Desktop Protocol (RDP) credentials to break into networks and execute rapid, destructive encryption campaigns. The pattern is straightforward and brutal: credentials get you in, and once inside the attackers move fast to blind and break recovery.
Read Post
apono

9 Must Have Components for a Privileged Access Management Audit

Nov 11, 2025 By The Apono Team In Apono
Privileged accounts are often treated as background plumbing until something goes wrong. They sit across cloud consoles, databases, and pipelines and have the power to alter configurations or bring production to a halt, making them a favorite target of bad actors. Credential theft surged 160% in 2025, making stolen identities one of the fastest-growing attack vectors.
Read Post
apono

APIBased JIT Access vs Proxies: Streamlining Secure Cloud Permissions

Nov 6, 2025 By Gabriel Avner In Apono
Breaking down the trade-offs between API integration and proxy gateways for modern access management The way organizations manage access has fundamentally shifted. In the past, infrastructure was mostly static—centralized data centers, long-lived servers, and predictable traffic patterns. You could rely on VPNs, firewalls, and a fixed set of roles in your identity provider. Access paths were clear, and change was infrequent. But that’s no longer the case.
Read Post
apono

Dynamic Roles, Real Security: Why OnDemand Permissions Beat PreDefined Policies

Nov 6, 2025 By Gabriel Avner In Apono
How context‑aware, short‑lived roles eliminate privilege sprawl and accelerate secure engineering without overburdening admins Access management for remote resources has come a long way from VPNs and bastion hosts. The rise of cloud platforms, microservices and remote workforces has driven a shift toward Cloud-native security controls that integrate directly with AWS, Azure, GCP and Kubernetes.
Read Post
apono

TruffleNet Weaponizes Stolen Credentials to Target AWS

Nov 5, 2025 By Gabriel Avner In Apono
New details are emerging about a wave of intrusions into Amazon Web Services environments. Attackers are reportedly weaponizing AWS IAM, using it to validate stolen credentials and turn identity controls into a springboard for in-cloud abuse. According to new research from Fortinent, attackers are leveraging the open source TruffleHog tool to automate testing of stolen AWS credentials in what they are calling the TruffleNet infrastructure.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.