Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Identity-related threats are draining time and resources faster than security teams can keep up. The challenge is no longer just about stopping breaches; it’s about keeping up with the scale of alerts and risks. On average, organizations spend 11 person-hours investigating each identity-related security alert. Meanwhile, credential theft has soared 160% in 2025, making privileged accounts and non-human identities (NHIs) a prime target for attackers.

The Shai‑Hulud worm and the Nx / S1ngularity attacks show how token‑stealing malware, vulnerable workflows, and always‑on elevated permissions allow cascading compromise. Enforcing JIT access on repository, organization owner/admin roles, and team‑based inherited permissions sharply reduces exposure, limits damage, and strengthens audit/compliance posture.

The Shai‑Hulud worm and the Nx / S1ngularity attacks show how token‑stealing malware, vulnerable workflows, and always‑on elevated permissions allow cascading compromise. Enforcing JIT access on repository, organization owner/admin roles, and team‑based inherited permissions sharply reduces exposure, limits damage, and strengthens audit/compliance posture.

APIs are the foundation of modern applications, and attackers know it well. A single misconfigured endpoint or exposed token can give adversaries a direct path into sensitive systems and data across your environment. Your already overburdened security teams can’t afford to miss what may be their fastest-growing attack surface. How fast-growing is the threat?

We’re excited to announce the launch of our MCP server for end users, designed to boost engineering productivity while keeping security strong. Engineers often know exactly what they need to do—deploy to a new environment, spin up a workload, investigate logs—but not which permissions translate into those tasks. That leads to two common problems: The result is wasted time, frustrated teams, and an inflated attack surface from unnecessary standing privileges.

The Drift OAuth breach didn’t just expose one SaaS vendor — it exposed a systemic blind spot: the sprawling, ungoverned world of Non-Human Identities. In case you missed it, in August 2025, attackers from UNC6395 exploited compromised OAuth tokens from Salesloft’s Drift integration—an AI chat tool—to access and exfiltrate data from Salesforce, including credentials like AWS keys and Snowflake tokens.

Modern enterprises run on automation. But behind every line of code deploying infrastructure, moving data, or triggering workflows is something often overlooked: a non-human identity (NHI). These NHIs—service accounts, machine credentials, API tokens, CI/CD integrations—outnumber human users by orders of magnitude. And they’re everywhere. Yet in too many organizations, they’re still unmanaged, invisible, and dangerously overprivileged.

Everyone’s trying to make AI agents do useful things. That’s why the Model Context Protocol (MCP) is gaining momentum with teams operationalizing LLMs across their infrastructure and tooling. Backed by teams like OpenAI and Google, MCP gives a consistent, standardized way to connect LLMs with the rest of your stack. In other words, the MCP Protocol makes connecting AI tools with real business data and workflows easier using structured access instead of janky UI hacks and glued-on custom code.

Today we’re excited to announce the launch of Apono’s new AI-powered Access Assistant, now live across the Apono Cloud Access Management Platform. As AI continues to transform engineering and security workflows, this assistant brings natural language interaction to access management. Helping teams move faster while staying secure. By eliminating the guesswork from access requests, Apono’s Access Assistant gives engineers a powerful new way to get exactly the access they need.

By 2025, non-human identities (like service accounts, API keys, and bots) will outnumber human identities by 45:1 in cloud environments. Yet many organizations still rely on static IAM roles and manual provisioning, leaving them exposed to credential sprawl, insider risk, and compliance violations. That’s where modern Enterprise Identity Management (EIM) comes in. Enterprise software development is increasingly cloud native.