SecurityBrief Canada - Technology news for CISOs & cybersecurity decision-makers
Canada

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Digital cloud with keys padlocks network security shields protecting identity
#
Cloud Security
#
IAM
#
AI

BeyondTrust launches Secrets Insights to tackle hidden identity risks

Tue, 5th Aug 2025
Author image
By Melania Watson, Interview Editor

BeyondTrust has announced the expansion of its Identity Security Insights solution with the introduction of Secrets Insights, designed to address vulnerabilities arising from secrets and non-human identities.

According to recent Identity Security Risk Assessments completed by BeyondTrust across various industries and organisational sizes, significant gaps have been discovered in current identity security postures.

The findings reveal dormant service accounts with privilege in more than 70% of assessed environments.

Additional issues include overly permissive Entra Service Principals, which can create direct pathways to Global Admin privileges, thereby endangering Microsoft 365 environments.

The assessments also found that credentials are frequently reused across multiple service accounts by administrators, compounding the risks posed by a single compromised password.

In the realm of privilege escalation, the report observes that low-privileged users are able to gain administrative access across Active Directory, Entra, AWS, Okta, and GitHub due to hidden escalation paths rooted in configuration errors, federation processes, and synchronisation.

AD Service accounts that connect on-premises and cloud environments, particularly those with privileged Entra roles, were also identified as potential cross-platform attack vectors.

The review highlighted further weaknesses, such as inadequate GitHub repository access management. This can lead to uncontrolled and unauthorised access to sensitive code and secrets, with personal GitHub accounts exacerbating the risk.

"These identity infrastructure issues aren't just misconfigurations, they're invitations. Our Identity Security Risk Assessment data shows that many organisations lack the complete story when it comes to their identity attack surface. For many, overlooked hygiene issues silently open the door to attackers. And with the rise of Agentic AI, the stakes have never been higher, especially as most organisations lack visibility into how compromised accounts can be leveraged to seize control of application secrets, which often carry elevated privileges," said Marc Maiffret, CTO at BeyondTrust.

Agentic AI systems, which autonomously interface with infrastructure and provision access, are predicted to amplify the risks associated with unmanaged secrets and non-human identities.

As organisations adopt these AI-driven systems, the potential for abuse of hidden privileges and secrets grows, underscoring the need for enhanced oversight.

The new Secrets Insights feature is intended to provide this visibility.

It builds upon the existing capabilities of BeyondTrust's Identity Security Insights platform, which allows organisations to monitor identity risk across Active Directory, Entra ID, AWS, Azure, Google Cloud Platform, Okta, Ping Identity, and GitHub.

With Secrets Insights, users can discover API keys, service account credentials, tokens, and similar assets across both cloud and on-premises setups, including within vaults, thereby mapping previously unmonitored access vectors.

Key benefits

Secrets Insights offers a number of core functions: discovery of unmanaged secrets throughout cloud and on-premises environments; identification of users with both direct and indirect access to these secrets; risk scoring and prioritisation focused on levels of exposure and privilege; and integration with BeyondTrust Password Safe, which automates remediation tasks.

Maiffret commented on the next steps for the sector:

"As organisations embrace automation and Agentic AI, securing the invisible layers of access - secrets, tokens, and service identities - will define the next frontier of identity security."

Secrets Insights is scheduled to become available later this year.

As part of its ongoing initiatives, BeyondTrust provides complimentary Identity Security Risk Assessments for qualified organisations.

These assessments can be completed in under 48 hours and are intended to help organisations identify hidden privileges and secret-related risks, supporting steps towards reducing standing privilege and enabling just-in-time access.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Tenable named leader in 2025 Gartner quadrant for exposure platforms
Duality & Google Cloud launch confidential AI with GPU power
Cloudsmith unveils MCP Server to bridge AI & developer tools
Cloudhouse launches Foundry to automate legacy app packaging
Ken Washington named chairman at i-GENTIC AI to drive governance

Top stories

Phishing kits & steganography drive new wave of email threats
Milestone reveals city AI model as hackathon prize hits EUR €5,000
Most organisations neglect key security in rapid AI adoption
CISOs see pay rise outpace budgets as market activity intensifies
Wrap up of Commvault Cloud Unity unifies data, cyber & identity resilience