Service accounts AKA Robotic Identities play a significant role in how organizations work day-to-day, but they are often overlooked and under managed when it comes to security.
Watch this recorded session from Identiverse 2021 to hear our CTO Gal Diskin and Avi Aminov, Head Of Data Science,discuss their research into service accounts.
Their findings cover:
Service accounts and app identities are popular targets for attackers due to the ease of maintaining persistence, lack of activity monitoring and general lack of authorization management, especially around chained access. The group behind the SolarWinds hack, an attack that is estimated to have hit over 18,000 large businesses and government offices, used service accounts and app identities as part of their modus operandi. In this talk we will share real world stats and examples on service accounts and app identities (which are usually the same at the technical level) that we have witnessed in our customers’ systems. We will discuss how attackers leverage service accounts to maintain persistence and achieve access to their targets and finalize with what we as identity and security practitioners can do to protect from such situations – from right sizing service account permissions through constant activity monitoring to managing accounts lifecycles.