Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Last week’s disclosure from AWS is another reminder that in the cloud, attackers don’t need to break in. They just need a working set of keys. Several AWS customers learned this the hard way when threat actors used compromised IAM credentials to deploy a rapid cryptomining campaign across EC2 and ECS environments. The incident didn’t rely on vulnerabilities or sophisticated exploitation. It relied on valid credentials and overly permissive access.

The theme at the Gartner IAM Summit conference this year was clear: identity is no longer adjacent to the business. It is the business. That idea showed up in the opening keynote, analyst sessions, hallway conversations, and especially in the gap between how IAM is supposed to work and how it actually works inside most organizations. After a week of listening closely, a few takeaways rose above the noise. We did not see many buzzwords or grand predictions.

Manual access requests and long-lived credentials pose a significant scaling challenge for engineering teams, even as they automate pipelines, testing, delivery, and monitoring. As the volume of machine identities grows, the sheer volume of permissions makes manual review and revocation unmanageable, increasing risks of stale tokens and silent privilege exposure. Nearly 47% of cloud intrusions stem from weak or mismanaged credentials, according to a Google Cloud report.

It’s not hard for secrets to sprawl, buried under layers of commits and forgotten branches. Most teams don’t notice it until one bad push exposes everything. Secret leaks don’t come from breaches, but from configuration drift and forgotten credentials; a gap that traditional vault tools struggle to close on their own. Here’s the scale of that mess. Machine identities now outnumber human users by more than 80 to 1, and each one relies on credentials to function.

We’re excited to announce Apono integration with 1Password to help organizations control, automate, and audit access to sensitive credentials and secrets bringing stronger security and smoother operations to teams everywhere. This new integration enables customers to enforce Zero Standing Privileges (ZSP) and provision Just-in-Time (JIT) and just-enough access (JEA) to secrets stored in 1Password Enterprise Password Manager through Apono’s automated access flows.

The next wave of supply-chain breaches go beyond exploiting software dependencies and weaponize the trust layer between organizations and their vendors/partners. Off-the-shelf toolkits, some of them state-sponsored, are lowering the barrier to entry for third-party compromises. As a result, regulators are hard-coding “continuous verification” into frameworks such as NIS2, DORA, and the EU Cyber Resilience Act.

Large engineering organizations all run into the same challenge: as teams grow, clouds multiply, and environments diversify, access governance becomes noisy, risky, and difficult to delegate safely. Apono’s new Spaces Management feature gives enterprises a clean, scalable way to segment access governance across departments without spinning up multiple tenants or losing centralized control.

Privileged Entitlements Management (PEM) is a specialized cybersecurity practice that focuses on securely managing high-risk entitlements, also known as permissions, access rights, or privileges, which grant access to sensitive data, critical resources, and essential services across an organization's IT infrastructure.

Earlier this year, twin brothers Muneeb and Sohaib Akhter, both government contractors, were fired from their employer. Minutes later, they began a weeklong insider attack that compromised or destroyed data belonging to more than 45 federal agencies.