In this episode of the KuppingerCole Analyst Chat, Martin Kuppinger joins Matthias Reinwarth to dive deep into one of the most overlooked but critical areas in identity and security: non-human identities (NHI) and workload secrets. As cloud-native development and AI-driven workloads grow, so does the complexity of managing machine identities. With AWS now supporting long-lived API keys for generative AI, this episode explores why that's a risky move — and what a modern, secure, and developer-friendly alternative looks like. In this episode, you'll learn: Why workload identities must be treated as privileged How long-lived secrets expand your attack surface Why “balancing convenience vs. security” is a false choice How to apply ephemeral secrets and ITDR signals The role of SPIFFE/SPIRE, policy-as-code (OPA), and automation Why developers shouldn’t own security — and what IAM must do instead How attackers use AI to hunt your leaked secrets What organizations must do to secure NHI at scale Key takeaway: Security must be built around short-lived secrets, automation, and clear separation between identity, secrets, and entitlements — especially for workloads and AI agents.

Ver todos los episodios