Defakto

Anthropic now supports Workload Identity Federation. API keys for AI agents are on the way out. Pieter Kasselman explains why the shift matters and where agent authentication goes next. Read more: defakto.security/blog/the-agent… #NonHumanIdentity #AIsecurity #WorkloadIdentityFederation

Defakto recognized with 2 #Globee Cybersecurity Awards! 🏆 Best Cybersecurity Startup 🏆 Best Cybersecurity Brand Development This is a direct reflection of the Defakto team: the pace, the focus, and the standard they hold for what gets built + shipped #NHI #IdentitySecurity

This recognition belongs to the customers building with us. Defakto has been awarded 3 Gold Cybersecurity Excellence Awards! 🥇 Non-Human IAM 🥇 Machine Identity 🥇 Best Cybersecurity Startup #Cybersecurity #MachineIdentity #NonHumanIdentity #CyberAwards #SecurityInnovation

A single compromised token shouldn’t take down multiple ecosystems. But in the TeamPCP campaign, it did. Defakto CTO Eli Nesterov breaks down why this became a chain reaction defakto.security/blog/chain-rea… #Breach #TeamPCP #Trivy #Secrets

AI agents aren’t hidden. They’re ungoverned. In this post, @PieterKasselman explains why visibility alone won’t secure AI — and what actually will. 🔗 defakto.security/blog/your-ai-a… #AIGovernance #AIsecurity #NonHumanIdentity #IdentitySecurity

AI Attack Automation Is Here. And It’s Coming for Your Credentials! 💭 @PieterKasselman breaks down how eliminating long-lived credentials and issuing identity on demand flips the economics of defense. 🔗 defakto.security/blog/ai-attack…

Breaches in automated systems keep repeating, not because attackers are smarter, but because static secrets and overprivileged access still run the show. Learn why resilience starts with identity, not detection. 🔗 Read the full post: defakto.security/blog/from-reac…

🚀 Big News! We’ve raised $30.75M Series B, led by XYZ Venture Capital to accelerate our mission to eliminate static secrets and bring real security and governance to non-human identity. Read More: bit.ly/4hkDyy1 #SeriesB #Cybersecurity

We’re hiring engineers. If you want to work on identity that powers the next era of automation and AI, check us out. 👉 bit.ly/47ctCBQ #Defakto #Hiring #Engineering #NonHumanIdentity #NHI #MachineIdentity

Authentication ≠ Authorization. Confusing the two breaks your security model. Here’s why the difference matters 👇 spirl.com/blog/authentic…

The Shai-Hulud worm spread by harvesting static tokens across npm. Highlighting the ongoing pain of key rotation. Its is a treadmill: The only way off the treadmill? Eliminate static secrets entirely. 👉 New blog: bit.ly/4nypfYh #Secretless #shai-hulud #worm

🔑 OAuth tokens. 🔑 API keys. 🔑 Snowflake & AWS creds. All stolen in the latest Salesloft Drift / Salesforce supply chain breach. Secrets are toxic data and the model is collapsing. Blog: bit.ly/45Kt9Ye #cloudsecurity #infosec #NHI #breach

Scaling AI safely means rethinking identity. Multi-attestation is the foundation. “MFA is for humans. Multi-attestation is for AI.” – Pieter Kasselman 👉 spirl.com/blog/mfa-vs-mu… #MultiAttestation #NonHumanIdentity #NHI #AIsecurity #MachineIdentity

Service accounts don’t get offboarded. They accumulate risk and attackers know it. It’s time to eliminate static identity and go accountless. SPIRLs Pieter Kasselman's explains how in this latest blog: spirl.com/blog/go-accoun…

Base44 didn’t need a password. Just a public app_id and no identity checks. Wiz’s latest discovery shows what happens when AI & automation scale without Non-Human Identity 👉 Learn more on what went wrong—and how to fix it bit.ly/4feW5um #Wiz #Base44 #vibecoding #AI #NHI

xAI. Last week McHire. Different leaks, same root cause: exposed API keys. We need to stop relying on secrets and start issuing identity. Here’s how SPIRL eliminates static keys: spirl.com/blog/another-d…

A default password + an open API = 64M McDonald’s records exposed. No MFA. No identity. No excuse. We broke down what went wrong — and how NHI could’ve prevented it. 👉 spirl.com/blog/mcdonalds… #McHire #NHI #NonHumanIdentity #APISecurity

Rotating secrets in CI/CD is great. Not needing them in the first place is even better. Pieter Kasselman gets into what that actually looks like → spirl.com/blog/want-cont… #NHI #nonhumanidentity #machineidentity #CICD

here’s a troll under your infrastructure. 🧌 Its name is Secret Sprawl — and it’s hungry. Feeding it more secrets won’t stop it. Replacing them with identity will. Read how → spirl.com/blog/secret-sp… #CloudSecurity #SecretsManagement #MachineIdentity #NHI

What happens when AI has access… and no limits? It starts answering questions like: "What's everyone's salary?" Agentic AI needs identity + access controls. 🛡 Read more → spirl.com/blog/when-ai-k… #AIsecurity #AgenticAI #DataLeak #CISO #NHI #MachineIdentity