IN 2024, compromised service accounts and forgotten API keys accounted for 68% of cloud breaches, with unmanaged non-human identities left unattended as a major threat to enterprise data. For every employee in an organisation, there are 40 to 50 automated credentials, including service accounts, API tokens, AI agent connections and OAuth grants, many of which remain active and fully privileged after projects end or staff leave.
Attackers don’t need to break in—they can simply exploit the keys you have left out, and the average dwell time for these intrusions is over 200 days, according to the piece. Traditional IAM was not designed for machines and tends to overlook non-human identities, a gap the article says this webinar aims to address.
The session will cover running a full discovery scan of non-human identities, right-sizing permissions across service accounts and AI integrations, and implementing an automated lifecycle policy to revoke dead credentials, plus a ready-to-use Identity Cleanup Checklist for the live session. According to The Hacker News, the webinar is scheduled as part of their threat intelligence and enterprise security coverage, and appeared in an article dated 18 April 2026.