OWASP Non-Human Identities Top 10
Back to Top 10
Illustration for Lack of Monitoring and Auditing
NHI6:2025
Lack of Monitoring and Auditing
Insufficient monitoring and auditing of non-human identity activities and access patterns.

Details

Without proper monitoring and auditing, organizations lack visibility into the activities of their non-human identities. This can lead to delayed detection of security incidents, unauthorized access, or misuse of these identities.

Video Explanation

Enhance Your Security Posture

Enhance Your Security Posture

Learn how to protect your non-human identities and strengthen your overall cybersecurity strategy.

Get Started

Example Scenario

MegaCorp, a multinational conglomerate, implements a new cloud-based ERP system. They set up numerous service accounts for various integrations but fail to implement comprehensive monitoring. Over the course of a year, a group of insiders exploits this lack of oversight. They create additional 'ghost' service accounts, slowly escalating privileges and exfiltrating proprietary data. The breach is only discovered when an external audit reveals discrepancies in the company's financial reports. By then, terabytes of sensitive data have been stolen, including trade secrets and employee personal information. The incident leads to multiple lawsuits, regulatory fines, and a sharp decline in MegaCorp's stock price.

Mitigation Strategies

  • Implement comprehensive logging for all non-human identity activities
  • Set up real-time alerting for suspicious activities or access patterns
  • Regularly review and analyze logs and access patterns

Best Practices

  • Use SIEM (Security Information and Event Management) solutions for centralized logging and analysis
  • Implement automated anomaly detection systems
  • Conduct regular security audits and penetration testing

References

Related Risks

Improper Offboarding

Inadequate deactivation or removal of non-human identities when no longer needed....

Learn More about Improper OffboardingLearn more about Improper Offboarding
Secret Leakage

Unintended exposure of sensitive non-human identity credentials to unauthorized parties....

Learn More about Secret LeakageLearn more about Secret Leakage
Excessive Permissions

Non-human identities are granted more permissions than necessary for their intended functions....

Learn More about Excessive PermissionsLearn more about Excessive Permissions
Inadequate Rotation

Failure to regularly update or rotate credentials for non-human identities....

Learn More about Inadequate RotationLearn more about Inadequate Rotation