OPINION

ERIC FOURRIER, CEO AND CO-FOUNDER OF GITGUARDIAN

As organisations grapple with the expanding complexity of machine identities and automated systems, we spoke with Eric Fourrier, CEO and Co-founder of GitGuardian, a leading provider of secrets detection and remediation solutions.

ith GitGuardian’ s recent launch

Non-human identities have become a major concern for enterprises. Can you explain the scale of this challenge?

The numbers are staggering. In today’ s digital landscape, non-human identities – which include service accounts, API keys, automation scripts and machine identities – outnumber human users by a ratio of 100 to 1. This exponential growth is driven by the increasing adoption of cloud services, microservices architectures and DevOps practices.

What makes this particularly challenging is that each of these identities requires access to sensitive resources and carries potential security risks. Unlike human users, who follow predictable patterns and can be managed through traditional IAM solutions, non-human identities operate 24 / 7, often with elevated privileges, making them attractive targets for attackers.

Recent research shows a rise in software supply chain attacks. How does this relate to non-human identity security?

The connection is direct and concerning. According to IDC, nearly 20 % of organisations faced a software supply chain attack in 2024. These attacks often exploit weaknesses in non-human identity management – compromised API keys, exposed service account credentials, or vulnerable automation scripts.

What’ s particularly worrying is that a single compromised non-human identity can provide attackers with extensive access to an organisation’ s infrastructure. These identities often have broad permissions and can operate across multiple systems, making them ideal targets for lateral movement within networks.

WWW. INTELLIGENTCISO. COM 41