Defakto

@DefaktoSecurity

The Non-Human IAM Platform

Bay Area, CA

Joined May 2023

2 Following

95 Followers

56 Posts

Defakto @DefaktoSecurity

20 days ago

Anthropic now supports Workload Identity Federation. API keys for AI agents are on the way out. Pieter Kasselman explains why the shift matters and where agent authentication goes next. Read more: https://t.co/rAR8Pd27f1 #NonHumanIdentity #AIsecurity #WorkloadIdentityFederation

DefaktoSecurity's tweet photo. Anthropic now supports Workload Identity Federation. API keys for AI agents are on the way out. Pieter Kasselman explains why the shift matters and where agent authentication goes next.
Read more: https://t.co/rAR8Pd27f1

#NonHumanIdentity #AIsecurity #WorkloadIdentityFederation https://t.co/FOMJBOISKj

0

3

1

0

168

Defakto @DefaktoSecurity

about 2 months ago

Defakto recognized with 2 #Globee Cybersecurity Awards! 🏆 Best Cybersecurity Startup 🏆 Best Cybersecurity Brand Development This is a direct reflection of the Defakto team: the pace, the focus, and the standard they hold for what gets built + shipped #NHI #IdentitySecurity

0

0

1

0

31

Defakto @DefaktoSecurity

2 months ago

This recognition belongs to the customers building with us. Defakto has been awarded 3 Gold Cybersecurity Excellence Awards! 🥇 Non-Human IAM 🥇 Machine Identity 🥇 Best Cybersecurity Startup #Cybersecurity #MachineIdentity #NonHumanIdentity #CyberAwards #SecurityInnovation

DefaktoSecurity's tweet photo. This recognition belongs to the customers building with us. Defakto has been awarded 3 Gold Cybersecurity Excellence Awards!

🥇 Non-Human IAM
🥇 Machine Identity
🥇 Best Cybersecurity Startup

#Cybersecurity #MachineIdentity #NonHumanIdentity #CyberAwards #SecurityInnovation https://t.co/Ad2VeCQQJy

0

1

0

0

31

Defakto @DefaktoSecurity

2 months ago

A single compromised token shouldn’t take down multiple ecosystems. But in the TeamPCP campaign, it did. Defakto CTO Eli Nesterov breaks down why this became a chain reaction https://t.co/m2qMq09x3p #Breach #TeamPCP #Trivy #Secrets

DefaktoSecurity's tweet photo. A single compromised token shouldn’t take down multiple ecosystems. But in the TeamPCP campaign, it did.

Defakto CTO Eli Nesterov breaks down why this became a chain reaction

https://t.co/m2qMq09x3p

#Breach #TeamPCP #Trivy #Secrets https://t.co/j595Jerode

5

6

1

0

133

Who to follow

Verified account

@davidjamesdiaz

Co-Founder & CEO at Ray Browser. ex-Supercell. Past VP at Fyber. Stanford grad. Love Sports. https://t.co/CTPfzwgaXI

Omkhar Arasaratnam

https://t.co/PsBN05Eqsb || https://t.co/aJ4RwewfJB || https://t.co/U2xuM1N95Z || https://t.co/npQi7LLTn1 || https://t.co/JUIQS205kQ

Move fast, be good, have fun.

Defakto @DefaktoSecurity

6 months ago

AI agents aren’t hidden. They’re ungoverned. In this post, @PieterKasselman explains why visibility alone won’t secure AI — and what actually will. 🔗 https://t.co/WfwdGXSFCH #AIGovernance #AIsecurity #NonHumanIdentity #IdentitySecurity

1

0

0

0

40

Defakto @DefaktoSecurity

6 months ago

AI Attack Automation Is Here. And It’s Coming for Your Credentials! 💭 @PieterKasselman breaks down how eliminating long-lived credentials and issuing identity on demand flips the economics of defense. 🔗 https://t.co/jQWYVWyWCA

1

1

0

0

47

Defakto @DefaktoSecurity

7 months ago

Breaches in automated systems keep repeating, not because attackers are smarter, but because static secrets and overprivileged access still run the show. Learn why resilience starts with identity, not detection. 🔗 Read the full post: https://t.co/TFpr0zh4pN

DefaktoSecurity's tweet photo. Breaches in automated systems keep repeating, not because attackers are smarter, but because static secrets and overprivileged access still run the show.

Learn why resilience starts with identity, not detection.

🔗 Read the full post: https://t.co/TFpr0zh4pN https://t.co/CLE5CUSSUx

0

0

0

0

41

Defakto @DefaktoSecurity

8 months ago

🚀 Big News! We’ve raised $30.75M Series B, led by XYZ Venture Capital to accelerate our mission to eliminate static secrets and bring real security and governance to non-human identity. Read More: https://t.co/8EjSb2ZstO #SeriesB #Cybersecurity

0

2

0

0

62

Defakto @DefaktoSecurity

8 months ago

We’re hiring engineers. If you want to work on identity that powers the next era of automation and AI, check us out. 👉 https://t.co/D00KhozarQ #Defakto #Hiring #Engineering #NonHumanIdentity #NHI #MachineIdentity

1

3

2

0

529

Defakto @DefaktoSecurity

8 months ago

Authentication ≠ Authorization. Confusing the two breaks your security model. Here’s why the difference matters 👇 https://t.co/O7Qvxp8Hvk

0

0

0

0

38

Defakto @DefaktoSecurity

9 months ago

The Shai-Hulud worm spread by harvesting static tokens across npm. Highlighting the ongoing pain of key rotation. Its is a treadmill: The only way off the treadmill? Eliminate static secrets entirely. 👉 New blog: https://t.co/qIoJdmypxu #Secretless #shai-hulud #worm

DefaktoSecurity's tweet photo. The Shai-Hulud worm spread by harvesting static tokens across npm.
Highlighting the ongoing pain of key rotation. Its is a treadmill:
The only way off the treadmill?
Eliminate static secrets entirely.
👉 New blog: https://t.co/qIoJdmypxu

#Secretless #shai-hulud #worm https://t.co/Z7GHZVMtv8

0

1

0

0

295

Defakto @DefaktoSecurity

9 months ago

🔑 OAuth tokens. 🔑 API keys. 🔑 Snowflake & AWS creds. All stolen in the latest Salesloft Drift / Salesforce supply chain breach. Secrets are toxic data and the model is collapsing. Blog: https://t.co/14eEVdYSTb #cloudsecurity #infosec #NHI #breach

DefaktoSecurity's tweet photo. 🔑 OAuth tokens.
🔑 API keys.
🔑 Snowflake & AWS creds.

All stolen in the latest Salesloft Drift / Salesforce supply chain breach.

Secrets are toxic data and the model is collapsing.

Blog: https://t.co/14eEVdYSTb
#cloudsecurity #infosec #NHI #breach https://t.co/6Y5gJmvv0r

0

0

0

0

175

Defakto @DefaktoSecurity

10 months ago

Scaling AI safely means rethinking identity. Multi-attestation is the foundation. “MFA is for humans. Multi-attestation is for AI.” – Pieter Kasselman 👉 https://t.co/3T6lmDStUd #MultiAttestation #NonHumanIdentity #NHI #AIsecurity #MachineIdentity

0

0

0

0

37

Defakto @DefaktoSecurity

10 months ago

Service accounts don’t get offboarded. They accumulate risk and attackers know it. It’s time to eliminate static identity and go accountless. SPIRLs Pieter Kasselman's explains how in this latest blog: https://t.co/XOQNEpkdKh

0

0

0

0

36

Defakto @DefaktoSecurity

10 months ago

Base44 didn’t need a password. Just a public app_id and no identity checks. Wiz’s latest discovery shows what happens when AI & automation scale without Non-Human Identity 👉 Learn more on what went wrong—and how to fix it https://t.co/4AZrFgsNWH #Wiz #Base44 #vibecoding #AI #NHI

0

0

0

0

56

Defakto @DefaktoSecurity

11 months ago

xAI. Last week McHire. Different leaks, same root cause: exposed API keys. We need to stop relying on secrets and start issuing identity. Here’s how SPIRL eliminates static keys: https://t.co/VtwD7c8m7O

0

0

0

0

50

Defakto @DefaktoSecurity

11 months ago

A default password + an open API = 64M McDonald’s records exposed. No MFA. No identity. No excuse. We broke down what went wrong — and how NHI could’ve prevented it. 👉 https://t.co/SEsk2Ynma7 #McHire #NHI #NonHumanIdentity #APISecurity

DefaktoSecurity's tweet photo. A default password + an open API = 64M McDonald’s records exposed.
No MFA. No identity. No excuse.

We broke down what went wrong — and how NHI could’ve prevented it.
👉 https://t.co/SEsk2Ynma7

#McHire #NHI #NonHumanIdentity #APISecurity https://t.co/8SHjqkCIXZ

0

3

1

0

87

Defakto @DefaktoSecurity

11 months ago

Rotating secrets in CI/CD is great. Not needing them in the first place is even better. Pieter Kasselman gets into what that actually looks like → https://t.co/VDMQbCN7Kh #NHI #nonhumanidentity #machineidentity #CICD

0

0

0

0

44

Defakto @DefaktoSecurity

11 months ago

here’s a troll under your infrastructure. 🧌 Its name is Secret Sprawl — and it’s hungry. Feeding it more secrets won’t stop it. Replacing them with identity will. Read how → https://t.co/UbGj2xlXWT #CloudSecurity #SecretsManagement #MachineIdentity #NHI

DefaktoSecurity's tweet photo. here’s a troll under your infrastructure. 🧌
Its name is Secret Sprawl — and it’s hungry.

Feeding it more secrets won’t stop it.
Replacing them with identity will.

Read how → https://t.co/UbGj2xlXWT
#CloudSecurity #SecretsManagement #MachineIdentity #NHI https://t.co/6lEsHwpsd3

0

0

0

0

73

Defakto @DefaktoSecurity

11 months ago

What happens when AI has access… and no limits? It starts answering questions like: "What's everyone's salary?" Agentic AI needs identity + access controls. 🛡 Read more → https://t.co/W3QURxxzMD #AIsecurity #AgenticAI #DataLeak #CISO #NHI #MachineIdentity

0

2

0

0

87

Last Seen Users on Sotwe

Trends for you

Most Popular Users