Find your HYDDEN Non-Human Identities (NHIs)

At KeyVault Solutions, we’ve recently partnered with HYDDEN, a company purpose-built to address your organization’s Non-Human Identities (NHIs). There are multiple industry reports indicating that there’s anywhere from over 50 to 100 NHIs to one person in a company. That’s pretty insane numbers to think about. This will continue to quickly expand as AI agents are integrated within companies throughout the world with AI being the new gold rush of this era. This is exactly why we wanted to partner with HYDDEN, to assist our clients in finding NHIs, assigning owners, assigning risk ratings, and even onboarding them into your CyberArk Vault.

In this blog we’ll do a short overview of the HYDDEN platform and how it can strengthen your IT Security posture at your company.

What are Non-Human Identities (NHIs?) 

First, we need to cover what are NHIs. Non-human Identities (NHI) are digital entities used to identify, authenticate and authorize machines, devices, and IT infrastructure as well as the applications, cloud workloads, and automated processes within an IT infrastructure. NHIs represent a broad category that includes any digital identity not associated with or operated by a human. They can be automatically created and terminated on demand to dynamically scale to meet the needs of the business. As I noted before, agentic AI will further explode the ratio of NHIs to a person.

Your Identity Posture within HYDDEN

After discovering various accounts, you’ll have a front row seat on what NHIs are within your organization. You’ll be able to prioritize Critical accounts to remediate based on configurable risk ratings. You’ll be be able to map owner of the discovered accounts based on configurable mapping rules. There are a number of out of the box integrations, such as Active Directory, Azure, AWS, GitHub, SailPoint, Okta, ServiceNow, LDAP, SQL Server, etc. to discover NHIs from. Also, custom integrations are possible. For example, if you need to include additional metadata from your extended Active Directory Schema, that is configurable.


HYDDEN Identity Posture Dashboard

Discover & Auto-onboard Accounts into your Vault

After your various service accounts are found, you’ll realize that you’ve been missing a large number of them from being onboarded within your organization’s secure vaulting solution. HYDDEN currently supports automatically onboarding accounts within CyberArk and BeyondTrust vaults. You’ll be able to configure rules to auto-onboard accounts into your vault within the right safe for your account owner.


Active Directory Discovered Accounts — Before Vault Onboarding

Your “Oh Sh*t!” moments

I recently integrated my Azure tenant within HYDDEN in ~10–15 minutes. After the scans completed I realized I still had an Azure lab service account I created forever ago. It was still enabled but not used, the password hadn’t been changed since creation in 2023, and I have no idea what the password is. Sound familiar? 

Throughout your NHI discovery process you’ll find more critical accounts like that. That’s when you’ll have one or more “moments”. 


Azure discovered account — yikes

Need help discovering and reducing large risks to your organization? 

KeyVault Solutions can be your guide in finding your NHIs. We’ll work closely with you and our partner, HYDDEN, to ensure you find and remediate blind spots in your organization.

Contact Us —  https://www.keyvaultsolutions.com/pages/contact-us
Consultation Request — https://www.keyvaultsolutions.com/pages/consultation

Back to blog

Leave a comment

Please note, comments need to be approved before they are published.