> 🎙️ This post was auto-generated from the [Tech Updates podcast](https://rss.com/podcasts/tech-updates-by-andres-sarmiento/2758452) episode.
## Show Notes
45 to 1. In the average enterprise, for every human user there are 45 machine identities. Every API key. Every service account. Every agent token. Every secret in every config file. Your IAM platform probably tracks about 2% of them. That’s where the breaches are coming from now — Snowflake, GitHub PATs, Azure IMDS. This episode unpacks the NHI crisis, the vendor landscape, and the three control patterns that actually work this quarter.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📚 WHAT YOU’LL LEARN
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✅ What counts as a non-human identity (it’s more than service accounts)
✅ The 45:1 ratio — and why it’s 200:1 in agentic shops
✅ Why “service account” is doing too much work (meet Dave)
✅ How Snowflake, GitHub PAT theft, and Azure IMDS all trace to NHIs
✅ Why your PAM solution doesn’t cover any of this
✅ The NHI vendor landscape — Astrix, Oasis, Clutch, Teleport, Natoma
✅ The 3 control patterns that work (inventory, rotate, scope down)
✅ Why agents make this 10× worse by 2027
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
⏱ CHAPTERS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
0:00 Intro — the 45:1 ratio
0:49 What is an NHI? (it’s not just service accounts)
2:05 Dave is your problem
2:48 The breach file — Snowflake, GitHub PAT, Azure IMDS
4:20 Why PAM doesn’t cover this
5:24 The NHI vendor landscape (still a 2-year-old category)
6:30 The 3 control patterns that work
7:46 Agents are NHIs — the 500:1 future
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🎯 THE MEMORABLE LINES
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
• “A service account was created by Dave in 2017, has god-mode permissions, no rotation policy, is used by 42 systems nobody audited, and Dave left in 2020.”
• “Snowflake did what Snowflake was told to do. The instructions were ’trust this credential.’ Guess what didn’t have MFA.”
• “We are about to go from 45-to-1 to 500-to-1.”
• “Stop hardcoding secrets in your Git repos. Every scanner finds them in the first five minutes.”
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🛠 THE 3 FREE CONTROL PATTERNS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
• Inventory — you can’t secure what you can’t see
• Rotate — replace long-lived creds with short-lived alternatives
• Scope down — every NHI has more perms than it needs
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📡 TECH UPDATES · THE PODCAST
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔗 techupdates.it-learn.io
Previous → EP20 · Typhoon Season, One Year Later
End of the EP17–21 arc. Thanks for listening.
#TechUpdates #NHI #NonHumanIdentity #IAM #Snowflake #GitHub #PAM #Astrix #Oasis #Teleport #IdentitySecurity #CyberSecurity
---
🎧 Listen to the full episode on [Tech Updates](https://techupdates.it-learn.io) or wherever you get your podcasts.
