SSH keys and machine identities are everywhere, and almost completely unmanaged. Learn how attackers exploit key sprawl, why visibility is broken, and how to move toward zero trust with ephemeral access.
Thank you to our sponsor for this webcast, SSH Communication Security!
If you can’t see your machine identities, attackers can. Learn how to fix it at https://scworld.com/webcasts
- 0:00 - Introduction: The Hidden Risk of SSH Keys
- 02:00 - What Are Machine Identities?
- 05:00 - Why Machine Identities Outnumber Humans 100:1
- 07:30 - SSH Keys: From Convenience to Security Risk
- 10:00 - Key Sprawl & Lack of Visibility
- 13:00 - How Attackers Exploit SSH Keys
- 16:00 - Info Stealers & Lateral Movement
- 19:00 - Why SSH Keys Bypass Traditional Security
- 22:00 - The Audit Problem: Failing Without Knowing Why
- 25:00 - Shadow Access: Keys Outside Identity Systems
- 28:00 - Why Identity Teams Miss Machine Identities
- 31:00 - Zero Trust for Machines (Not Just Humans)
- 34:00 - Certificates vs SSH Keys (Big Shift)
- 37:00 - Just-in-Time Access Explained
- 40:00 - Real-World Risk: Outages & Breaches
- 43:00 - Compliance Pressure (PCI, SOC2, HIPAA)
- 46:00 - Discovery: Finding Keys Across Your Environment
- 49:00 - Key Features to Look For in Solutions
- 52:00 - KPIs: How to Measure Improvement
- 55:00 - First Steps to Fix the Problem
- 58:00 - Final Takeaways






