SSH Keys Are a Silent Security Risk: The Machine Identity Crisis Explained – WC #1

Full Segment Notes
Key Moments
  • 0:00 - Introduction: The Hidden Risk of SSH Keys
  • 02:00 - What Are Machine Identities?
  • 05:00 - Why Machine Identities Outnumber Humans 100:1
  • 07:30 - SSH Keys: From Convenience to Security Risk
  • 10:00 - Key Sprawl & Lack of Visibility
  • 13:00 - How Attackers Exploit SSH Keys
  • 16:00 - Info Stealers & Lateral Movement
  • 19:00 - Why SSH Keys Bypass Traditional Security
  • 22:00 - The Audit Problem: Failing Without Knowing Why
  • 25:00 - Shadow Access: Keys Outside Identity Systems
  • 28:00 - Why Identity Teams Miss Machine Identities
  • 31:00 - Zero Trust for Machines (Not Just Humans)
  • 34:00 - Certificates vs SSH Keys (Big Shift)
  • 37:00 - Just-in-Time Access Explained
  • 40:00 - Real-World Risk: Outages & Breaches
  • 43:00 - Compliance Pressure (PCI, SOC2, HIPAA)
  • 46:00 - Discovery: Finding Keys Across Your Environment
  • 49:00 - Key Features to Look For in Solutions
  • 52:00 - KPIs: How to Measure Improvement
  • 55:00 - First Steps to Fix the Problem
  • 58:00 - Final Takeaways

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

You can skip this ad in 5 seconds