Introducing Oasis: the Non-Human Identity Management Platform

Introducing Oasis: the Non-Human Identity Management Platform
Amit Zimerman

Amit Zimerman

Co-founder & CPO

Published on

January 23, 2024

Today, we are excited to announce the general availability of Oasis, the first enterprise platform built for managing and securing the lifecycle of Non-Human Identities! In this blog post, we’ll delve into it and share more details about its transformative capabilities. 

Why is a Non-Human Identity Management Platform now necessary?

To put it in simple terms: identity is the new perimeter and Non-Human Identities (NHIs) are the gaping hole in that perimeter. 

NHIs (Service Accounts, Service Principals, IAM Roles, Secrets, Tokens, Keys, etc.) , now outnumber humans by a factor of 10-50x, and constitute a massive attack surface that needs to be secured. The security risks are further compounded as, on average, there are 5 times more non-human identities with broader access privileges to sensitive data than there are humans. Despite the risks, NHIs are a blind spot for most enterprises because they lack the right tool to manage them through their lifecycle.

Non-Human Identities are very different from human identities. NHIs have a more dynamic lifecycle - that typically spans beyond security teams directly involving developers - and are mission critical for business continuity. The scale, speed, diversity and distributed nature of NHIs bring a whole new set of management requirements that existing security tools, like CSPMs, PAMs, IAMs, and Secret Managers, were simply not designed to address.

This leads to several critical issues that we hear about all the time in our customer engagements:

Lack of visibility

  • I don't know if all NHIs have been on-boarded in my vault”
  • “I don’t know who is using this NHI and how easy it is to steal it”
  • “I don’t know which permissions have been given to each identity”

Inability to detect and assess vulnerabilities

  • “I don’t know if we have long-lived secrets”
  • “I don’t know if secrets  given to 3rd parties are in use and have the right  permissions”
  • “I don't know if we are using NHIs that were owned by off-boarded employees”“

Guesswork and uncertainty 

  • I'm not sure if these identities require these permissions”
  • “I'm not sure if I can rotate this secret without causing outage”

Inability to efficiently operationalize security 

  • “I don't have a way to enforce best practices”
  • “Operations to execute rotation, right sizing permissions and removing stale NHIs are too complex and time consuming”
  • “I can't convince R&D and Ops to adopt our security policy because they generate too much overhead”

Enter Oasis Non-Human Identity Management Platform

Oasis is the first enterprise platform purpose-built for Non-Human Identity Management. Our goal with Oasis is to empower organizations to secure NHIs throughout their lifecycle removing the operational barriers that have so far prevented security and engineering teams from addressing this critical domain. 

We built Oasis with an “identity-first”  approach that starts from your cloud infrastructure and extends to SaaS and on-premise systems. With operational complexity being a critical pain point that enterprises are facing, we have placed a ton of emphasis on making the product extremely easy to use, super-smart and automation rich out-of-the-box. As developers are core stakeholders of the NHIs lifecycle, we strived to create a solution that is by-default developer ready and programmable.

Plugging in Oasis in your environment is super simple and can be done in minutes.  The platform agentlessly connects with all major public clouds (AWS, Azure, GCP) and can be further integrated with leading identity management systems, secret management solutions, ITSM systems, and developer platforms. 

Once connected, most of your work is done! Oasis’s built-in Posture & Remediation Intelligence (PRI) engine begins to continuously analyze your environment to: 

  • discover all NHIs (new and legacy)
  • create a comprehensive inventory of all NHIs providing rich contextual information on who owns it, consumes it, what resources it grants access to and how privileged it is 
  • Identify any security posture vulnerabilities classifying them by severity
  • generate tailored remediation plans that can be executed in manual, semi-automated and fully automated mode

Thanks to these capabilities, Oasis customers have been able to quickly “clean up the mess” in their environments, gaining unprecedented visibility and rapidly eliminating the risk exposure from NHI related vulnerabilities.

Fixing what’s broken it’s just the first step, though. The second is about “stop the bleeding”. In other words, manage NHIs securely from the start, taking control and automating the full lifecycle of NHIs. This is why another critical focus area for R&D is lifecycle management automation to streamline operations and provide holistic governance from provisioning, to rotation to decommission.

Oasis delivers unmatched value. Don’t just take our word for it!

We pride ourselves on being a customer centric organization. Since the early days, we’ve been working in close collaboration with many CISOs, CIOs, identity and security teams to build the best in class solution for NHI management. While still in the early days, we are excited to witness the amazing results that our customers were able to achieve

"Oasis has revolutionized our approach to non-human identity management, effectively addressing security challenges that remained unsolved by conventional methods. Their solution has significantly enhanced our security and governance framework, providing us with holistic visibility and lifecycle automation. This represents a new paradigm in non-human identity management, far surpassing the capabilities of traditional legacy systems."

Chris Mosteller, Head of Identity Security, JLL

Give us a call to schedule a free assessment of your environment and start your journey with Oasis

More like this