Security: 40.000 times more machine identities

19 April 2025
| No comments
Security: 40.000 times more machine identities Image: Bing - AI
Advertising

Share post

A report shows that with 40.000 times more machine identities than human ones, this poses a challenge for corporate security. At the same time, organizations are increasingly gaining more insight into their cloud landscape – 92 percent of companies already operate without risky human users.

The new “2025 Cloud-Native Security and Usage Report” provides in-depth insights into current trends in cloud security and usage, highlighting both significant progress and urgent areas for action for companies.

Advertising
Perfect SME cybersecurity
How small and medium-sized enterprises defend against AI-led attacks with tailored security

According to the report, organizations of all sizes and industries in North America, EMEA, and APJ are making measurable progress in identity and vulnerability management, AI security, and threat detection and response. At the same time, the increasing use of AI and the growth of cloud infrastructure are creating new challenges, including the increasing complexity of machine identities, overloaded container images, and automated attacks.

Advances in cloud security

AI usage grows – security remains a priority: The use of AI and machine learning workloads increased by 500 percent last year. At the same time, the share of generative AI packages more than doubled. Despite this rapid growth, the public attack surface decreased by 38 percent, indicating increased security for AI applications.

Advertising

Subscribe to our newsletter now

Read the best news from B2B CYBER SECURITY once a month



By clicking on "Register" I agree to the processing and use of my data in accordance with the declaration of consent (please open for details). I can find more information in our Privacy Policy. After registering, you will first receive a confirmation email so that no other person can order something you don't want.
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest. For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Faster threat detection and response: Experienced security teams now detect threats in less than five seconds and initiate countermeasures within an average of 3,5 minutes – faster than the historical ten-minute window that previously gave attackers an advantage.555 Cloud Detection and Response Benchmark“ is not only possible, but essential.
Vulnerability management is becoming more targeted: The proportion of actively exploited vulnerabilities has fallen to below 6 percent—a 64 percent decrease over the past two years. Companies are increasingly focusing on closing exploitable vulnerabilities in production environments and optimizing their security strategy.

Open source security is becoming the standard: Companies around the world are increasingly relying on open source security tools such as Kubernetes, Prometheus, and Falco. More than 60 percent of Fortune 500 companies use Falco to secure their cloud infrastructures, underscoring the growing trust in open source security standards.

Challenges for the coming year

Machine identities are a growing vulnerability: With 40.000 times more machine identities than human identities, the attack surface expands significantly. Furthermore, machine identities are 7,5 times more vulnerable – an alarming development, since almost 40 percent of all security breaches begin with compromised credentials.

Container lifecycles are shortening, but attackers are still fast enough: For the first time, 60 percent of all containers have a lifetime of less than 60 seconds. While these short-lived workloads increase agility, attackers are using automated reconnaissance techniques to exploit vulnerabilities in real time. Instant threat detection is therefore more important than ever.

Overloaded container images increase the risk: The average size of container images has increased fivefold, creating unnecessary security risks and inefficient operational processes. Larger images expand the attack surface and increase operational costs, highlighting the need for leaner, more efficient container solutions.

Attackers also rely on open source: While open source security tools have become essential for businesses, cybercriminals continue to leverage open source malware and target open source software as an attack vector – a trend already observed in Sysdig's 2024 Global Threat Year-in-Review.

"Cybersecurity has always been an arms race between attackers and defenders—but the battlefield is changing," explains Crystal Morin, Cybersecurity Strategist at Sysdig. "Organizations have made tremendous progress, particularly in reducing response times to threats. But with the growing number of machine identities and the dynamically evolving cloud environment, automation and rapid response are more important than ever. However, the data in this report makes me optimistic about the future of cyber defense."

Go directly to the PDF report at Sysdig.com

 

About Sysdig

In the cloud, every second counts. Attacks occur within minutes – security teams must protect companies without compromising their agility. Sysdig, recognized as a Customers' Choice in Gartner's "Voice of the Customer" report for Cloud-Native Application Protection Platforms (CNAPPs), stops cloud attacks in seconds and detects risks in real time with open security solutions like Falco. Sysdig Sage™, the industry's first AI-powered cloud security analyst, improves responsiveness and enables faster collaboration between security, developers, and DevOps.

 

Matching articles on the topic

DDoS attacks: the most important means of cyber warfare

In the second half of 2024, there were at least 8.911.312 DDoS attacks worldwide, according to the results of a recent DDoS Threat Intelligence Report. ➡ Read more

Maximum IT security for OT systems

OT systems are rarely attacked directly. However, gaps and vulnerabilities in traditional IT make OT systems more vulnerable to attacks. ➡ Read more

IT resilience: cybersecurity at the storage level

More data security features for greater IT resilience at the storage level: Cyber ​​security managers can pursue a proactive data security approach at the storage level with highly secure NetApp storage and thus ➡ Read more

Algorithms for post-quantum cryptography

A provider of IT security solutions introduces Quantum Protect, a post-quantum cryptography application suite for its u.trust General Purpose Hardware Security Modules (HSMs) ➡ Read more

Power grid threat: security gaps in solar systems

A cybersecurity solutions provider published its research report “SUN:DOWN – Destabilizing the Grid via Orchestrated Exploitation of Solar Power Systems”, which ➡ Read more

Cloud and SaaS security is inadequate

A recent study shows that companies' security strategies are failing to keep pace with the rapid adoption of cloud-native technologies. 28 ➡ Read more

OT environments: Detect and assess threats

Enterprises with limited resources can identify, assess, and make informed decisions about threats in OT environments with a comprehensive endpoint protection solution. ➡ Read more

Cybersecurity: Automatically check connected devices

Suppliers and users can now easily manage the cybersecurity and compliance of the software in their networked devices, machines and systems. ➡ Read more

PR News
, , , , ,