Silverfort, First to Deliver Automated Identity Protection of Thousands of Service Accounts With a Single Click—Securing Machine-to-Machine Communications

Customers can now discover, monitor, and protect their service accounts with fully automated visibility, risk analysis, and adaptive access policies to bolster the protection of an entire class of identities that previously went unprotected.

Tel Aviv & Boston – Dec 18, 2023 — Silverfort, the Unified Identity Protection leader, announced today the first and only solution that provides customers with real-time protection and visibility of service accounts in a single click. Silverfort’s expanded Service Account Protection capabilities automate and scale the protection of thousands of service accounts with ease, removing burdensome roll-out processes to save time and cost. This solves a major blind spot in enterprise security that was, until now, extremely difficult to address, enabling organizations to mature their overall security program.

Service accounts are used for machine-to-machine communication to perform automatic, repetitive, and scheduled actions in the background, usually without administrator supervision or intervention. Because there is no human attached to a service account, they cannot be protected with standard identity security controls such as Multi-Factor Authentication (MFA). Compounding the risk, service accounts are typically highly privileged accounts, giving access to highly critical systems. Based on a recent report by Osterman research, only 4% of organizations claim to have full visibility into their service accounts. As we rely more and more on automated machine-to-machine communication and process automation, the number of unprotected service accounts continues to climb, giving attackers a bigger attack surface to target.  According to Silverfort’s analytics, we’ve found that more than 60% of attacks leverage service accounts for lateral movement.

Silverfort’s Service Account Protection fully automates discovery and activity mapping, with newly detected service accounts protected within 30 minutes. Today, the company is adding the ability to dramatically scale protection with a single click and add immediate protection to new service accounts upon creation. Each service account’s activity is mapped, including the sources and destinations where it’s being used, establishing a baseline of normal behavior and to identify the service account’s operational dependencies. Policies are auto-created to block access or alert on unauthorized activity.  For those needing proof of service account protection for cyber insurance requirements, Silverfort provides detailed reports to help reduce insurance premiums.

“Service accounts are a security nightmare because you can’t put MFA on them, so you need to have other means of protection. Silverfort enabled us to put real-time protection on our service accounts by enforcing policies that block any access that deviated from normal behavior,” said Tom Parker, VP of IT and CISO of Kayak. “Because of this, even if attackers were able to compromise the credentials of service accounts, they wouldn’t be able to use them for malicious access. Silverfort was able to protect what no one else could. Of the security tools we use, Silverfort has a very high return on investment.”

Silverfort’s Service Account Protection:

• Discovers and maps service accounts for complete visibility. Silverfort’s platform data shows that most companies have 30-40% more service accounts than previously thought. Unlike any other identity security solution on the market, Silverfort maps every service account, including ones that the organization didn’t know about, giving teams insight into the risk of every service account’s authentication and access activity.

• Delivers instant protection. Silverfort auto-generates tailored policies for every service account that triggers a protective action when the service account is being used outside of its intended purpose. Users can choose between blocking access and alerting or activating the policy. New service accounts added will be detected and protected within 30 minutes.

• Automates and scales service account protection. Customers can create global policies covering thousands of service accounts with a single click, including gMSA accounts.

• Requires NO agent or proxies.  Silverfort simplifies the security of service accounts without the need to change applications, implement software agents, proxies, or any password changes.

“Identity is the most exposed, vulnerable and targeted attack surface. Organizations rely on point solutions to secure identities, and still, many identities are left unprotected—this typically includes services accounts,” said Hed Kovetz, CEO and Co-Founder of Silverfort. “Silverfort prides itself on the ability to protect the unprotected, including service accounts in a non-intrusive way. Silverfort is able to close this gap by automatically discovering, analyzing and protecting all service accounts without having to modify them, solving massive challenges for organizations when it comes to securing their identity attack surface.”

Silverfort is dedicated to protecting all identities—across the entire identity infrastructure—in a single solution, eliminating the need for point identity security solutions.  90% of businesses are hybrid environments, having on-prem and cloud-based infrastructure, and require a cross-platform solution that can provide visibility and protection of their entire hybrid environments.  By being vendor agnostic, agentless, and combining visibility and protection into a single product, Silverfort is the only identity security platform that can protect all identities from a single, unified platform.

Learn more about Silverfort’s Service Account Protection here.

About Silverfort

Silverfort is the only Unified Identity Protection Platform that extends identity protection to any sensitive resource, including ones that couldn’t be protected before, without having to modify them. That includes legacy systems, command-line interfaces, IT/OT infrastructure, service accounts (non-human identities) and many more. Silverfort delivers secure authentication and access policies across the entire hybrid identity infrastructure – both legacy and modern – from a single unified platform, and stops identity-based threats everywhere. Silverfort is headquartered in Tel Aviv, Israel, and was founded in 2016.