Silverfort Extends Identity Security to Cloud-Based Non-Human Identities, Closing Critical Gaps Across Hybrid Environments

At RSA Conference 2025, identity security heavyweight Silverfort unveiled a major expansion of its platform, offering full-scale protection for non-human identities (NHIs) across cloud and on-premises environments. The move positions Silverfort as the first provider to offer unified, cross-environment coverage for both human and machine-based identities at a time when securing automated processes has become a frontline cybersecurity challenge.

The upgrade integrates technology from Silverfort’s acquisition of Rezonate in late 2024, and it arrives as businesses struggle to tame the sprawling ecosystems of service accounts, tokens, certificates, and API keys that now vastly outnumber human users. According to Silverfort, NHIs already outpace human identities by 50-to-1 — a gap expected to grow sharply with the rise of generative AI and autonomous agents.

“Emerging NHI-focused vendors attempt to address the problem with bespoke, point solutions that tackle a small fraction of the issue,” said Roy Akerman, VP of Identity Security Strategy at Silverfort. “But attackers don’t think in fragments. They exploit the entire attack surface, searching for any weakness that grants them access."

The New Identity Frontier

Non-human identities form the operational backbone of modern organizations, enabling critical interactions between applications, databases, and services. Yet despite their importance, they have traditionally been managed as an afterthought, scattered across platforms with inconsistent oversight. The result: a swelling attack surface riddled with stale credentials, excessive privileges, and unmanaged accounts.

Silverfort’s new capabilities aim to correct that fragmentation. Its expanded platform now provides full discovery, ownership mapping, privilege analysis, and behavioral monitoring for NHIs not only in legacy Active Directory environments but also across cloud providers like AWS, Azure, and SaaS ecosystems like GitHub and Snowflake.

Crucially, the platform uses behavioral baselining to detect anomalies in real time. Any deviation from expected patterns triggers automated enforcement, preventing lateral movement — a hallmark tactic in many modern breaches. Ownership of each NHI is also automatically established, streamlining remediation and accountability processes that have historically bogged down security teams.

“To effectively manage NHIs, organizations need cross-platform, hybrid support, and a platform that can do more than secure NHIs," Akerman said. "That’s why at Silverfort, we’ve integrated our NHI security offering into our broader platform, giving our customers visibility into and control over the entire attack surface—not just the NHI components.”

Identity Security at Runtime

Silverfort’s innovation rests on its patented Runtime Access Protection (RAP) technology, which extends identity security to what were previously considered "unprotectable" assets — including service accounts, legacy command-line tools, and even operational technology infrastructure.

With the addition of non-human identity protection for cloud assets, Silverfort’s platform now maps effective privileges and usage patterns across both human and machine identities. Its "virtual fencing" technique for Active Directory service accounts blocks usage outside of designated patterns, preventing exploitation without disrupting legitimate operations — a crucial balance for large enterprises.

Silverfort's identity-first strategy has resonated with the market. Trusted by more than 1,000 enterprises including UPS, Airbus, and Kayak, the company analyzes more than 10 billion authentication events daily and claims deployment speeds 17 times faster than traditional solutions. Its momentum was further boosted by a $116 million Series D round in 2024 and recent recognition as one of Fast Company’s Most Innovative Companies in cybersecurity.

The Broader Implications

Silverfort’s move underscores a growing shift in the cybersecurity industry: identity security is no longer just about authenticating people — it’s about managing every entity that can access digital resources, human or otherwise. As generative AI and automation continue to drive operational complexity, the ability to secure NHIs at scale could become a defining capability for security teams.

By consolidating protection for both human and non-human identities into a single platform, Silverfort is betting that enterprises want — and increasingly need — a comprehensive view of their identity landscape without piecemeal integrations or coverage gaps.

Silverfort is showcasing its expanded platform this week at RSA Conference 2025 (booth #3404).