Chain Reaction: How One Stolen Token Tore Through Five Ecosystems

Why Your Static Credentials Are a Ticking Time Bomb The TeamPCP campaign, one of the largest credential theft campaigns of 2026, began with a compromise in Trivy. A security tool trusted to scan for vulnerabilities and leaked secrets was weaponized against the very environments it was meant to protect. Instead of catching exposed credentials, it …

January 16, 2025

Secret Sprawl

Non-Human Identity Misconceptions: Secrets are not Identities

November 22, 2024

Identity

KubeCon 2024 highlights demand for workload identity solutions

October 30, 2024

Standards

Workload Identity: A Problem Made for Standards!

September 13, 2024

Uncategorized

Shift from Certificate Management to Credential Management

June 17, 2024

Uncategorized

Join us at Cloud Native Security Con 2024

June 4, 2024

Uncategorized

Why Multi-Factor Authentication for Workloads is a Critical Security Control

January 3, 2024

Uncategorized

How to construct SPIFFE IDs

November 7, 2023

Uncategorized

Non-Human IAM Platform

Chain Reaction: How One Stolen Token Tore Through Five Ecosystems

Non-Human Identity Misconceptions: Secrets are not Identities

KubeCon 2024 highlights demand for workload identity solutions

Workload Identity: A Problem Made for Standards!

Shift from Certificate Management to Credential Management

Join us at Cloud Native Security Con 2024

Why Multi-Factor Authentication for Workloads is a Critical Security Control

How to construct SPIFFE IDs

Simplifying SPIFFE: Accessible Workload Identity with Defakto