BeyondTrust Research Exposes Hidden Privilege Threats: Secrets Are the New Identity Crisis Awaiting Agentic AI
BeyondTrust's latest solution brings secrets into full view, just as Agentic AI spins up at scale
LAS VEGAS, Aug. 04, 2025 (GLOBE NEWSWIRE) -- BeyondTrust, the global leader in identity security protecting Paths to Privilege™, today announced the expansion of its Identity Security Insights™ solution to include Secrets Insights, a new capability designed to illuminate and secure the hidden attack surfaces created by secrets and non-human identities.
As Agentic AI systems begin to autonomously interact with infrastructure, make decisions, and even provision access themselves, the hidden risks posed by unmanaged secrets and non-human identities become exponentially more dangerous.
This launch comes on the completion of the initial class of Identity Security Risk Assessment engagements conducted across a wide range of industries and company sizes. The results are eye-opening:
Dormant service accounts with privilege were found in over 70% of environments
Overly permissive Entra Service Principals create direct pathways to Global Admin privileges, exposing entire Microsoft 365 environments to potential takeover
Credentials reused across multiple service accounts by human admins, enabling a single compromised password to compromise numerous non-human accounts
Low-privileged users can escalate to administrative access across Active Directory, Entra, AWS, Okta, and GitHub through hidden privilege escalation paths built on configuration oversights, federation, synchronization
AD Service accounts bridge on-premises and cloud environments with Active Directory accounts holding privileged Entra roles, creating cross-platform attack vectors
Ineffective GitHub repository access management, leading to uncontrolled secret access and unauthorized access to sensitive code, often accessible through personal Github accounts
'These identity infrastructure issues aren't just misconfigurations, they're invitations,' said Marc Maiffret, CTO at BeyondTrust. 'Our Identity Security Risk Assessment data shows that many organizations lack the complete story when it comes to their identity attack surface. For many, overlooked hygiene issues silently open the door to attackers. And with the rise of Agentic AI, the stakes have never been higher, especially as most organizations lack visibility into how compromised accounts can be leveraged to seize control of application secrets, which often carry elevated privileges.'
The new Secrets Insights capability builds on the success of BeyondTrust's Identity Security Insights platform, which already provides deep visibility into Active Directory, Entra ID, AWS, Azure, Google Cloud Platform, Okta, and Ping Identity, and GitHub. Now, organizations can extend that same level of insight to secrets, such as API keys, service account credentials, tokens, and more, across hybrid and multi-cloud environments and their vaults.
Key Benefits of Secrets Visibility:
Discovery of unmanaged secrets across cloud and on-prem environments
Discovery of users with direct and indirect access to secrets
Risk scoring and prioritization based on exposure and privilege level
Integration with BeyondTrust Password Safe for automated remediation
'As organizations embrace automation and Agentic AI, securing the invisible layers of access - secrets, tokens, and service identities - will define the next frontier of identity security', said Maiffret.
Secrets Insights will be available later this year.
BeyondTrust continues to offer complimentary Identity Security Risk Assessments, often completed in less than 48 hours, to qualified organizations, helping them uncover hidden privilege and secrets risks and chart a path toward Zero Standing Privilege (ZSP) and Just-in-Time (JIT) access.
To learn more or schedule an Identity Security Risk Assessment, visit: https://www.beyondtrust.com/products/identity-security-insights/assessment
About BeyondTrust
BeyondTrust is the global identity security leader protecting Paths to Privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders.
BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners.
Learn more at www.beyondtrust.com.
Follow BeyondTrust:X: https://twitter.com/beyondtrust Blog: https://www.beyondtrust.com/blog LinkedIn: https://www.linkedin.com/company/beyondtrustFacebook: https://www.facebook.com/beyondtrust
For BeyondTrust:
Mike BradshawConnect Marketing for BeyondTrustP: (801) 373-7888E: mikeb@connectmarketing.com
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Wire
an hour ago
- Business Wire
Paired Power Secures Patent for PairTree™ Solar-Integrated EV Charger System
CAMPBELL, Calif.--(BUSINESS WIRE)-- Paired Power, a leading manufacturer of solar-powered electric vehicle (EV) charging systems, announced the award of U.S. Patent No. 12,375,024 for its innovative PairTree™ solar canopy solution. The patent, titled 'Solar canopy systems and methods,' formally recognizes Paired Power's proprietary approach to solar canopy installation, significantly expanding the deployment speed and accessibility of electric vehicle charging in situations with limited or no grid power. This marks the company's fourth patent since 2016, reinforcing its position as the innovator in solar powered EV charging. The newly patented technology covers a unique method for raising solar panels above a foundation using an integrated lift mechanism. Unlike conventional canopy installations that require elevated work, scaffolding, or external lifts, the PairTree™ system allows panels to be safely assembled at ground level before being elevated into place. This streamlined approach reduces installation time, labor costs, and safety risks, making deployment of EV charging infrastructure faster with fewer approval bottlenecks in a wider range of environments. "Securing this patent for PairTree is a monumental achievement for Paired Power," said Tom McCalmont, CEO of Paired Power. 'It embodies our commitment to making sustainable energy solutions more accessible, efficient, and deployable for everyone, everywhere. The ability to rapidly install solar canopies with minimal effort will accelerate the adoption of electric vehicles by providing charging options in previously underserved locations." PairTree reduces installation time from weeks to hours, enabling rapid deployment with immediate functionality and minimal site disruptions. Unlike traditional EV chargers that require trenching and major construction, PairTree preserves existing parking spaces and reduces or eliminates reliance on the grid during installation. Paired Power's signature combination of solar power and energy storage allows PairTree to create its own self-powered microgrid, further enhancing the solution's utility for remote, off-grid or utility-constrained locations. By generating and storing its own energy, the system also empowers operators to avoid costly demand charges often levied by utilities during peak energy use. Its modular, flexible design enables fast, cost-effective EV charger deployment where and when it's needed most. To learn more about the PairTree™ system, visit To delve further into the company's full suite of microgrid EV charging solutions, join Paired Power on Thursday, September 18, for a live webinar at 2:00pm EDT/11:00am PDT. About Paired Power: Trusted by cities, governments, and leading corporations, Paired Power manufactures solar-powered microgrid electric vehicle charger facilities (EVCF) that enable rapid deployment of new EV infrastructure without requiring expansions of existing grid capacity. Paired Power's flagship products are PairTree™, a microgrid solar powered EV charger that pairs a 4.6kW solar array with a 42.4 kWh Battery Energy Storage System (BESS) to provide Level 2 EV charging day or night, and PairFleet™, a larger microgrid designed to serve greater numbers of vehicle charging needs and can be customized based on a client's energy requirements. For more information about Paired Power, visit
Business Wire
2 hours ago
- Business Wire
Seek Labs Unveils Investigational, Equipment-Free Molecular Prototype for MTB on Rapid-Deploy SeekIt™ Platform
SALT LAKE CITY--(BUSINESS WIRE)--Seek Labs, a biotech company boldly seeking a healthier world through AI-powered discovery, programmable therapeutics, and point-of-care diagnostics, today announced a significant advancement in the global fight against tuberculosis (TB) with an investigational prototype for Mycobacterium tuberculosis (MTB) detection on its SeekIt™ platform. In internal analytical testing, the MTB SeekIt test delivered accurate results in under 60 minutes. Importantly, this innovation addresses a key limitation that has historically hindered effective TB diagnostics: breaking apart MTB's waxy, lipid-rich cell wall to gain access to detectable genetic material. In internal testing, SeekIt's proprietary chemical lysis step achieved this in just 15 minutes without heat, mechanical disruption, or complex lab tools and skilled operators. Seek Labs achieved a functional investigational prototype in one quarter by leveraging its suite of in-house, pre-validated diagnostic technologies, focusing new innovation efforts on the MTB-specific lysis step. Share Seek Lab's MTB test demonstrates the speed, adaptability, and field-readiness of the modular SeekIt platform. All SeekIt's components—lysis chemistry, extraction, amplification, and detection—are proprietary to Seek Labs, exclusively discovered and developed in-house, and have been internally validated for performance and integration across multiple applications. The Global TB Testing Gap TB kills more than 1.25 million people each year, with nearly one in three cases going undiagnosed. In high-burden, resource-limited settings, centralized molecular tests face major hurdles: Pathogen complexity: MTB's waxy, lipid-rich cell wall has proven intractable to portable lysis methods for decades. Infrastructure dependence: Gold-standard molecular tests require expensive, power-intensive instruments, refrigeration, and highly skilled (or trained) operators. Sample limitations: Sputum collection is challenging for many patients and can deter testing. 'TB diagnostics have long been limited by gaps in both infrastructure and innovation that have often meant severe consequences for patient care and public health,' said Jared Bauer, CEO of Seek Labs. 'Our rapid, point-of-care SeekIt MTB test is designed to enable molecular-level detection in settings where access to equipment and electricity may be limited.' From Sample to Result: A Simplified Workflow At the core of the MTB SeekIt test is a proprietary, single-step chemical lysis buffer, involving a specially-formulated solution that disrupts MTB cells to release their genomic DNA. This breakthrough innovation takes just 15 minutes at room temperature, while competing methods (high-heat incubation or mechanical bead-beating) require longer times plus expensive equipment, specialized technicians, and complex infrastructure. More importantly, the integrated SeekIt test means the lysate itself flows seamlessly into SeekIt's downstream test components: Seek Extraction™ — A proprietary membrane-based binding system, developed and validated by Seek Labs, that rapidly captures MTB DNA without lab instruments. In validation testing, the MTB DNA yield for Seek Extraction was consistently more than 70% when compared to leading spin-column kits. Seek Amplification™ — A proprietary process that exponentially copies DNA at a constant temperature, detecting as few as 10 MTB genomic copies in 30 minutes without thermal cycling (internally validated), the conventional lab-based method. Molecular Lateral Flow Assay (mLFA) — A test strip that delivers clear, visual results in minutes indicating the presence of amplified DNA in a manner that can be optionally paired with the SeekIt mobile app for digital analysis and connectivity. Speed as a Strategy Conventional development of a molecular test for MTB can take a year or more. Seek Labs achieved a functional investigational prototype in one quarter by leveraging its suite of in-house, pre-validated diagnostic technologies, focusing new innovation efforts on the MTB-specific lysis step. This rapid-deployment approach illustrates how SeekIt can be rapidly developed for numerous high-priority diseases in record time. 'This was more than a fast project; it's proof of our platform's flexibility,' said Kim Wirthlin, Chief Strategy Officer. 'By focusing our innovation on the MTB-specific lysis step for compatibility with our downstream isothermal amplification, we solved one of TB diagnostics' toughest technical challenges and produced a functional investigational prototype in a single quarter.' From Conference to Collaboration Seek Labs will debut the MTB SeekIt prototype at the 2025 Next Generation Dx Conference (August 18–20, 2025, Washington, D.C.), including: Podium Presentation — Enabling Point of Care Diagnostics Track, Tuesday, August 19 at 10:00 AM ET. Scientific Poster — Detailing the proprietary lysis chemistry, rapid development process, and validation data. Seek Labs is actively seeking partners across global health (ministries of health, TB-focused NGOs, and diagnostics distributors in high-burden regions such as sub-Saharan Africa and Southeast Asia) to advance the MTB SeekIt test through clinical validation, regulatory approval, and deployment. 'Innovation means nothing if it doesn't reach people,' said Bauer. 'We want to work with those who share our vision to advance development of accurate, accessible TB testing solutions wherever they're needed most.' About Seek Labs At Seek Labs, we don't wait for change—we build it. We're pursuing the breakthroughs the world can't wait for by developing programmable 'seek-and-destroy' therapeutics and point-of-care molecular diagnostics that close the gap between outbreak and intervention. At the core of this mission is a layered architecture: BioSeeker™ serves as the Intelligence Layer, continuously mapping conserved viral vulnerabilities in real time; these insights activate our Deployment Layers (PTAP™ for programmable therapeutics and SeekIt™ for molecular diagnostics), forming a full-stack development engine designed to accelerate response, innovation, and impact across global health. Headquartered in Salt Lake City, Seek Labs is a proud member of BioHive, Utah's collaborative life sciences ecosystem. Together with our partners, we're building faster, smarter solutions for the world's most urgent health challenges. Forward-Looking Statements and Regulatory Disclaimer This press release contains forward-looking statements, including statements regarding development timelines, clinical validation, regulatory pathways, and potential collaborations. Forward-looking statements are based on current expectations and assumptions and are subject to risks and uncertainties—including scientific, regulatory, manufacturing, clinical, and commercial risks—that could cause actual results to differ materially. The MTB SeekIt assay is an investigational device. Limited by Federal law to investigational use.
Business Wire
3 hours ago
- Business Wire
SugarCRM Named to Constellation ShortList for Top Midmarket CRM Suites
DENVER--(BUSINESS WIRE)-- SugarCRM, provider of the award-winning intelligence-driven sales automation platform, today announced it has been named to the Constellation ShortList™ for Midmarket CRM Suites in Q3 2025. The Constellation ShortList™ portfolio highlights the key players when considering technology investments in key areas and is designed to provide guidance on rapidly changing requirements and customer needs and demands. The Midmarket CRM Suites ShortList was compiled based on Constellation client inquiries, partner conversations, customer references, vendor selection projects, market share and internal research. Constellation defines midmarket organizations as those that typically have from 250 to 1,000 employees and generate between $250 million and $1 billion in annual revenues. According to the research, in the midmarket CRM space, buyers typically seek one or more products in a suite to support sales force automation, service and support, marketing solutions, and commerce capabilities. Buyers expect analytics to be pervasive, integrated, and easy to use. Sugar Sell, sales-i, Market, and Serve are all part of SugarCRM's platform designed to unify sales, marketing and service through intuitive AI-powered capabilities. Together, these solutions break down the silos that often exist within a business, ensuring a cohesive and efficient approach to customer relationship management and customer success. 'This Constellation ShortList recognizes the strengths of our AI-powered CRM platform,' said David Roberts, SugarCRM Chief Executive Officer. 'Today's organizations demand more than data and insights; they want CRM solutions to direct sellers and customer-facing teams to the right next steps. Sugar delivers AI-powered sales technology that simplifies the complexity that comes from hundreds of customers and thousands of products, improving the productivity and effectiveness of a typical seller.' 'As AI reshapes the business landscape, organizations are under increasing pressure to realize meaningful transformation,' said R 'Ray' Wang, CEO and Founder at Constellation Research. 'In this era of accelerated change, Constellation's ShortList is designed to help companies identify top-performing solutions that drive efficiency and innovation.' Click here to learn more about Sugar's AI-driven solutions for CRM. About the Constellation ShortList Constellation Research advises leaders on leveraging disruptive technologies to achieve business model transformation and streamline business processes. Products and services named to the Constellation ShortList meet the threshold criteria for this category as determined through client inquiries, partner conversations, customer references, vendor selection projects, market share, and internal research. The portfolio is updated at least once per year as the analyst team deems necessary based on market conditions. Disclaimer: Constellation Research does not endorse any solution or service named in its research. About SugarCRM SugarCRM offers software solutions that help marketing, sales, and service teams reach peak efficiency through better automation, data, and intelligence so they can achieve a real-time, reliable view of each customer. Sugar's platform provides leading technology in the sales automation, marketing automation, and customer service fields with one goal in mind: to make the hard things easier. Thousands of companies in over 120 countries rely on Sugar by letting the platform do the work. Headquartered in the San Francisco Bay Area, Sugar is backed by Accel-KKR. For more information about SugarCRM, visit:
