面向智能体的零信任：大规模管理非人类身份（由 HashiCorp 赞助）.pdf

《面向智能体的零信任：大规模管理非人类身份（由 HashiCorp 赞助）.pdf》由会员分享，可在线阅读，更多相关《面向智能体的零信任：大规模管理非人类身份（由 HashiCorp 赞助）.pdf（82页珍藏版）》请在三个皮匠报告上搜索。

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.S E C 2 1 1-SZero Trust for Agentic Systems:Managing Non-Human Identities at ScaleNicholas JacksonDavid Mills 2025,Amazon Web Services,Inc.or its affiliates.All righ

2、ts reserved.Risks and threats with agentic systemsAgent development lifecycleProtect against leaked secrets Agentic AI a cautionary tale!Vault for addressing agentic threatsManaging agentic identity 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.4AI driven breaches are already ha

3、ppening64 million job applications exposed 1Root cause:AI agent with password 123456Business impact:Class action lawsuit,regulatory investigationWhat auditors found:No user attribution for agent actionsConfidential intellectual property stolen 2Root cause:No controls on AI agent data accessBusiness

4、impact:Company-wide AI ban,innovation freezeWhat auditors found:6-month delay in product launches483,000 patient records leaked 3Root cause:Agent with overly permissive database accessBusiness impact:$2.3m HIPAA fines plus ongoing monitoringWhat auditors found:Cant determine which staff authorized a

5、ccess1.Mcdonalds AI hiring,csonline,July 20252.Samsung bans chagpt,Bloomberg,May 20233.Serviceaide incident,B,May 2025 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Risks and Threats with Agentic Systems 2025,Ama

6、zon Web Services,Inc.or its affiliates.All rights reserved.Our SystemArchitecture 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Risks and ThreatsIdentity and Access Control 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Risks and ThreatsIdentity and Access Co