Modern enterprises operate hundreds or even thousands of applications, each with its own authentication and authorization logic. While IAM platforms govern some of this environment, a growing share of identity activity remains embedded directly in application code, infrastructure, and service-to-service interactions, outside centralized visibility and governance.
Orchid Security calls this ‘identity dark matter’ and is launching a new Identity Audit tool to provide a unified view of identity behavior and business context across the entire application estate, including gaps where centralized identity controls stop.
“This ‘identity dark matter’ represents the critical disparity between an organization’s intended security policy and the actual effective access that should exist and be the primary goal of most IAM programs. In the complex landscape of modern cybersecurity, this silent but pervasive threat lurks,” says Lawrence Pingree, head of data security and AI research at Software Analyst Cyber Research. https://softwareanalyst.io/ “Despite massive investment in Identity Access Management (IAM), organizations still often remain vulnerable. The ‘front door’ is locked, but attackers are bypassing it entirely through unmanaged, invisible vectors, often introduced through code or entitlements.”
Across initial deployments of the tool Orchid has found that 85 percent of applications have accounts from legacy or external domains and 20 percent of these are consumer email domains. 70 percent of applications have excessive access privileges, with 60 percent granting broad admin or API access to external third parties. 40 percent of all accounts across applications were found to be orphaned, as many as 60 percent in some cases.
Identity Audit applies observability principles to identity, shifting identity from static configuration into continuous, runtime insight. Rather than inferring risk solely from policies and integrations alone, Orchid observes identity behavior as it unfolds directly within the application.
“Identity decisions are only as good as the data behind them,” says Roy Katmor, co-founder and CEO at Orchid Security. “For years, teams have been making high-stake decisions based on fragments of information. Our new capability delivers a cross-estate Identity Audit that shows not just how IAM is implemented, but how identity is actually used in practice across every application, providing real-world visibility into who or what is acting, including agentic AI, the intent behind each action, and the true privilege being exercised. This complete context becomes the data foundation teams need to make confident identity decisions, and Orchid’s platform turns that insight into action with no-code remediation by orchestrating changes across the existing IAM stack.”
You can find out more on the Orchid site.
Image credit: [email protected]/depositphotos.com
