New Concentric AI capabilities can find hardcoded secrets and key credentials

Autonomous data security posture management company Concentric Software Inc. today announced new deep-learning-driven detection capabilities that can find hardcoded “secrets” and key credentials in popular enterprise on-premises and cloud data repositories as well as email and messaging applications.

Secrets are programmatic access keys, such as application programming interface keys, access tokens and connection strings, used by applications to access sensitive data and cloud services. As noted in a recent report, it’s estimated that, on average, there are at least 500 secrets per organization scattered across at least five secret stores.

Concentric AI argues that new capabilities such as generative artificial intelligence have made it easier to trick employees into clicking on harmful links or downloading malicious attachments, leaving enterprises more vulnerable to a compromise. Once attackers successfully compromise a network, they can search for and discover secrets and keys to access applications in vast amounts of unstructured data.

Gaining access to secrets and keys to repositories, including SharePoint, Google Drive, Github, SSH, S3, Box, BiTBucket and Windows File Systems, gives attackers access to sensitive intellectual property such as source code, private client information and critical financial data.

The updates to Concentric AI’s Semantic Intelligence data security posture management, or DSPM, solution are designed to enable security teams to address risks to sensitive data by deleting redundant secrets. Doing so reduces the threat of malware attacks that can result in lateral movement and potential loss of sensitive data.

Using deep learning and natural language processing, Concentric AI’s Semantic Intelligence detects secrets and keys for various applications embedded in unstructured data. The service scans repositories and uses NLP to identify secrets and keys without using static rules or fixed regex patterns.

That overcomes the issue wherein data repositories are extremely difficult to scan because it’s impossible to write rules or regex patterns to address this threat without significant false positives and negatives. Concentric says the use of deep learning and NLP delivers high-fidelity detection with minimal false positives and negatives.

Concentric AI’s DSPM solution scans organizations’ data, detects sensitive or business-critical content, identifies the most appropriate classification category and automatically tags the data. AI improves discovery and classification accuracy and efficiency to avoid endless regex rules and inaccurate end-user labeling.

The service can also monitor and autonomously identify risks to financial and other data from inappropriate permissioning, wrong entitlements, risky sharing and unauthorized access. The service automatically remediates permissions and sharing issues and can leverage other security solutions and cloud application programming interfaces, with an aim protect exposed data quickly and continuously.

Image: Concentric AI