Danny Brickman
Co-founder & CEO
Published on
December 31, 2024
As we reach the end of 2024, I can’t help but reflect on what an incredible year it’s been. This was the year Oasis emerged from stealth with a clear mission: to help organizations take control of their non-human identities (NHIs). Looking back, I feel a deep sense of pride in how far we’ve come and gratitude for everyone who made it possible.
When we launched, we knew the challenges were significant. NHIs—things like service accounts, tokens, and API keys—have exploded in numbers, now outpacing human identities by 20 to 40 times. Managing them securely at scale is a massive challenge for organizations. This year, we faced that challenge head-on, introducing our Four-Engine Solution: Discovery, Context Reconstruction, Ownership Discovery, and Policy-Driven BYOI Orchestration.
These engines are more than just technical tools—they’re the foundation of clarity, confidence, and control for businesses navigating complex identity ecosystems. Features like Ownership, Attestation, and Automated Rotation are built to simplify the hardest parts of NHI management, enabling organizations to stay secure without slowing down innovation.
Of course, none of this would have happened without the amazing team at Oasis. Their dedication and innovation amaze me every day. And to our customers—thank you for trusting us to protect what matters most. Your partnership inspires us to keep improving and pushing the boundaries of what’s possible.
The landscape is only becoming more complex and challenging. Here’s where I see things heading:
While every organization requires a solution to manage and secure its non-human identities (NHIs), in highly-regulated industries, the need for a dedicated NHI management solution is paramount. Financial institutions, for example, have access to vast amounts of sensitive data, and as such are highly regulated and frequently audited.
PCI DSS 4.0 is rapidly approaching, and the revised guidelines place significant emphasis on managing NHIs, particularly system and application accounts with elevated privileges. With this, financial institutions will face increased scrutiny from auditors regarding the robustness of their NHI management practices. PCI DSS 4.0 requirements such as Requirement 7 (restricting access based on business needs and least privilege) and Requirement 8.6 (managing accounts with interactive login capabilities) highlight the need for comprehensive strategies to manage NHIs effectively.
As NHIs proliferate, financial institutions risk security breaches and regulatory penalties if they fail to adopt a robust strategy for NHI management. Organizations must begin addressing these challenges now, especially with mandatory PCI DSS 4.0 compliance coming in 2025, to ensure they meet evolving compliance standards and enhance their security posture.
AI adoption is creating new challenges when it comes to non-human identity management and security. A growing trend, termed "LLMJacking," involves threat actors targeting machine identities with access to Large Language Models (LLMs), and either abusing this access themselves, or selling it to third parties. This threat will escalate in the year ahead, amplifying the need for robust non-human identity security measures.
The cybersecurity field will increasingly demand professionals who combine technical expertise with a strong understanding of business objectives. As the threat landscape grows more complex, organizations will prioritize candidates with a hybrid skill set—deep cybersecurity knowledge paired with expertise in risk management and regulatory compliance. This shift will be driven by the need for cybersecurity to be seamlessly integrated into broader enterprise strategies, shifting away from a siloed approach to one that aligns directly with overall business goals.
2024 was a year of growth, learning, and progress for all of us at Oasis. To our team, customers, and partners—thank you. Your trust and support mean the world to me and to all of us at Oasis.
As we move into 2025, I’m excited about what’s ahead. Together, we’re building a future where non-human identities are managed with the same care as human ones, and where organizations can innovate without compromising on security. Here’s to another year of solving big problems and making an impact.
– Danny Brickman, CEO, Oasis Security
