Episode 7

full
Published on:

13th Aug 2025

Exploring Machine Identities in Cybersecurity with Evandro

In this episode of the Security by Default podcast, Joseph Carson and Evandro Goncalves discuss the critical topic of machine identities also known as non-human identities (NHI), exploring their definitions, challenges, and best practices for management. They delve into the complexities of managing non-human identities in cybersecurity, emphasizing the importance of visibility, risk management, and the principle of least privilege.

The conversation also highlights experiences from the NATO Lock Shield event, showcasing the real-world implications of identity security. Evandro shares insights on staying updated in the cybersecurity field and the importance of hands-on learning.

Takeaways

  • The podcast aims to make security accessible to everyone.
  • Machine identities are non-interactive identities used in IT environments.
  • Organizations may have up to 80 machine identities for every human identity.
  • Visibility and management of machine identities are significant challenges.
  • Over-privileged accounts are a common issue in organizations.
  • Applying the principle of least privilege is crucial for security.
  • Communication and coordination are vital during cybersecurity events.
  • Hands-on experience and laboratories are effective for learning new technologies.
  • Staying updated with threat reports is essential for cybersecurity professionals.
  • Networking through platforms like LinkedIn is beneficial for knowledge sharing.

Keywords

machine identities, cybersecurity, identity security,

non-human identities, security management, best practices, NATO Lock Shield,

visibility, risk management, zero trust

Next Episode All Episodes Previous Episode

Listen for free

Show artwork for Security by Default

About the Podcast

Security by Default
Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends.
Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

About your host

Profile picture for Joseph Carson

Joseph Carson

I am a distinguished cybersecurity professional with over 30 years of experience in enterprise security and infrastructure.

Throughout my career, I have been an active contributor to the cybersecurity community, serving as an educator, ethical hacker, and speaker at global conferences. I hold both the Certified Information Systems Security Professional (CISSP) and Offensive Security Certified Professional (OSCP) certifications as well as advise various governments, critical infrastructure organizations, and industries such as finance and transportation on cybersecurity matters.
I am the author of "Cybersecurity for Dummies," a book that has gained global recognition for helping companies integrate people, processes, and technology to strengthen their defense against cyberattacks. The book has over 50,000 readers worldwide and provides a straightforward approach to understanding cybersecurity.

In addition to my writing, I have authored numerous articles and research papers, contributing to publications such as The Wall Street Journal, USA Today, Dark Reading, and CSO Magazine. I also host the bi-weekly podcast "Security by Default" which offers insights from leading cybersecurity experts and discusses best practices for navigating security challenges.
I am dedicated to educating the next generation of cybersecurity leaders and his commitment to building a safer internet have made him a respected figure in the cybersecurity community.