Welcome to the Elephant in AppSec, the podcast to explore, challenge, and boldly face the AppSec Elephants in the room. We have two incredible guests with us: Andrew Wilder and Amir Shaked. Andrew is the Retained Chief Security Officer at Community Veterinary Partners and the former Regional CISO for Nestle, where he spent 18 years shaping cybersecurity across the Americas, Asia, and Europe. Amir is the VP of Research and Development at Oasis Security, specializing in Non-Human Identity Management. With a background in software development, Amir transitioned to cybersecurity, contributing to companies like PerimeterX and Human in R&D and Engineering. Both Andrew and Amir are passionate about sharing their expertise. Andrew teaches cybersecurity at Washington University in St. Louis and serves on its Board, while Amir coaches engineering managers at GrowthSpace. They frequently speak at conferences and on podcasts, helping others learn from their extensive experience. In February, the Cloudflare breach highlighted the critical risks of managing non-human identities. Today, we’ll explore this fascinating topic with Andrew and Amir, discussing why these breaches occur, the main risks involved, and the anticipated proliferation of non-human accounts. We’ll also delve into the challenges of understanding the context around non-human identities. Dive right in!