Skip to main content
NEW: RSAC 2026 NHI Field Report. How Non-Human Identity became cybersecurity's central axis
Free practitioner's guide · 18 pages · 2026 Q2 edition

The NHI Security Playbook

A year of Cremit's research, condensed. Nine failure patterns, a six-axis severity index, and a 30-60-90 plan you can start Monday.

Email gate coming soon. Direct download available now.

Authored by Cremit Research. No credit card, no sales call.

Cremit Research
The NHI Security Playbook
A practitioner's guide to non-human identity security
01 · Sprawl & the 45:1 ratio
02 · The NHI Kill Chain
03 · Severity Index
04 · ISMS-P Crosswalk
05 · 30-60-90 Plan
2026 Q2 Edition · 18 pages

What's inside

A field reference for practitioners, not a vendor brochure.

The NHI Kill Chain

Nine patterns every security team should be able to name. Ghost, Shadow, Aged, Over-shared, Zombie, Drifted, Public, Unattributed, plus the meta-pattern that ties them together. Each includes detection signals and the one question to bring to your next review.

The Severity Index

A six-axis framework for scoring credential exposure that CVSS cannot measure. Applied end-to-end to real-world cases, including a three-year Slack Bot Token exposure and a two-year Asana Admin API Key, so you can use it immediately.

The ISMS-P Crosswalk

For Korean enterprise readers: how the Kill Chain maps to 강화 인증기준, the 2027 의무화 timeline, and what to prepare in 2026 so the external audit becomes a formality.

Table of contents

Five parts, eighteen pages, zero filler.

01

Sprawl and the 45:1 ratio

Why non-human identities now outnumber employees 45 to 1, and why the programs built for the opposite problem keep missing the point.

02

The NHI Kill Chain

Nine failure patterns with detection signals, real-world examples, and the questions to bring to your next security review.

03

The Severity Index

A six-axis scoring model for credential exposure, with applied case studies on Slack Bot Tokens and Asana Admin Keys.

04

ISMS-P Crosswalk

Korean compliance mapping: 강화 인증기준, 2027 의무화 타임라인, 2026 준비 체크리스트.

05

The 30-60-90 Plan

A quarter-by-quarter playbook for inventorying, owning, rotating, and governing non-human identities.

Built on published research

  • Referenced in the NHI Kill Chain nine-part blog series, with roughly 12k monthly readers.
  • Synthesizes Cremit Research's 2025-2026 field analysis.
  • Includes methodology cited across Korean security community discussions.

Frequently asked questions

Is this really free?+
Yes. Direct PDF download, no sales call required. An email gate is coming soon, but the content stays free.
Who is it for?+
Security engineers, DevSecOps leads, CISOs, and platform teams running into the NHI governance gap. Useful whether you already run a secret detection tool or you're starting from zero.
Does the Korean version cover the same content?+
Yes. The Korean edition includes the full ISMS-P 강화 인증기준 mapping and 2027 의무화 preparation section in detail.
Can I share it with my team?+
Yes. Internal sharing with attribution is explicitly allowed. For external reuse, contact us.
Will I get spam?+
No. Once the email gate launches, you'll receive roughly monthly research updates with opt-out in every email.

Grab the playbook

Eighteen pages, built from field research and published by practitioners. Take it back to your team today.

Or take the 3-minute NHI self-assessment first