Beyond Just Detection: Oasis Offers Full Lifecycle Management for NHIs
None
<p class="ai-optimize-7 ai-optimize-introduction"><span data-contrast="auto">The 2025 RSA Conference floor was predictably loud, buzzing with enough buzzwords and badge scanners to short-circuit any CISO’s attention span. But in the middle of that chaos, Oasis Security stood out, not for booth glitz or gimmicks, but for something much rarer: authenticity, engagement and real answers.</span><span data-ccp-props="{}"> </span></p><p class="ai-optimize-8"><span data-contrast="auto">I met up with <a href="https://www.linkedin.com/in/danny-brickman/" target="_blank" rel="noopener">Danny Brickman</a>, founder and CEO of Oasis Security, on the floor and again just after RSAC, to dig deeper into Oasis as a team and their solutions. It’s clear Oasis isn’t just another fresh vendor chasing headlines and trying to hop the rapidly forming NHI wave. Oasis isn’t patching or bolting on NHI technology to address this growing attack surface and blind spot. They’ve built a full NHI ecosystem management from the ground up and continue to innovate their solutions with impressive focus and agility. And the Oasis platform is one that every critical infrastructure organization of any size should explore.</span><span data-ccp-props="{}"> </span></p><h3 class="ai-optimize-9"><b><span data-contrast="auto">More Than a Symptom</span></b><span data-ccp-props="{}"> </span></h3><p class="ai-optimize-10"><span data-contrast="auto">“When you’re looking at NHI, it’s not the root cause. It’s a symptom,” Brickman said. “We have a massive gap between infrastructure and security, and when it comes to identity, we’ve been pretending centralization still works.”</span><span data-ccp-props="{}"> </span></p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&utm_source=do&utm_medium=referral&utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p class="ai-optimize-11"><span data-contrast="auto">That gap is growing wider by the day. With cloud-native architectures, AI pipelines and dev-first environments, the traditional controls for identity (vaults, ticketing systems, centralized IDPs) just don’t scale anymore. Developers, not security teams, now control the creation and lifecycle of tokens, secrets and service accounts. Security tools trying to reassert control with old paradigms are being ignored, and often for good reason. “The industry is forcing developers to use tools they don’t want. And they’re not using them,” Brickman said. “That’s why visibility is broken. That’s why security is failing.”</span><span data-ccp-props="{}"> </span></p><h3 class="ai-optimize-12"><b><span data-contrast="auto">Lifecycle or Lip Service?</span></b><span data-ccp-props="{}"> </span></h3><p class="ai-optimize-13"><span data-contrast="auto">Let’s break this down for my dad, Bob, who is my barometer for real-world clarity and understanding of technologies and how they benefit global organizations. Bob’s a fifty-year-plus healthcare CEO who doesn’t write YAML files, but he knows risks to his patients, staff, partners and mission when he sees them. Imagine Bob’s hospital has thousands of machine identities (e.g. a</span><span data-contrast="none">ccess keys, API tokens, service accounts, managed identities</span><span data-contrast="auto">) and they’re proliferating, duplicating and floating around without accountability. Many are orphaned, overprivileged and haven’t been rotated in years. Translation: A hacker’s dream target early in a kill chain!</span><span data-ccp-props="{}"> </span></p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="89dca379c67af9ef07e1f18c-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="89dca379c67af9ef07e1f18c-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p class="ai-optimize-14"><span data-contrast="auto">Now, imagine someone walks in and offers Bob a solution and partnership that says: “Here’s what you have exposed in your ecosystem. Here’s the risks. Let’s proactively fix and manage it together.” That’s the Oasis approach. “We’re not detection-first,” said Brickman. “We’re lifecycle-first, and that means we built provisioning into the platform from the start.”</span><span data-ccp-props="{}"> </span></p><p class="ai-optimize-15"><span data-contrast="auto">That matters. Provisioning is the step that most other NHI vendors skip or bolt on later. But for Oasis, it’s the seatbelt, not the sticker on the windshield. And not the consumer-grade seatbelt. Oasis is the professional five-point safety harness of NHIs. “You wouldn’t build a car without a seatbelt and then try to duct-tape one on later,” Brickman. Oasis built the five-point harness into the fabric of our solution from the start.”</span><span data-ccp-props="{}"> </span></p><h3 class="ai-optimize-16"><b><span data-contrast="auto">From Fortune 500 to Mid-Sized Hospitals</span></b><span data-ccp-props="{}"> </span></h3><p class="ai-optimize-17"><span data-contrast="auto">While Oasis is working deeply with Fortune 500 clients, often to help them realize the value of their seven-figure PAM investments, they’re not exclusive to the enterprise club. Mid-sized organizations, including regional hospitals, financial institutions, energy companies, educational institutions and many other growing critical infrastructure organizations are exposed to attack as well. The common denominator: a creeping, quiet non-human identity sprawl that no one owns until something breaks. “This is an IT ecosystem carbon monoxide problem,” Brickman observed. “It’s invisible until it’s deadly. NHIs are the same. Everyone’s pointing fingers. The developers blame security, security blames IT and the cycle continues. But in the meantime, the problem grows more lethal. Oasis is the partner and solution to prevent attacks from progressing via unseen and unmanaged NHIs.”</span><span data-ccp-props="{}"> </span></p><p class="ai-optimize-18"><span data-contrast="auto">Oasis positions itself as the detector. Their value starts with visibility, but it doesn’t end there. They offer </span><span data-contrast="none">contextualization, classification, inventory, anomaly and threat detection </span><span data-contrast="auto">from creation to rotation to revocation.</span><span data-ccp-props="{}"> </span></p><p class="ai-optimize-31"><a href="https://securityboulevard.com/wp-content/uploads/2025/06/Oasis-Security-Platform-Dashboard-1.png"><img fetchpriority="high" decoding="async" class="aligncenter wp-image-2061446 size-full" src="https://securityboulevard.com/wp-content/uploads/2025/06/Oasis-Security-Platform-Dashboard-1.png" alt="" width="1439" height="656" srcset="https://securityboulevard.com/wp-content/uploads/2025/06/Oasis-Security-Platform-Dashboard-1.png 1439w, https://securityboulevard.com/wp-content/uploads/2025/06/Oasis-Security-Platform-Dashboard-1-300x137.png 300w, https://securityboulevard.com/wp-content/uploads/2025/06/Oasis-Security-Platform-Dashboard-1-1024x467.png 1024w, https://securityboulevard.com/wp-content/uploads/2025/06/Oasis-Security-Platform-Dashboard-1-768x350.png 768w" sizes="(max-width: 1439px) 100vw, 1439px"></a></p><h3 class="ai-optimize-19"><b><span data-contrast="auto">A Different Kind of Partner</span></b><span data-ccp-props="{}"> </span></h3><p class="ai-optimize-20"><span data-contrast="auto">There’s also something refreshing about how Oasis engages. This isn’t a “love-you-and-leave-you” software sale. Brickman made it clear their approach is rooted in partnership, not just product. “The first thing our large customers ask is how we help them get value from the tools they already paid for,” he said. “They’re already spending nearly a million dollars a year in some cases just to get their PAM tools functional.”</span><span data-ccp-props="{}"> </span></p><p class="ai-optimize-21"><span data-contrast="auto">Oasis steps in to make those investments work, and then helps clients evolve toward a modern, scalable NHI strategy that speaks the language of developers without compromising on policy. It’s no surprise their presence at RSAC didn’t feel transactional. It felt like a team that wants to stay in the room once the deal is done. And it was a refreshing and welcome sight to see their entire C-Suite engage at the booth as part of the team. </span><span data-ccp-props="{}"> </span></p><h3 class="ai-optimize-22"><b><span data-contrast="auto">Why Oasis, and Why Now?</span></b><span data-ccp-props="{}"> </span></h3><p class="ai-optimize-23"><span data-contrast="auto">NHI space is booming. There’s already over a billion dollars invested, with more entrants than acronyms. Over twenty startups are carving out detection-first lanes, and legacy players are making acquisitions or bundling partial solutions into broader suites. Oasis stands out by taking the hard route early, building the architecture needed for true lifecycle management, including the industry’s first native provisioning layer for NHIs. “When you build from the ground up with context, provisioning becomes part of the lifecycle,” said Brickman. “We’re not bolting it on. This is foundational.”</span><span data-ccp-props="{}"> </span></p><p class="ai-optimize-24"><span data-contrast="auto">They bet that customers want a platform that treats identity management not just as a reaction to risk, but as a system of hygiene, automation and governance. In that world, detection alone isn’t enough. Proactive lifecycle management is everything.</span><span data-ccp-props="{}"> </span></p><h3 class="ai-optimize-25"><b><span data-contrast="auto">NHIs and the AI Identity Layer</span></b><span data-ccp-props="{}"> </span></h3><p class="ai-optimize-26"><span data-contrast="auto">Brickman also shared his broader thesis on AI security, and it’s one I’m seeing gain traction. “AI security has four layers,” he said. “Infrastructure, identity, data and applications. And identity — especially <a href="https://securityboulevard.com/2025/06/how-can-nhis-enhance-overall-system-security/" target="_blank" rel="noopener">non-human identity</a>, is the glue.”</span><span data-ccp-props="{}"> </span></p><p class="ai-optimize-27"><span data-contrast="auto">The explosion of generative AI and agent-based automation is only compounding the NHI problem. Each tool, each integration, each ephemeral process generates more credentials, tokens, and access relationships, and very few of them get reviewed or revoked. Oasis wants to be the control plane for that chaos.</span><span data-ccp-props="{}"> </span></p><h3 class="ai-optimize-28"><b><span data-contrast="auto">Looking Ahead and Final Thoughts</span></b><span data-ccp-props="{}"> </span></h3><p class="ai-optimize-29"><span data-contrast="auto">I asked Brickman if they had any big announcements around RSAC. The answer? Yes — but quietly. Their major post-RSA message is that Oasis is the first and only NHI company to complete full lifecycle management, with provisioning built in. In a market that’s rapidly evolving, Oasis isn’t trying to win the noise war. They’re focused on doing the hard work of solving the actual problem and being the most trusted technology and security partner in the NHI space. </span><span data-ccp-props="{}"> </span></p><p class="ai-optimize-30"><span data-contrast="auto">So, what would Bob think? My dad has worked tirelessly for over fifty years to make healthcare its own oasis of accessibility, quality, compassion, innovation and opportunity. Bob would be pleased with Oasis doing the same for identity security and absolutely understand their value to protecting his organization’s IT ecosystem and, in turn, the patients he and his team serve.</span><span data-ccp-props="{}"> </span></p><div class="spu-placeholder" style="display:none"></div>