Reduce risk with managed workload identities

According to the latest Gartner® insight, Machines Can’t Keep a Secret: Use Managed Workload Identities, persistent or static machine/workload credentials, such as passwords and API keys, expose organizations to significant security and operational risks. Teams struggle to manage these secrets and attackers frequently target them in breaches.

As machine-to-machine communication grows, these outdated approaches make it harder to control access, enforce policy, and prevent breaches.

The report, we feel, highlights why traditional secrets management falls short in modern environments and how organizations can move toward identity-based authentication using managed workload identities and short-lived credentials.

Our top takeaways:

• Recommendations for adopting managed workload identities and short-lived credentials
• How machine identities are reshaping access control across cloud and CI/CD environments
• Where outdated secrets management breaks down at scale

GARTNER is a trademark of Gartner, Inc. and/or its affiliates.

Gartner, Machines Can’t Keep a Secret: Use Managed Workload Identities, Steve Wessels, Felix Gaehtgens, Michael Kelley, Paul Mezzera, 6 March 2026.