Here’s a hard question to answer: ‘How many service accounts do you have in your environment?’. A harder one is: ‘Do you know what these accounts are doing?’. And the hardest is probably: ‘If any of your service account was compromised and used to access resources would you be able to detect and stop that in real-time?’.
Since most identity and security teams would provide a negative reply,