CyberArk has released various open-source tools that can be used to detect DLL hijacking, find shadow admins in AD environments, manage secrets and application identities, scan Kubernetes clusters for risky permissions and more. Other commercial products and free tools can scan cloud deployments for insecure configurations including IAM roles.
After designing their networks and cloud infrastructures following least privilege principles, organizations should regularly hire external security teams to perform penetration testing with a focus on privilege escalation. Since most automated attacks rely on exploit chains that combine multiple vulnerabilities, breaking one link in that chain can prevent the whole attack from succeeding.