Aembit award spotlights the IAM gap in agentic AI access

At a glance

What this is: Aembit’s award recognition centers on runtime access enforcement, secretless tokens, zero trust conditional access, and identity-based audit for AI agents and other non-human identities.

Why it matters: It matters because IAM teams now have to govern AI agents, service accounts, and workloads with controls that assume ephemeral access, not static credentials or human-paced review cycles.

By the numbers:

• 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.
• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
• Only 5.7% of organisations have full visibility into their service accounts.
• 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.

👉 Read Aembit’s award announcement on IAM for agentic AI and non-human identities

Context

Agentic AI and workload identity are now colliding with IAM assumptions that were built for people, not for software entities that authenticate, call tools, and move between systems at machine speed. When those entities rely on long-lived secrets, the security model depends on assets that can be copied, reused, or abused outside the intended session boundary.

Aembit’s award recognition is a signal about the identity market, not just one vendor’s product shape. The practical question for IAM, PAM, and IGA teams is whether their control model can validate access at runtime, log it cleanly, and remove standing trust without forcing developers back to shared credentials or brittle workarounds.

Key questions

Q: How should security teams govern AI agents and workloads with runtime access decisions?

A: Treat AI agents and workloads as non-human identities whose access must be evaluated at the moment of use. Combine workload identity, policy context, and destination controls so authorization happens per request, not just at provisioning time. That prevents standing trust from becoming the default and gives IAM teams a usable control point for audit and enforcement.

Q: Why do long-lived secrets create more risk for non-human identities than for human users?

A: Long-lived secrets are durable bearer tokens, so anyone who copies them can reuse them outside the intended task boundary. For non-human identities, that creates a wider attack window because scripts, pipelines, agents, and microservices can all reuse the same credential path. The result is easier lateral movement and weaker accountability.

Q: What do security teams get wrong about access reviews for service accounts and AI agents?

A: They often apply human-style review cadences to identities that change faster than the review cycle can observe. If access is static and broadly shared, the review records little more than administrative state. Effective governance needs ownership, policy context, and usage evidence so teams can judge whether the identity still needs the privilege.

Q: How do IAM and PAM teams reduce lateral movement through machine identities?

A: Start by eliminating standing access paths that let one machine identity reach many sensitive systems. Then bind privileged access to purpose, context, and shortest-possible duration, with logs that show which identity used which privilege and why. That combination reduces reuse, constrains blast radius, and improves incident investigation.

Technical breakdown

Runtime access enforcement for non-human identities

Runtime access enforcement evaluates a request at the moment a workload or AI agent tries to reach a resource. Instead of trusting a stored secret, the control plane checks workload identity, policy context, and the destination before authorising access. That matters because non-human identities often operate across cloud, SaaS, and partner boundaries where static credentials become reusable bearer tokens. In agentic environments, the timing of the request is as important as the identity itself, because the actor can initiate access autonomously and repeatedly.

Practical implication: move high-risk machine access decisions from static credential possession to policy evaluation at request time.

Secretless access tokens and just-in-time trust

Secretless access tokens reduce exposure by avoiding long-lived shared credentials and issuing access only when needed. In NHI environments, this changes the blast radius of compromise because the credential is no longer a durable object sitting in code, config, or a vault with broad reuse potential. The model still depends on strong workload identity and policy enforcement, but it removes the persistence that attackers commonly exploit. For AI agents, that distinction matters because access may need to be temporary, scoped, and disposable within the same operational flow.

Practical implication: prioritise short-lived, policy-bound credential delivery for workloads and agents with broad system reach.

Identity-based audit for agent and workload activity

Identity-based audit ties access events to the workload or agent identity that initiated them, rather than treating the action as an anonymous API call. This is useful when AI agents, applications, scripts, and microservices all operate in the same environment and need traceable accountability. Good audit data needs more than log volume. It needs enough context to answer who or what accessed which resource, under what policy, and whether the access matched the intended privilege boundary. That supports compliance, incident response, and ITDR workflows.

Practical implication: require audit trails that preserve actor identity, policy decision, and resource context for every privileged machine access.

NHI Mgmt Group analysis

Identity governance for AI agents is now a runtime problem, not a provisioning problem. The controls highlighted here point to a market shift away from static entitlement thinking and toward access decisions made at the moment of use. That aligns with OWASP-NHI and Zero Trust architecture, where trust is continuously evaluated rather than granted once and left in place. Practitioners should treat agent access as an always-on governance domain, not a one-time setup activity.

Static credential dependence is the failure mode this award recognition is really describing. Long-lived secrets were designed for identities whose access pattern is relatively stable and reviewable over time. That assumption breaks when agents and workloads can initiate access at runtime, reuse paths across services, and scale faster than human recertification cycles. The implication is not merely to add more controls, but to recognise that standing secrets create a structural governance debt for NHI programmes.

Identity-based audit becomes the minimum viable evidence layer for machine identity governance. Once AI agents and workloads are treated as first-class identities, logging must support accountability across authentication, authorisation, and resource use. That aligns with NIST-CSF and ZT-NIST-207 expectations for traceable access decisions. Without identity-linked audit, teams cannot prove whether an agent stayed within scope or crossed policy boundaries, which weakens both detection and compliance.

Ephemeral credential trust debt: The problem is not only secret exposure, but the organisational habit of building controls around credentials that outlive the task they were created for. Agentic systems compress execution into short windows, while governance processes still assume durable access artefacts exist long enough to review. Practitioners need to rethink which access patterns belong in the NHI programme at all.

This award reflects market consolidation around NHI as a distinct security domain. The more AI agents and workloads share the same identity fabric as human users, the more IAM teams need control models that can separate policy, audit, and lifecycle by actor type. That makes NHI governance a core operating requirement, not a specialised side practice. The practical conclusion is that identity teams should align tooling, lifecycle, and review processes to the actor that is actually performing the work.

From our research:

• 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, according to the Ultimate Guide to NHIs.
• Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
• 52 NHI Breaches Analysis shows how missing lifecycle controls turn machine identities into persistent access paths.

What this signals

Ephemeral credential trust debt: As AI agents and workloads become first-class identities, the real governance issue is not whether access is modern, but whether the enterprise can prove that access expires when the task ends. The numbers are already pointing the same way: only 5.7% of organisations have full visibility into their service accounts, according to the Ultimate Guide to NHIs. That means most programmes are still trying to govern identities they cannot fully see.

The practical signal for IAM leaders is that review-based controls alone will not close the machine identity gap. If access paths remain invisible or long-lived, then audit becomes post-incident evidence rather than active governance. Teams should align lifecycle, logging, and runtime policy so machine identity decisions are both enforceable and explainable.

Aembit’s recognition suggests the category is moving toward runtime control, not just secret storage. That shift will reward programmes that can separate workload access from human access, and it will expose those that still treat every identity as if it behaves the same way.

For practitioners

• Shift high-risk machine access to runtime policy enforcement Replace static allowlists and reused credentials for AI agents and workloads with policy checks executed at request time. Use workload identity, destination context, and posture signals to decide access before the call is made.
• Remove long-lived secrets from agent and workload paths Inventory where AI agents, scripts, and microservices still depend on durable credentials in code, config, or CI/CD. Replace those flows with short-lived tokens or secretless access where the task boundary is narrow enough to support it.
• Tie every privileged access event to an identity and policy decision Ensure logs show the actor, the approved policy, the target resource, and the time of access. That evidence is what lets IAM, audit, and incident response teams distinguish intended machine activity from misuse.
• Rework review cycles around machine identity behaviour Use access review and recertification processes that are specific to service accounts and AI agents rather than inherited from human IAM. Focus on whether the identity still needs the access path, not on whether the credential exists in a vault.
• Reduce hidden privilege in non-human identity estates Map the identities behind cloud, SaaS, and partner access and flag any account that can reach multiple sensitive systems without an explicit business owner. Excess privilege is where machine identity risk usually compounds into lateral movement.

Key takeaways

• Agentic AI and workload access now require runtime governance because static secrets are too easy to copy, reuse, and hide.
• The scale problem is already visible in NHI breach data, where compromised service accounts and API keys dominate identity incidents.
• IAM teams should prioritise policy-bound access, identity-linked audit, and lifecycle control for non-human identities before expansion outpaces governance.

Key terms

• Non-Human Identity: A non-human identity is any digital identity used by software rather than a person. It includes service accounts, API keys, tokens, certificates, workloads, and AI agents. Governance for NHIs focuses on ownership, privilege, lifecycle, and evidence of use rather than user experience.
• Runtime Access Enforcement: Runtime access enforcement is the practice of checking whether a machine identity should be allowed to reach a resource at the moment the request occurs. It uses context, policy, and workload identity to decide access dynamically, which reduces reliance on long-lived credentials and broad standing trust.
• Secretless Access Token: A secretless access token is a short-lived credential pattern that avoids storing a durable shared secret in code or configuration. It is designed to reduce exposure from theft, reuse, and leak paths. In NHI governance, it narrows the window in which a machine identity can be abused.
• Identity-Based Audit: Identity-based audit is logging that preserves which workload, agent, or machine identity performed an action, what policy allowed it, and which resource was touched. It gives security and compliance teams evidence for investigation, access review, and accountability across machine-driven activity.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Aembit: its 2025 CyberSecurity Breakthrough Awards recognition for non-human identity security. Read the original.