TL;DR: Enterprises face proliferating AI agents, over-privileged service accounts, and continuous access risk as governance shifts from periodic review to continuous identity action, forcing IAM teams to rethink human, NHI, and autonomous controls together, according to Linx Security.
At a glance
What this is: This funding update frames AI-native IGA as a response to continuous identity risk across humans, non-human identities, and AI agents.
Why it matters: It matters because IAM teams will need to separate legacy review-based governance from continuous controls that can handle NHI sprawl and autonomous runtime behaviour.
By the numbers:
- Non-human identities now outnumber human ones by 25x to 50x in modern enterprises.
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
👉 Read Linx Security's company update on the Series B and AI-native IGA
Context
The core issue is not whether identity governance can be automated. It is whether governance models designed around periodic human review can still function when AI agents, service accounts, and human users are all operating in the same control plane. AI-native IGA claims to answer that gap by shifting from scheduled workflows to continuous identity decisions.
Linx Security's Series B and Autopilot message use that problem statement to argue that legacy IGA architecture is no longer sufficient for modern identity sprawl. For practitioners, the more important question is not whether the category is being rewritten, but which governance assumptions break first when identity activity never really pauses.
Key questions
Q: How should security teams govern AI agents alongside human and non-human identities?
A: Treat AI agents as part of the identity control plane, not as a separate innovation project. The governance model needs ownership, entitlement scope, lifecycle state, and revocation rules for every actor type. Human review processes still matter, but they must be paired with continuous detection and remediation for non-human and autonomous identities.
Q: Why do periodic access reviews fail for modern identity environments?
A: Periodic reviews fail because access changes faster than the review cycle. By the time a certifier sees the entitlement, the identity may already be dormant, over-privileged, or no longer owned. That creates blind spots for service accounts, tokens, and AI-driven workflows, where the real risk is between review windows.
Q: What breaks when non-human identities are not treated as first-class identities?
A: Ownership, lifecycle management, and revocation break first. Without a first-class identity model, service accounts and tokens end up outside joiner-mover-leaver processes, so privileges linger after the business need ends. That creates exactly the conditions attackers use for persistence and lateral movement.
Q: When should teams move from periodic governance to continuous identity control?
A: Teams should move when identity activity is too frequent or too distributed for manual certification to keep up. A continuous model is justified when cloud sprawl, machine accounts, or AI workflows create access changes faster than reviewers can inspect them. In that case, governance based on batch approvals is already behind the risk.
How it works in practice
Why periodic access review breaks under continuous identity activity
Traditional IGA depends on a stable window between access grant, review, and revocation. That model works when identities change slowly and human approvers can inspect a finite set of entitlements. It breaks when identities are provisioned, used, and modified continuously across cloud, SaaS, and workload environments. In practice, the system becomes blind between review cycles, which is where over-privilege, ghost access, and dormant credentials accumulate. AI-native governance tries to compress detection and remediation into the same operating loop, but the architectural issue remains the same: review cadence is slower than identity churn.
Practical implication: shorten the time between entitlement change and control action, or risk governing an access state that no longer exists.
How autonomous identity action changes the IGA control model
Autonomous identity action means the governance system does more than observe. It evaluates context, decides whether access is acceptable, and initiates remediation without waiting for a manual ticket or batch workflow. That is materially different from classic IGA, which mainly records, certifies, and escalates. The technical challenge is not just data collection. It is decision quality, policy confidence, and safe execution at machine speed. Once the system can act continuously, the design focus shifts from periodic certification to runtime control logic and guardrails around scope, exception handling, and escalation.
Practical implication: separate policy evaluation, approval logic, and remediation paths so autonomous actions remain bounded and auditable.
Why NHI sprawl makes identity governance a control-plane problem
Non-human identities expand identity governance because they are created faster, used more often, and forgotten more easily than human accounts. Service accounts, API keys, and tokens rarely map neatly to joiner-mover-leaver processes, yet they often carry the privileges that attackers want most. When those identities multiply across applications, cloud accounts, and AI workflows, governance stops being a quarterly review exercise and becomes a control-plane problem. The relevant mechanisms are inventory, ownership, lifecycle state, privilege scope, and revocation reliability, not just access approval.
Practical implication: treat identity inventory and lifecycle ownership as operational controls, not documentation tasks.
NHI Mgmt Group analysis
AI-native IGA is really a response to governance latency, not a new theory of identity. The underlying problem is that periodic review models cannot keep pace with identities that are created, consumed, and retired continuously. When the environment includes humans, NHIs, and AI agents, the old assumption that access can be governed in batches stops holding. Practitioners should read this as a category shift from review-centric governance to continuous identity control.
Autonomous identity action collapses the assumption that access persists long enough to be reviewed. That assumption was designed for human-paced governance cycles. It fails when the actor can acquire, use, and release privileges within the same operating session, leaving no durable state for a review board to inspect. The implication is that identity governance must stop treating certification cadence as the primary control model.
Continuous governance will force teams to re-evaluate where accountability lives in the identity stack. In legacy IGA, accountability is often attached to approvers, tickets, and periodic attestations. In AI-native models, the meaningful control point becomes the policy and execution layer that decides when access exists and when it is revoked. That changes how IAM, IGA, and security operations teams divide responsibility.
Identity blast radius: The most important question is no longer how many identities exist, but how quickly one identity can reach too much privilege. AI-native governance is useful only if it reduces the distance between drift and containment. The more enterprises rely on autonomous remediation, the more they need clear rules for exception handling, escalation, and rollback. Practitioners should measure governance by time-to-contain, not by review completion rate.
From our research:
- Non-human identities now outnumber human ones by 25x to 50x in modern enterprises, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which is why governance tools that assume a complete inventory routinely underperform.
- Ultimate Guide to NHIs , Lifecycle Processes for Managing NHIs shows why lifecycle ownership and revocation discipline matter before continuous automation can be trusted.
What this signals
Identity blast radius: as governance becomes continuous, the main programme risk shifts from missed review items to uncontrolled remediation scope. The teams that win here will measure time-to-revoke, ownership completeness, and exception volume rather than only certification completion. For a broader control baseline, align the identity programme with the NIST Cybersecurity Framework 2.0.
The operational signal is simple: if service account ownership is unclear, continuous governance will automate around gaps instead of closing them. That is why lifecycle data quality, not just policy sophistication, becomes the gating factor for AI-native identity programmes. The Ultimate Guide to NHIs , Regulatory and Audit Perspectives is a useful reference point for audit-ready identity controls.
For practitioners
- Map governance latency across identity types Measure how long it takes to detect, review, and revoke access for human accounts, service accounts, and AI-driven workflows. Look for gaps where access persists beyond the point of business need, especially in systems where ownership is unclear or lifecycle data is incomplete.
- Inventory identities by lifecycle state Classify each identity as active, dormant, orphaned, or machine-owned, and require a named owner for every non-human identity. Use that inventory to identify where joiner-mover-leaver controls do not cover service accounts, tokens, or agent credentials.
- Separate certification from remediation Do not assume an access review closes the loop. Build explicit remediation paths for revoked access, failed deprovisioning, and privilege reduction so the control action actually occurs after approval and not just in the ticketing record.
- Define guardrails for autonomous actions If AI-driven governance can act without manual approval, restrict what it can change, when it can escalate, and how it rolls back. That keeps autonomous decisioning inside a bounded policy model instead of letting remediation become another source of uncontrolled access change.
Key takeaways
- AI-native IGA is being positioned as a response to governance latency, not just a software upgrade.
- The most exposed identity populations are still non-human, where lifecycle ownership and revocation are weakest.
- Practitioners should judge modern governance by containment speed, control scope, and lifecycle completeness, not by review volume.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Covers rotation and lifecycle weaknesses in non-human identities. |
| NIST CSF 2.0 | PR.AC-4 | Access permissions and least privilege align with continuous identity control. |
| NIST AI RMF | Autonomous remediation needs governance, oversight, and accountability controls. |
Define approval boundaries and oversight for AI-driven identity decisions before enabling automation.
Key terms
- Identity governance and administration: Identity governance and administration is the discipline of managing who or what has access, why that access exists, and when it should be removed. In modern environments it spans humans, service accounts, tokens, and AI agents, with lifecycle control and auditability as core requirements.
- Non-human identity: A non-human identity is any machine- or software-based identity used to authenticate and authorise access. That includes service accounts, API keys, tokens, certificates, workloads, bots, and AI agents. These identities often outnumber human users and require separate ownership, rotation, and revocation discipline.
- Continuous identity control: Continuous identity control is a governance model that evaluates and acts on access as it changes, rather than waiting for periodic review cycles. It is designed for environments where identity churn is high and where delayed remediation creates avoidable privilege exposure.
- Identity blast radius: Identity blast radius is the amount of damage a single identity can cause if its access is misused, over-extended, or not revoked. It reflects privilege scope, lifecycle hygiene, and how quickly governance can contain drift before it spreads across systems.
What's in the full announcement
Linx Security's full company update covers the operational detail this post intentionally leaves for the source:
- The funding context behind the Series B and the market signals Linx says it is reading from enterprise demand
- A closer look at Linx Autopilot as a product concept, including how the company describes continuous governance workflows
- The company's own explanation of how AI-native architecture differs from legacy IGA operating models
- The customer-facing roadmap and webinar material tied to the new identity governance positioning
👉 Linx Security's full post covers the funding context, Autopilot positioning, and roadmap details.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
Published by the NHIMG editorial team on 2026-06-05.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org