Identity-first threat detection now spans human, NHI and AI agents

At a glance

What this is: Permiso Security argues that threat detection now has to start with identity, not endpoints, to follow cross-identity attacks across human, NHI and AI agent contexts.

Why it matters: IAM, NHI and security operations teams need shared identity visibility because attackers can pivot between identity types faster than tool silos can correlate behaviour.

👉 Read Permiso Security's analysis of identity-first threat detection and AI agent coverage

Context

Identity-first threat detection is a response to a simple operational problem: attackers no longer move in neat lanes that separate users, service accounts, tokens and AI agents. Once a compromised identity can be reused or chained into another one, endpoint-only and network-only monitoring often loses the attack thread.

For IAM and NHI programmes, that means detection design has become part of identity governance, not just SOC tooling. The central question is whether the security stack can preserve identity context as access moves across human users, non-human identities and autonomous execution roles.

Permiso Security frames the issue as a visibility gap across identity boundaries, which is a typical challenge in mature cloud estates rather than an edge case. That is the right starting point for practitioners who are already dealing with sprawl in credentials, roles and agentic access.

Key questions

Q: How should security teams detect attacks that move across human, NHI and AI agent identities?

A: Security teams should correlate identity events in one graph so a single attack thread stays visible as it crosses users, service accounts, tokens and agent roles. The key is to detect transitions, not just events. If each identity class is monitored separately, the attacker can pivot silently between tools and still look normal in isolation.

Q: Why do service accounts and tokens complicate threat detection in cloud environments?

A: Service accounts and tokens complicate detection because they often operate without the human behaviours that traditional analytics expect. They can be reused, delegated and chained into other identities quickly, which makes a compromise look like legitimate automation unless the platform understands permissions, baseline activity and cross-identity relationships.

Q: What breaks when endpoint tools cannot follow identity pivots?

A: What breaks is continuity. Endpoint tools may detect local anomalies, but they usually cannot connect a compromised user session to a later service-account abuse path or agent execution role. That leaves the attacker free to move between identity boundaries while each individual step appears ordinary in its own telemetry stream.

Q: Who should own identity-first threat detection in an enterprise?

A: Identity-first threat detection should be shared between security operations, IAM, cloud platform and NHI governance teams. SOC teams need the detections, IAM teams own the identity relationships, and platform teams understand where permissions and execution scopes are created. Without shared ownership, cross-identity attacks remain difficult to reconstruct and harder to stop.

Technical breakdown

Identity-first detection and the universal identity graph

Identity-first detection uses identity as the primary correlation key instead of treating identity events as one telemetry source among many. A universal identity graph links users, service accounts, API keys, OAuth tokens, IAM roles and AI agents to the permissions they hold and the actions they take. That matters because runtime behaviour only becomes meaningful when compared with established identity context, including baseline access, peer relationships and cross-account activity. Without that graph, detections remain fragmented across tools and environments, and the attacker can disappear at the boundary between identity types.

Practical implication: map identities and their relationships into one correlation model before expecting alerts to explain cross-account movement.

Why endpoint and SIEM telemetry miss identity pivoting

Endpoint and SIEM tooling are often strongest when the attacker stays inside a single host or log domain. Identity-centric attacks break that assumption by pivoting from one credential class to another, such as a user session to a service account, then into an execution role or AI agent. The technical failure is not a lack of alerts, but a lack of continuity across identity transitions. If telemetry cannot connect those transitions, each step may look normal in isolation even when the chain is clearly malicious in aggregate.

Practical implication: test whether your detections can reconstruct a full identity chain, not just flag each hop separately.

Runtime identity baselines for human, NHI and AI agent activity

Baseline-driven identity detection compares what an identity is doing now with what it normally does, what it can access and what peer identities typically do. For NHIs and AI agents, that baseline has to include machine-paced activity, service-to-service access and delegated execution paths, not just human login behaviour. The detection model also needs to account for overprivileged roles and agent-to-agent communication patterns, because those are common ways modern attacks expand their reach. In practice, identity baselines are only useful if they are specific enough to distinguish expected automation from suspicious reuse or escalation.

Practical implication: define separate behavioural baselines for human users, machine identities and AI agents instead of forcing one model across all three.

NHI Mgmt Group analysis

Identity has become the detection surface because attackers now move through identities, not just endpoints. Permiso Security's framing reflects a broader governance shift: modern intrusions often begin with a credential, then cross from human to machine to agentic execution if the control stack cannot correlate them. That makes identity context a SOC requirement, not an IAM afterthought. Practitioners should treat identity correlation as part of detection architecture.

Cross-identity visibility is the named concept that now separates signal from noise. A detection model that sees human users, service accounts, OAuth tokens and AI agents in one graph can follow the attacker when they pivot. A model that splits those identities across tools creates blind spots at exactly the moment the adversary changes form. The implication is that identity security programmes must measure continuity, not just coverage.

AI agents extend the same identity problem into runtime execution roles. When the article says the platform covers AI agents alongside human and non-human identities, the deeper point is that autonomous or semi-autonomous execution changes what counts as suspicious. Identity governance can no longer assume a static subject behind every access event. Practitioners should rethink how baselines, review cycles and alerting work when the actor is software making decisions at runtime.

Threat detection without identity governance will keep lagging the attack chain. The article highlights a common enterprise failure mode: tools that can see events, but not the accountable identity relationships behind them. That is why identity-first detection matters across IAM, NHI and autonomous systems. The right practitioner response is to align identity governance, telemetry and response around the same identity graph.

From our research:

• 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to The 2026 Infrastructure Identity Survey.
• Only 13% of organisations feel extremely prepared for the reality of agentic AI, which underscores how quickly identity governance is being outpaced by autonomous adoption.
• That gap makes the NHI Lifecycle Management Guide the next step for teams trying to align provisioning, rotation and offboarding with identity-first detection.

What this signals

Cross-identity detection will become a governance benchmark, not just a SOC feature. With 70% of organisations already granting AI systems more access than they would give a human employee performing the exact same job, per The 2026 Infrastructure Identity Survey, the programme risk is not only over-privilege but also fragmented visibility across actor types. Teams should expect identity telemetry, lifecycle review and response workflows to converge around the same graph.

Identity baselines will need to separate automation from legitimate escalation. As machine identities and AI agents become more common, the useful signal is no longer merely that access occurred. The question is whether the access pattern matches the actor's approved role, typical runtime behaviour and delegated scope, which is where current IAM stacks are least mature.

The operational pressure point is now correlation across the full identity chain. Programmes that still treat human IAM, NHI governance and AI agent access as separate workstreams will struggle to reconstruct incidents quickly enough to contain them. The reader should prepare for identity-centric detection to influence access review, secrets hygiene and agent governance in the same operating rhythm.

For practitioners

• Build one identity graph across users, NHIs and agents Unify cloud, SaaS, CI/CD and on-prem identity records so SOC detections can trace a session as it moves between people, service accounts and AI execution roles.
• Test for pivot visibility between identity classes Run purple-team scenarios where a compromised user credential is exchanged for a service account, then for an application or agent role, and verify that the chain remains visible end to end.
• Separate behavioural baselines by actor type Define different runtime baselines for human users, NHIs and AI agents so machine-paced activity is not misread as normal just because it is automated.
• Correlate identity detection with access governance controls Use findings from identity detection to trigger review of overprivileged roles, stale credentials and agent execution scopes in the NHI Lifecycle Management Guide.

Key takeaways

• Identity-first detection matters because attackers now pivot across humans, NHIs and AI agents, not just across hosts.
• Cross-identity visibility is the control gap that determines whether the security stack keeps the attack thread intact or loses it between tools.
• Teams should align detection, IAM and NHI governance around one identity graph so access review and incident response can work from the same evidence.

Key terms

• Identity Graph: An identity graph is a unified model that connects identities, permissions, relationships and runtime activity across environments. It lets practitioners see how users, service accounts, tokens and agents relate to one another, which is essential when attacks move between identity types instead of staying in one system.
• Cross-Identity Attack Path: A cross-identity attack path is a sequence where an attacker compromises one identity and then pivots into another to preserve access or expand scope. In practice, the path matters more than any single alert because the compromise may look ordinary in each separate tool while being malicious end to end.
• Runtime Identity Baseline: A runtime identity baseline is the expected pattern of actions, access and timing for a given identity type. It is used to spot behaviour that falls outside normal use, but it must be tailored to humans, NHIs and AI agents because each actor type behaves differently at runtime.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Permiso Security: Permiso Security Named 2026 SC Awards Finalist for Best Threat Detection Technology. Read the original.