Identity visibility fell sharply as AI agents expand access

At a glance

What this is: Permiso Security’s 2026 identity security report shows a sharp drop in perceived visibility and a rapid expansion of AI-driven identity access.

Why it matters: It matters because IAM, NHI, and autonomous governance programmes now have to manage identities that change faster than static inventories and reviews can keep up.

By the numbers:

• Comprehensive identity visibility plummeted from 93% in 2024 to just 46% in 2025.
• Only 54% could track identity permissions and activities across all platforms in a unified view.
• 92% already have AI agents accessing production or sensitive data.
• 71% of organizations believe better identity visibility could have prevented 26-75% of their security incidents.

👉 Read Permiso Security's 2026 State of Identity Security Report

Context

Identity visibility is the ability to see what an identity is doing, what it can reach, and how that access changes over time. Permiso Security’s report argues that most organisations still confuse an inventory with visibility, which leaves IAM programmes blind to live permissions and activity.

The primary issue is not that cloud environments suddenly became harder to enumerate. The problem is that static lists do not capture operational identity behaviour across SaaS, cloud, and machine-access pathways, especially as AI agents begin to create and modify identities without traditional oversight.

For IAM, NHI, and autonomous governance teams, the question is no longer whether they have a catalogue of identities. The question is whether they can trace effective access, blast radius, and identity-generated risk in time to act.

Key questions

Q: How should security teams handle identity visibility across cloud and SaaS platforms?

A: They should build a single operational view that correlates identity permissions, activity, and effective access across cloud, SaaS, IdP, and NHI sources. The goal is not just to find accounts, but to understand what each identity can do right now and how quickly that picture changes when access or behaviour shifts.

Q: Why do AI agents complicate identity governance?

A: AI agents can create, modify, or use identities without the pacing assumptions built into traditional IAM workflows. That means access may appear and disappear too quickly for periodic review, and the organisation can lose track of who owns the identity, what it can reach, and when it should be revoked.

Q: What breaks when teams rely on identity inventories instead of visibility?

A: Inventories go stale between scans, so they miss live permission changes, delegated access, and identity behaviour across platforms. That creates a false sense of control because the organisation can name identities but still cannot explain which ones are active, over-privileged, or involved in an incident.

Q: Who is accountable when identity-related incidents cannot be scoped quickly?

A: Accountability sits with the team that owns identity governance and operational visibility, because slow blast-radius analysis usually means no one has a complete cross-platform view. NIST CSF and zero trust both assume you can observe and constrain access, so governance must prove that capability in practice.

Technical breakdown

Why identity inventory is not identity visibility

An inventory records identities at a point in time. Visibility tracks identity state, access, and behaviour continuously across systems, which is a different control problem entirely. In cloud environments, the gap matters because permissions, tokens, service accounts, and AI-generated identities can change outside the cadence of manual review. When teams rely on inventory as a substitute for live visibility, they create a false sense of control and miss the difference between existing identities and active attack surface.

Practical implication: treat inventory as a baseline and build continuous visibility for permission changes, activity, and cross-platform identity paths.

Unified cross-platform identity monitoring

Unified identity monitoring combines signals from IdPs, cloud platforms, SaaS, SIEM, and NHI sources into a single operational view. The technical challenge is correlation, because the same identity can appear differently in each system and may have related credentials or delegated access that are not obvious in isolation. Without correlation logic, security teams can detect an event but still fail to understand scope, privilege relationships, or where the compromised identity can move next.

Practical implication: correlate identity events across platforms before you investigate incidents, or you will keep rebuilding the same picture by hand.

AI-generated identities and credential sprawl

AI systems introduce identity churn by creating, modifying, or using access paths faster than traditional governance cycles were built to observe. That creates a machine-scale version of NHI sprawl, where service accounts, keys, and delegated permissions accumulate faster than owners can validate them. The risk is not only over-privilege but also unmanaged lifecycle, because identities that are born and used by systems can outlive the workflow that created them.

Practical implication: extend NHI discovery and lifecycle controls to AI-created identities before those credentials become permanent blind spots.

Threat narrative

Attacker objective: The attacker’s objective is to operate inside trusted identity paths long enough to widen access and increase the blast radius before defenders can map the compromise.

1. Entry occurs when compromised or AI-generated identities enter production systems with valid credentials that already fit normal authentication flows.
2. Escalation happens when over-privileged or poorly scoped identities are used across SaaS, cloud, and infrastructure platforms without a unified view of effective permissions.
3. Impact follows when teams cannot determine blast radius quickly, giving attackers time to move laterally, expand access, or exfiltrate data before containment is complete.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• AI LLM hijack breach — attackers used stolen AWS access keys to hijack Anthropic LLM models on Bedrock.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

The visibility crisis is the real control failure in modern identity security. Inventory-centric programmes are being mistaken for operational oversight, even though inventory cannot show live permission use, blast radius, or identity behaviour across platforms. That assumption breaks as soon as identities move across SaaS, cloud, and machine-access pathways. Practitioners need to stop treating completeness of lists as proof of control.

AI agents are accelerating identity sprawl faster than governance cadence can absorb. The report’s data shows that most organisations already allow AI systems into production or sensitive data, yet governance remains behind the deployment curve. That means identity programmes are now dealing with creation, modification, and use of access paths at machine speed. The practical conclusion is that NHI governance has to absorb AI-generated identities as a first-class population.

Identity blast radius is becoming a board-level metric, not a forensic afterthought. The report shows that only a minority can both detect threats quickly and determine blast radius within minutes, which means containment still depends on manual reconstruction. The field should treat this as a governance maturity problem, not just a tooling problem. Security leaders need measurable scope reduction, not only faster alerts.

Credential graveyards expose a lifecycle governance debt that many teams are carrying invisibly. When expired or unused credentials remain active, the issue is not simply poor hygiene. It is a broken lifecycle model that allows identities to outlive the services, workflows, or owners that created them. The practitioner implication is that offboarding, rotation, and discovery must be treated as one control system, not separate tasks.

Unified visibility is now the minimum viable identity control plane. As environments fragment across IdP, cloud, SaaS, and AI-managed access, organisations that cannot correlate identity state across platforms will continue to misjudge risk. The discipline is moving from periodic assurance to continuous operational visibility. Teams should measure control effectiveness by how quickly they can explain who has access, where, and why.

From our research:

• 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
• Another finding from the same research shows that only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
• For teams addressing visibility gaps, the next step is to align discovery, lifecycle, and rotation controls to the NHI Lifecycle Management Guide before access sprawl becomes unmanageable.

What this signals

Visibility illusion cascade: when teams mistake inventories for live control, incident response slows because blast-radius analysis becomes a manual reconstruction exercise. With 71% of organisations saying better visibility could have prevented up to three-quarters of incidents, the governance gap is now measurable rather than theoretical.

The AI access problem will keep widening as 95% of respondents say AI systems can create or modify identities without traditional human oversight. That figure points to a structural programme shift, not a tooling tweak, and it aligns with the direction set out in the Ultimate Guide to NHIs.

The practical signal for IAM leaders is that identity programmes need continuous correlation across human, machine, and AI-managed access paths. If teams cannot explain effective access in minutes, they are not operating a modern identity control plane, even if their inventory looks complete.

For practitioners

• Replace inventory reports with live identity telemetry Correlate identity permissions, activity, and access paths across IdP, cloud, SaaS, and NHI sources so the team can see effective access rather than static account lists.
• Extend NHI lifecycle controls to AI-created identities Treat AI-generated service accounts, tokens, and delegated credentials as governed identities with ownership, expiry, and revocation requirements from the moment they appear.
• Define blast-radius metrics for identity incidents Track how long it takes to identify impacted systems, exposed data, and privilege chains after an identity event, then use that metric to prioritise control improvements.
• Automate discovery of expired and unused credentials Continuously find stale service accounts, API keys, and certificates instead of relying on periodic audits, because delayed discovery leaves dormant access active in production.

Key takeaways

• The report shows a widening gap between identity inventories and real visibility, which leaves organisations blind to live access paths and blast radius.
• AI agents and AI-generated identities are accelerating identity sprawl faster than traditional governance and review cycles can absorb.
• Teams need unified telemetry, lifecycle enforcement, and measurable scope reduction if they want identity security to function as an operational control.

Key terms

• Identity Visibility: Identity visibility is the ability to see what an identity is doing, what it can access, and how that access changes across systems over time. In practice, it requires continuous correlation of permissions, activity, and context, not a static list of accounts.
• Identity Blast Radius: Identity blast radius is the scope of systems, data, and permissions exposed when an identity is compromised or misused. It becomes measurable only when organisations can quickly map effective access across cloud, SaaS, and machine identity environments.
• Credential Graveyard: A credential graveyard is the accumulation of expired, unused, or orphaned secrets that still authenticate in production. These stale service accounts, API keys, and certificates create hidden access paths that survive long after their original purpose has ended.
• AI-Generated Identity: An AI-generated identity is a credential, account, or access path created or modified by an AI system rather than a human operator. The governance challenge is that ownership, review cadence, and revocation timing can all fall outside traditional IAM workflows.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building or maturing an IAM or identity governance programme, it is worth exploring.

This post draws on content published by Permiso Security: State of Identity Security Report 2026, from false confidence to true visibility. Read the original.