TL;DR: Machine identities now outnumber human identities by at least 45 to 1 in modern cloud environments, and the article argues that human-centric IAM, quarterly reviews, and manual provisioning collapse under that scale, according to Token Security. The governance problem is no longer just volume, but the mismatch between machine speed, ephemeral credentials, and legacy control assumptions.
At a glance
What this is: This is an analysis of why machine identity management becomes a different security problem at scale, with a focus on visibility, ownership, ephemeral credentials, and autonomous AI agents.
Why it matters: It matters because IAM, PAM, and lifecycle programmes that were designed for people will not reliably govern service accounts, tokens, certificates, or AI agents without structural changes.
By the numbers:
- In modern cloud-native environments, non-human identities outnumber human identities by a ratio of at least 45 to 1.
👉 Read Token Security's analysis of machine identity management at scale
Context
Machine identity management is the discipline of governing the keys, certificates, tokens, and service accounts that software uses to authenticate. The problem changes at scale because those identities are created and retired far faster than human accounts, while many organisations still try to manage them with human-era processes and spreadsheets.
The article’s central claim is that legacy IAM breaks when machines become the dominant actor class in cloud and automation environments. That failure shows up in orphaned credentials, overprivileged service accounts, and blind spots in service-to-service traffic, all of which make identity governance a control-plane issue rather than an operations detail.
Key questions
Q: What breaks when machine identities are managed like human users?
A: Human-style IAM breaks because machine identities are created, used, and retired at a much higher rate than people. Manual approvals, quarterly reviews, and spreadsheet inventories cannot keep up, which leads to orphaned credentials, hidden dependencies, and overprivileged access. Governance has to become automated and continuous to remain accurate.
Q: Why do service accounts with standing privilege increase breach risk?
A: Standing privilege gives attackers a trusted identity path that already works inside the environment. If that service account is compromised, the attacker can move through systems without defeating human MFA or public-facing controls. The risk grows when the account is shared, unowned, or used far beyond its original workload purpose.
Q: How do security teams know whether machine identity controls are actually working?
A: They should look for complete inventory coverage, clear ownership, successful automated rotation, and service-to-service logs that show identities behaving as expected. If credentials exist outside the inventory, if ownership is unclear, or if revocation causes outages, the control environment is not operating reliably.
Q: How should organisations govern autonomous AI agents that use machine credentials?
A: They should treat autonomous agents as runtime decision-makers, not as simple workloads. That means limiting tool scope, separating agent identities from other machine identities, logging every action path, and reviewing whether existing approval and access models still make sense when the actor can choose actions independently.
Technical breakdown
Why machine identity volume breaks human IAM models
Human IAM assumes relatively stable identity counts, slow lifecycle changes, and review cadences that can be scheduled in advance. Machine identity environments invert those assumptions. Workloads, containers, APIs, and bots can be created and destroyed continuously, while each one may need distinct credentials, policies, and ownership. When identity volume reaches tens of thousands or millions, spreadsheets, ticket queues, and quarterly certification cycles stop being control mechanisms and become record-keeping only. The core technical issue is not just scale, but rate of change: a machine identity may exist for minutes, seconds, or milliseconds, which means governance must be machine-readable and continuous.
Practical implication: replace manual inventory and periodic review with automated discovery and lifecycle enforcement for every machine identity.
Ephemeral credentials and rotation failure
Short-lived secrets improve security only when issuance, renewal, and revocation are dependable. In machine environments, ephemeral credentials create a new failure mode: access can vanish before humans notice, but outages can also occur if automation breaks and a token is not refreshed in time. This makes rotation logic, fallback handling, and observability part of the security control itself. The article’s point is that ephemerality is not inherently safer unless the organisation can prove that every workload can re-authenticate reliably without human intervention. That is a governance and resilience problem, not just a secrets problem.
Practical implication: treat credential rotation pipelines as production-critical controls and monitor them like availability dependencies.
Machine identity in CI/CD pipelines and autonomous AI agents
CI/CD systems and autonomous AI agents concentrate privilege because they need to deploy code, call APIs, and move across environments without human latency. That makes their identities especially sensitive. In pipelines, hard-coded keys or shared tokens can become a supply-chain entry point. In autonomous agents, the harder issue is that the identity may decide which tool to use and when to act, which breaks assumptions about fixed intent and pre-approved access paths. The technical challenge is no longer just credential protection, but controlling how identity is used at runtime across chained actions and delegated tools.
Practical implication: separate pipeline and agent identities, limit tool scope tightly, and log every runtime identity action for review.
Threat narrative
Attacker objective: The attacker wants durable access to systems and data through identities that are trusted by automation and rarely reviewed.
- Entry occurs when attackers find exposed machine credentials in repositories, pipelines, shared files, or third-party integrations.
- Escalation happens when a valid service account, API key, or certificate already carries broader access than the workload needs.
- Impact follows when that standing privilege is used to pivot into production systems, deploy malicious code, or disable critical services.
Breaches seen in the wild
- Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
- Sisense breach — unauthorized GitLab access led to exfiltration of access tokens, API keys and certificates.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
Machine identity management is no longer a subset of IAM, it is the control plane for cloud execution. Human-centric access models assume identities are few, durable, and easy to review. That assumption fails when the dominant actors are services, pipelines, and bots that are created continuously and must authenticate at wire speed. Practitioners should treat machine identity governance as a primary security discipline, not an administrative extension of user IAM.
Ephemeral credential trust debt is the hidden cost of modern automation. Short-lived secrets reduce exposure windows, but they also create operational dependency on flawless renewal, revocation, and observability. The more organisations rely on ephemeral access, the more they accumulate risk in the automation that keeps access alive. That changes the governance question from 'how often do we rotate?' to 'can the organisation prove every rotation path will work under stress?'
Orphaned machine identities are a lifecycle failure, not just an inventory problem. When ownership is unclear, service accounts and API keys become active assets with no accountable steward. That breaks JML logic for non-human identities just as surely as it breaks offboarding for people. The implication is that lifecycle governance must name an owner, a purpose, and a retirement trigger for every machine identity before scale turns loss of control into normal operating state.
Autonomous AI agents collapse the assumption that machine identity only executes predetermined code. The assumption that identity does not select tools, combine actions, or alter execution timing was designed for deterministic workloads. That assumption fails when the actor is autonomous because the same identity can decide which API to call, when to call it, and how to chain follow-on actions without human approval. The implication is that least privilege, intent, and accountability all need to be rethought for runtime decision-making, not just tightened at provisioning.
Visibility, not just access control, is what separates governance from guesswork at machine scale. If service-to-service calls remain opaque, organisations cannot tell whether an identity is behaving normally, overreaching, or silently expanded through transitive trust. The article correctly points to the need for continuous monitoring because point-in-time audits cannot explain what happened between two snapshots. Practitioners should assume every blind spot is a governance gap until proven otherwise.
From our research:
- 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation, according to The State of Secrets Sprawl 2026.
- 28.65 million new hardcoded secrets were detected in public GitHub commits in 2025 alone, a 34% year-over-year increase and the largest single-year jump ever recorded, according to GitGuardian.
- For lifecycle and offboarding context, see Ultimate Guide to NHIs , Lifecycle Processes for Managing NHIs for how machine identities should be retired when services change.
What this signals
Identity blast radius: once machine identities proliferate faster than governance can track them, the organisation’s real attack surface is defined by credentials, not assets. That is why practitioners need continuous inventory, ownership, and lifecycle enforcement rather than periodic review cycles.
With 28.65 million new hardcoded secrets detected in public GitHub commits in 2025 alone, the exposure problem is no longer theoretical. Teams that still rely on manual secret handling should expect both discovery gaps and revocation lag to create persistent risk.
The next control shift is from secret-centric security to workload-centric identity governance. If the access path belongs to a service, container, or agent, then the control model must understand runtime context, not just authentication artifacts. For deeper background, the Ultimate Guide to NHIs remains the cleanest baseline.
For practitioners
- Automate discovery across all machine identity stores Scan cloud platforms, CI/CD systems, secret managers, local configuration, and code repositories continuously so service accounts, tokens, and certificates do not remain hidden in isolated tooling. The goal is a single inventory with ownership and expiry context.
- Assign accountable owners to every non-human identity Require a named business or engineering owner for each service account, API key, token, and certificate, plus a retirement trigger tied to the workload lifecycle. Orphaned identities should fail governance review by default.
- Replace static access with runtime-bound controls Use short-lived credentials, workload-bound authentication, and automated revocation so identities are valid only for the task and environment they were issued for. This reduces standing privilege and narrows the blast radius when compromise occurs.
- Instrument service-to-service authentication paths Log which identity called which service, what credential type was used, and whether access matched expected workload behaviour. This helps security teams detect transitive trust abuse, anomalous pivots, and overprivileged machine access before impact grows.
- Separate pipeline identities from production identities Do not let CI/CD tokens or build credentials double as production administration paths. Keep deployment, build, and runtime privileges distinct so compromise in one layer does not become unrestricted access across the environment.
Key takeaways
- Machine identity governance fails when organisations apply human IAM assumptions to service accounts, tokens, and certificates.
- Scale turns ephemeral credentials, orphaned identities, and hidden trust chains into operational and security failures at the same time.
- The right response is continuous discovery, accountable ownership, and runtime-bound access for every non-human identity.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | Covers discovery and governance of non-human identities at scale. |
| NIST CSF 2.0 | PR.AC-4 | Least-privilege access and access control are central to machine identity sprawl. |
| NIST Zero Trust (SP 800-207) | AC-6 | Zero Trust requires continuous verification of workload and service identity. |
Map machine identities to access-control reviews and reduce standing privilege wherever possible.
Key terms
- Machine Identity: A machine identity is the credentialed identity used by software, services, containers, or devices to authenticate to other systems. It includes keys, certificates, tokens, and service accounts. In practice, it must be governed like any other privileged identity because it can move data, deploy code, and alter infrastructure.
- Ephemeral Credential: An ephemeral credential is a short-lived secret issued for a narrow purpose and revoked soon after use. It reduces exposure when the issuing, renewal, and revocation automation is reliable. Without strong lifecycle controls, short-lived access can become fragile access that fails in production or leaves gaps in oversight.
- Orphaned Identity: An orphaned identity is an active account or credential with no clear owner or valid business purpose. For machine environments, this often means a service account or API key survives after the workload, team, or vendor relationship has changed. Orphaning turns access into hidden technical debt.
- Autonomous Agent Identity: An autonomous agent identity is the non-human identity used by an AI system that can choose actions, tools, and timing during execution. Unlike a static workload, it may change behaviour at runtime, so governance must account for decision-making, delegation, and tool use, not just authentication.
What's in the full article
Token Security's full blog covers the operational detail this post intentionally leaves for the source:
- A practitioner-oriented discussion of how machine identity sprawl shows up across cloud, microservices, and CI/CD environments.
- Examples of expired certificates, hard-coded keys, and pipeline identities causing operational and security failures.
- A closer look at AI agents, intent, and why runtime decision-making changes the governance model for machine credentials.
- The article’s perspective on identity-first security and continuous lifecycle management for non-human identities.
Deepen your knowledge
NHI governance, machine identity security, and secrets management are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or programme maturity, it is worth exploring.
Published by the NHIMG editorial team on 2026-06-17.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org