TL;DR: As NHIs, workloads, APIs, and agentic identities spread across cloud and on-prem environments, visibility, ownership, and post-auth control become harder to sustain, according to Unosecur. The governance gap is now structural: access reviews assume stable ownership and reviewable privilege, while these identities are created ad hoc, persist quietly, and change behaviour at runtime.
At a glance
What this is: This is an analysis of why NHI and agentic identity sprawl is widening enterprise attack surface and making traditional IAM controls incomplete.
Why it matters: It matters because IAM, IGA, PAM, and cloud security teams need continuous visibility and lifecycle control across humans, service accounts, and AI-driven identities, not separate governance models.
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
- NHIs outnumber human identities by 25x to 50x in modern enterprises.
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.
👉 Read Unosecur's analysis of non-human and agentic identity explosion
Context
Non-human identity sprawl is what happens when service accounts, API keys, workloads, and AI agents are created faster than security teams can inventory, govern, and retire them. In practice, the problem is not just scale but drift: identities appear in code, automation pipelines, cloud services, and application layers without a durable ownership model.
The article argues that human-centric IAM controls do not disappear in the non-human world, but they stop being sufficient on their own. NHIs often outlive their original purpose, carry excessive privilege, and create hidden access paths that expand blast radius across hybrid environments and agentic workflows.
Key questions
Q: How should security teams govern non-human identities in cloud environments?
A: Start with complete discovery, because you cannot govern what you cannot see. Then assign ownership, remove unnecessary privilege, enforce short-lived credentials where possible, and require monitoring and revocation processes for every service account, token, and API key. Cloud governance works only when identity lifecycle controls are applied to automation with the same rigor as user access.
Q: What problem does ownership attribution solve for service accounts and API keys?
A: It closes the gap between exposure detection and accountable remediation. Many organisations can find the secret, but not the human who introduced it, maintains it, or can safely replace it. Ownership attribution gives security teams a practical way to assign action without relying on informal knowledge that disappears during staff changes.
Q: What do security teams get wrong about access reviews in identity governance?
A: Teams often treat access reviews as a complete control, when they are really a delayed verification step. If identity state changes faster than the review cycle, the programme certifies stale access instead of governing current risk. Continuous telemetry is needed to make reviews actionable.
Q: Who should be accountable for non-human identity lifecycle control?
A: Accountability should sit with the team that owns the workload or automation using the identity, not with a generic platform team alone. Security can define policy and enforce controls, but the business owner must be able to answer why the identity exists, when it is reviewed, and when it is retired.
Technical breakdown
Why NHI discovery must be continuous, not periodic
NHI discovery is not a one-time audit because the identity surface is dynamic. Service accounts, secrets, and workload identities are embedded in code, deployed through automation, and copied across environments faster than most governance cycles can track. A usable inventory has to correlate signals from IAM systems, code repositories, cloud telemetry, and application metadata to build a living identity graph. That graph is what turns unknown identities into governable assets, with ownership, privilege, and dependency relationships attached.
Practical implication: treat NHI discovery as an always-on control plane, not a quarterly cleanup exercise.
How standing privilege amplifies blast radius
Standing privilege is persistent access that remains available whether or not the identity is actively needed. In NHI environments, that is especially risky because service accounts and API keys often inherit broad permissions from model accounts or deployment templates. Least privilege only works when actual usage is measured, not guessed, and just-in-time access only works when approval and fulfillment are tied to the task window. Without that, dormant privilege becomes a long-lived attack multiplier across systems and data stores.
Practical implication: map granted permissions to real usage before you attempt privilege reduction or JIT enforcement.
What runtime behaviour tells you a non-human identity has drifted
Behaviour baselining is the mechanism that separates normal machine activity from suspicious drift. The useful signals are not only logins and token use, but who, what, where, when, and how an identity interacts with assets in flight. That matters because malicious activity often appears as post-auth abuse, including token manipulation, privilege escalation, and lateral movement through connected accounts. Comparing an identity to peers in similar roles helps distinguish legitimate workflow change from scope expansion or compromised behaviour.
Practical implication: combine behavioural baselines with peer comparison to detect drift before it becomes exploitation.
Threat narrative
Attacker objective: The attacker wants to turn one exposed identity into broad access across connected systems, data stores, and downstream services.
- Entry occurs when attackers find exposed static credentials in code, automation pipelines, or public-facing login flows tied to non-human identities.
- Escalation happens when the compromised account has standing privilege or can be chained into APIs, databases, and adjacent workloads.
- Impact follows through lateral movement, data access, or ransomware-style abuse across the broader access graph.
Breaches seen in the wild
- Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
- McDonald's McHire AI Chatbot Default Credentials — Default credentials in McDonald's McHire AI recruitment chatbot expose 64 million job application records.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
Identity discovery is now the first control failure, not a supporting task. When organisations cannot see service accounts, API keys, workloads, and agent identities, every later control becomes partial by definition. That is why inventory, ownership mapping, and access-path correlation are the real starting point for NHI governance, not an admin convenience. The practitioner conclusion is simple: invisibility is itself a control gap, not just an operational inconvenience.
Standing privilege is the identity debt most teams underestimate. NHI programmes frequently inherit permissions from model accounts, deployment templates, and legacy automation, then leave them in place indefinitely. That produces a persistent blast radius that human access reviews rarely correct because the access was never tied to a stable owner or a clean lifecycle. The implication is that privilege must be understood as live usage, not static entitlement.
Behavioral baselining creates the only workable boundary for machine identities at scale. Human IAM assumptions about predictable login patterns do not hold when access is executed by software and agents across clouds, code, and runtime. A strong NHI programme therefore needs peer comparison, in-flight telemetry, and change detection together, because post-auth abuse is where most practical exposure appears. The practitioner conclusion is that access governance must extend beyond authentication into ongoing behaviour.
Non-human and agentic identity governance is converging, but the control model is still behind. The article correctly points to agentic identities as part of the same expanding identity surface, yet many organisations still separate them from workloads and service accounts. That separation is becoming artificial because both categories create machine-timed access, hidden ownership, and lifecycle risk. The practitioner conclusion is that identity governance must become actor-agnostic while still preserving controls specific to autonomy and runtime decision-making.
NHI blast radius is now a cross-domain problem, not a single-team problem. The same identity can sit inside source code, cloud infrastructure, and application workflows, then be reused by multiple teams with no shared revocation model. That means IAM, cloud security, PAM, and engineering ownership all influence the same risk outcome. The practitioner conclusion is that NHI governance has to be treated as shared infrastructure risk, not a local admin issue.
From our research:
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
- 52 NHI Breaches Analysis shows how recurring lifecycle failures turn invisible credentials into repeatable breach paths.
What this signals
Identity governance is shifting from periodic review to continuous control. Once service accounts, API keys, and agent identities become embedded in delivery pipelines, the old assumption that access can be reviewed after the fact starts to fail. That is why organisations need living inventory, ownership attribution, and behavioural baselines before they can claim real control, especially across hybrid environments and distributed engineering teams.
With NHIs outnumbering human identities by 25x to 50x in modern enterprises, according to the Ultimate Guide to NHIs, the programme problem is no longer volume alone, but governability. The security team that still treats machine identities as edge cases will miss the majority of access risk by design. The practical response is to align IAM, PAM, and engineering ownership around one identity graph, not separate tools and reviews.
The next governance boundary is behaviour, not login. As more access is delegated to software and agents, security teams need to watch for drift, scope expansion, and post-auth misuse as first-class identity events. That requires tighter telemetry integration with cloud, application, and runtime data so machine identity risk can be triaged before it becomes lateral movement or data exposure.
For practitioners
- Build a continuously updated NHI inventory Correlate identities from cloud, code, IAM, and application telemetry so service accounts, API keys, and workloads are not managed as separate silos. Use ownership mapping to attach each identity to a team, system, and business purpose.
- Replace model-account sprawl with usage-based privilege design Review access based on what each non-human identity actually does in production, then remove inherited permissions that are never exercised. Reserve just-in-time access for task-scoped elevation rather than leaving standing privilege in place.
- Baselined behaviour against peer identities Measure each identity against similar accounts performing comparable tasks so drift is visible before it becomes an incident. Include in-flight network and process activity, not just authentication logs.
- Extend lifecycle governance to machine and agent identities Apply joiner-mover-leaver discipline to service accounts, API keys, and AI agents with explicit ownership, offboarding, and revocation triggers. Do not rely on periodic access reviews to catch identities that were created outside normal IAM workflows.
Key takeaways
- Non-human identities now create the majority of practical identity exposure because they are numerous, persistent, and often poorly governed.
- Visibility, ownership, and lifecycle control are the decisive gaps, not just credential rotation or authentication hardening.
- Security teams need one identity governance model that covers humans, service accounts, workloads, and agentic identities without assuming they behave the same way.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and MITRE ATT&CK address the attack and risk surface, while NIST CSF 2.0, NIST Zero Trust (SP 800-207) and NIST SP 800-53 Rev 5 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | The article centres on discovery and lifecycle gaps across non-human identities. |
| NIST CSF 2.0 | PR.AC-4 | Least privilege and permission review are core to the article's governance model. |
| NIST Zero Trust (SP 800-207) | The post argues for continuous assurance across hybrid identity paths. | |
| NIST SP 800-53 Rev 5 | AC-6 | The article repeatedly highlights excessive privileges on non-human identities. |
| MITRE ATT&CK | TA0006 , Credential Access; TA0008 , Lateral Movement | The post links exposed credentials and downstream pivoting to common attack paths. |
Apply zero-trust principles to machine identities by verifying access continuously, not just at authentication.
Key terms
- Non-Human Identity (NHI): A digital identity assigned to a non-human entity such as a software application, service account, API key, bot, machine, or AI agent that enables it to authenticate and interact with systems without direct human involvement. NHIs now outnumber human identities in most enterprises by 25 to 50 times.
- Standing Privilege: Standing privilege is access that remains active even when no immediate task requires it. For NHI programmes, it is a common failure mode because long-lived credentials and persistent roles create unnecessary exposure. Reducing standing privilege usually means tighter expiry, on-demand access, and clearer review of who or what still needs access.
- Behavior Baseline: A record of normal activity for a non-human identity, including typical consumers, resources, and actions over time. Baselines help security teams detect when an identity is being used in an unusual way and provide the context needed to enforce least privilege safely in dynamic environments.
- Identity Graph: An identity graph is a relationship map that connects identities, assets, data, and permissions so teams can see how access actually flows. In NHI programmes, it helps explain which agent is related to which owner, which system, and which policy boundary.
What's in the full article
Unosecur's full blog covers the operational detail this post intentionally leaves for the source:
- A longer breakdown of discovery and observability patterns across cloud, on-prem, SaaS, and code.
- More detail on how NHI behaviour baselining and peer comparison are used to separate normal access from drift.
- Additional discussion of post-auth controls, including token abuse, privilege escalation, and session interference.
- The article's own framing of how human IAM concepts map into machine and agent identity governance.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building or maturing identity security across human and non-human estates, it is worth exploring.
Published by the NHIMG editorial team on July 14, 2026.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org