Managing non-human identity risk as agentic AI expands

At a glance

What this is: ConductorOne argues that NHI risk has become a primary identity concern in 2025, with agentic AI accelerating sprawl, over-privilege, and governance gaps.

Why it matters: IAM teams must now govern service accounts, tokens, and AI agents with the same discipline used for humans, because machine access can outgrow review, ownership, and containment assumptions.

By the numbers:

• A staggering 93% of respondents in the report said the risks associated with NHIs are urgent, with 24% calling them extremely urgent and in need of immediate action.
• 42% of respondents say NHI security is now a higher priority than securing human users.
• 78% of respondents said they have high or full visibility into NHIs across their environment, and 30% say they already have total visibility.
• Only 2% said NHIs don’t pose a current risk, an indication that awareness is high, even if action isn’t always keeping pace.

👉 Read ConductorOne's analysis of managing non-human identity risk in 2025

Context

Non-human identity risk is the governance problem that appears when systems, services, software, and AI agents receive access without the lifecycle discipline used for human users. In 2025, that gap matters more because agentic AI can create and use access at runtime, expanding the number of identities that security teams must understand, review, and constrain.

ConductorOne’s reporting points to a familiar pattern in IAM: awareness rises faster than operational control. Teams may believe they have visibility into machine identities, yet over-provisioning, weak rotation, and third-party access still leave credentials exposed long after their original purpose has passed.

For practitioners, the key issue is not whether NHIs exist, but whether they are governed as first-class identities. That means treating machine access as a lifecycle and privilege problem, not a side effect of application delivery.

Key questions

Q: How should security teams govern non-human identities at scale?

A: Security teams should govern non-human identities by assigning ownership, limiting scope, and enforcing lifecycle controls for every service account, token, and API key. The practical test is whether each identity can be reviewed, rotated, and revoked without guessing who depends on it. That is the difference between inventory and governance.

Q: Why do NHIs create more governance risk than many human accounts?

A: NHIs create more governance risk because they are easier to over-provision, harder to review, and less likely to trigger lifecycle events that remove access. They often persist after the workload changes, which means forgotten credentials can outlive the need they were created for. The result is standing access with weak accountability.

Q: How do security teams know if NHI visibility is actually working?

A: Visibility is working only when discovery leads to ownership, review, and action. If teams can list machine identities but cannot say who owns them, when they were last reviewed, or whether their permissions are still justified, visibility is not governance. A usable programme turns inventory into an enforceable control surface.

Q: Should organisations prioritise NHI governance before expanding agentic AI use?

A: Yes, because agentic AI increases the number of identities that can act, request access, and execute tasks. If machine identity controls are already weak, adding autonomous behaviour multiplies exposure faster than the programme can respond. Organisations should close NHI lifecycle gaps first so agentic expansion does not inherit unmanaged privilege.

Technical breakdown

Why NHI visibility can look better than it is

Visibility into NHIs usually means an inventory exists, not that access is controlled. Teams can enumerate service accounts, tokens, secrets, and APIs while still missing where they are used, who owns them, and whether their permissions still match the workload. This creates a common IAM failure mode: a discovered identity is mistaken for a governed identity. In cloud and SaaS environments, the blast radius grows when credentials persist after deployment and are reused across tools. Practical implication: inventory is only the starting point; governance depends on ownership, review, and revocation.

Practical implication: separate discovery from governance by tying every NHI to an owner, an expiry, and a reviewable access scope.

How over-provisioning becomes the default machine identity pattern

NHIs are frequently granted broad access to avoid breaking applications during deployment. That convenience becomes structural privilege creep because machine identities do not naturally trigger the events that force human access reviews, such as role change or departure. Unlike humans, they remain active until a separate process removes them. The result is a stable but oversized permission set that becomes hard to distinguish from legitimate need. Practical implication: privilege design must start narrow and be expanded only when the workload proves it needs more access.

Practical implication: design machine entitlements from the workload outward, not from the admin convenience of broad default access.

Credential rotation is a lifecycle control, not just a hygiene task

Rotation is the control that limits how long a stolen or leaked secret remains useful. For NHIs, rotation is harder because many credentials are embedded in applications, pipelines, and third-party integrations that do not tolerate silent change. That difficulty is why rotation often lags even when teams understand the risk. In practice, the issue is not the act of rotating one secret, but the ability to do so without breaking dependent systems. Practical implication: lifecycle management must be engineered into the identity design, not bolted on after the secret is already everywhere.

Practical implication: make rotation and revocation part of the credential architecture before the identity goes live.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• AI LLM hijack breach — attackers used stolen AWS access keys to hijack Anthropic LLM models on Bedrock.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

NHI governance has moved from peripheral hygiene to core identity risk. ConductorOne’s data shows that 93% of respondents now treat NHI risk as urgent, which reflects a structural shift in how identity programmes are being prioritised. That is not just a sentiment change. It means service accounts, APIs, tokens, and AI agents are now part of the same governance surface as human accounts, and practitioners must plan accordingly.

The real control gap is privilege, not discovery. Visibility can be high while access remains wrong, because machines are often over-provisioned at birth and never forced through the same review pressure as employees. This is where OWASP-NHI and NIST-CSF align most clearly: entitlement scope, ownership, and review cadence are the controls that determine whether an inventory becomes governance. Practitioners should treat excess privilege as the default failure mode, not an edge case.

Agentic AI turns NHI governance into a runtime problem. When machines generate requests, execute tasks, and make decisions, the identity programme is no longer governing static credentials alone. It is governing actions that can begin, expand, and complete faster than human review cycles can observe them. The implication is that machine identity management now overlaps with autonomous execution risk, which raises the bar for approval, logging, and containment.

Lifecycle discipline is the missing operating model for machine identities. Unlike humans, NHIs do not leave the organisation, but they do become obsolete, superseded, or dangerously reused. That makes offboarding, rotation, and recertification the decisive controls for the category. The practitioner conclusion is straightforward: if a machine identity cannot be owned, reviewed, and retired on a schedule, it is already outside governance.

Named concept: identity latency debt. The article’s core problem is that machine access persists longer than the business need that created it. That delay accumulates into governance debt because privilege, ownership, and revocation all drift out of sync. Practitioners should read NHI risk as a lifecycle latency problem, not merely as a volume problem.

From our research:

• 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, according to Ultimate Guide to NHIs.
• 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
• For a broader control view, read Top 10 NHI Issues for the lifecycle and visibility failures that keep NHIs exposed.

What this signals

Identity latency debt: as machine identities multiply, the real programme risk is not only volume but the delay between creation, review, and revocation. Teams that cannot shorten that delay will keep accumulating access that looks legitimate on paper but is no longer operationally justified.

The next phase of NHI governance will favour organisations that can bind ownership, expiry, and review to every non-human credential. With 97% of NHIs carrying excessive privileges in our research, privilege scope remains the clearest signal of whether a programme is controlling the asset or merely cataloguing it.

For practitioners

• Build an authoritative NHI inventory Map every service account, token, API key, certificate, and AI agent to an owner, purpose, and expiry so discovery turns into accountable governance.
• Tighten default privilege at creation time Start each machine identity with the minimum access needed for the workload, then expand entitlements only after documented justification and review.
• Operationalise credential rotation and revocation Treat rotation as a planned lifecycle control for embedded secrets, third-party integrations, and long-lived service accounts, not as an emergency-only task.
• Separate human lifecycle controls from machine lifecycle controls Use access reviews, offboarding, and recertification processes that explicitly distinguish between employees, service accounts, and agentic systems.

Key takeaways

• NHI risk is now a mainstream identity governance issue, not a niche infrastructure problem.
• Visibility alone does not solve machine identity exposure when privilege, ownership, and lifecycle controls remain weak.
• Practitioners should prioritise inventory, least privilege, and rotation as linked controls rather than separate tasks.

Key terms

• Non-Human Identity: A non-human identity is any credentialed machine or software actor that can authenticate and receive access, including service accounts, API keys, tokens, certificates, workloads, bots, and AI agents. In governance terms, it must be owned, scoped, reviewed, rotated, and retired like any other identity.
• Identity Latency Debt: Identity latency debt is the growing gap between when access is granted and when it is reviewed, reduced, or revoked. For machine identities, that delay often becomes dangerous because credentials persist quietly across systems, making obsolete permissions look normal until an incident exposes them.
• Lifecycle Governance: Lifecycle governance is the discipline of managing identity from creation through review, rotation, and offboarding. For NHIs, it covers secrets, ownership, expiry, and revocation, with the same seriousness applied to human joiner-mover-leaver processes but adapted for non-human behaviour.
• Over-Provisioned Access: Over-provisioned access is entitlement granted beyond what a workload or identity genuinely needs. For NHIs, it often happens at deployment time to avoid service disruption, then remains in place because no one revisits the original assumption, creating unnecessary blast radius and audit blind spots.

Deepen your knowledge

NHI lifecycle management, privilege control, and credential rotation are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building a governance programme from the same starting point, it is worth exploring.

This post draws on content published by ConductorOne: Managing Non-Human Identity Risk in 2025. Read the original.