Mythos-era AI risk puts secrets rotation and NHI control first

At a glance

What this is: GitGuardian’s briefing argues that AI-era vulnerability risk still flows through credentials, making secrets rotation, NHI governance, and deception controls central to containment.

Why it matters: For IAM and NHI practitioners, the message is that faster exploitation only increases the value of lifecycle control, ownership mapping, and short-lived access.

By the numbers:

• 22% of all breaches
• Machine identities are now involved in some stage of 68% of IT security incidents.
• Our State of Secrets Sprawl 2026 report found 29 million new hardcoded secrets exposed on public GitHub in 2025, a 34% year-over-year increase.
• In our longitudinal dataset, 64% of secrets leaked in 2022 still hadn't been revoked as of 2026.

👉 Read GitGuardian's analysis of AI vulnerability controls, secrets rotation, and NHI governance

Context

AI vulnerability guidance often overweights zero-days and underweights the credentials that make exploitation durable. In practice, the main governance gap is not whether an attacker can find a flaw, but whether exposed secrets, service accounts, and agent credentials remain valid long enough to be used across the NHI estate.

GitGuardian’s briefing reflects a broader shift in NHI governance. The control question is no longer just how to detect exposure, but how to map ownership, rotate quickly, and constrain blast radius when AI systems, automation, and humans all touch the same secret surface.

Key questions

Q: How should security teams handle exposed secrets in AI-driven environments?

A: Security teams should treat exposed secrets as active access paths and respond as though misuse can begin immediately. The right sequence is to identify the owning NHI, revoke the credential everywhere it is trusted, check downstream dependencies, and then validate whether the secret was copied into collaboration or CI systems.

Q: Why do AI agents make secrets governance harder for IAM teams?

A: AI agents make secrets governance harder because they operate as non-human identities with execution authority, often across multiple tools and workflows. That expands the number of places where credentials can be stored, duplicated, or reused, and it increases the chance that a single exposed secret grants broad authenticated access.

Q: What is the difference between secrets rotation and secrets revocation?

A: Rotation replaces a credential with a new one, while revocation removes the old credential from use. In NHI programmes, rotation without revocation is incomplete because the old secret may still authenticate in downstream systems, caches, or copied workflows. Effective control requires both actions to happen quickly and consistently.

Q: When should organisations prioritise deception controls for NHIs?

A: Organisations should prioritise deception controls when they cannot guarantee fast detection of credential misuse. Honeytokens and canaries are especially useful for privileged service accounts, agent credentials, and CI/CD environments where exposure is likely and human monitoring alone is too slow to stop lateral movement.

Technical breakdown

Why credential exposure remains the primary entry path

Even when AI increases the pace of exploit development, the first usable foothold is still usually a credential. Secrets in code, CI/CD logs, chat threads, and build environments let attackers bypass exploit complexity and move directly into authenticated abuse. In NHI environments, that matters because service accounts and API keys often outlive the workflow that created them. Once valid credentials are found, the attacker inherits the trust already granted to the identity, which is far more efficient than trying to break authentication from scratch.

Practical implication: Treat exposed secrets as immediate access events, not low-priority hygiene issues.

How secrets rotation changes the blast radius model

Secrets rotation is effective only when it is coupled to ownership, dependency mapping, and revocation speed. Rotating a token is not the same as removing the access path behind it, especially when multiple services, pipelines, or agents depend on the same NHI. The technical problem is lifecycle coupling: one secret often authenticates across more than one system, so the real unit of risk is the dependency chain, not the credential alone. Rotation reduces dwell time only when stale credentials can be revoked everywhere they are trusted.

Practical implication: Build rotation around dependency discovery, not around a ticket to replace a single secret.

Why deception controls help when AI-speed response is required

Honeytokens and canaries work because they turn credential misuse into a detectable event before broad lateral movement begins. In an environment where AI-driven exploitation can compress the time between exposure and use, passive monitoring is too slow. Deception changes the attacker’s economics by making unauthorised access noisy and measurable. For NHI governance, this matters because machine identities do not self-report compromise; they need external detection that is tied to the identity, not just the system hosting it.

Practical implication: Use deception controls to shorten detection time on high-risk service accounts and agent credentials.

Threat narrative

Attacker objective: The attacker wants to convert a single exposed credential into broad, authenticated access across the organisation’s machine identity estate.

1. Entry through exposed credentials or tokens discovered in code, collaboration tools, or CI/CD surfaces.
2. Escalation by using the valid NHI to access dependent services, pipelines, or agent workflows with inherited trust.
3. Impact through rapid lateral movement or misuse of privileged automation before rotation or containment occurs.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• MongoBleed breach — MongoBleed exposed secrets across 87K MongoDB servers.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

The AI vulnerability era is really a credential governance problem. The article’s core claim is not that zero-days no longer matter, but that credentials still determine whether exploitation becomes operational. That is why secrets rotation, NHI governance, and phishing-resistant MFA sit at the center of resilient control design. Practitioners should treat credential control as the primary containment layer, not a supporting hygiene task.

Ephemeral credential trust debt is now a structural risk. Short-lived access is only safer if ownership, revocation, and dependency mapping keep pace. The moment a token is copied into tickets, chat, or build logs, the system accumulates hidden trust that outlives the intended lifecycle. NHI programmes should assume that every exposed secret carries downstream dependencies unless proven otherwise, and should design controls for revocation at that scale.

Machine-speed attack paths require machine-speed detection. The article’s emphasis on honeytokens and behavioural monitoring reflects a broader truth: human-led review cannot match AI-accelerated misuse. That means deception, telemetry, and containment need to be pre-authorised and identity-aware, not assembled after the incident starts. Security teams should align detection with the NHI, not only the host or repository.

AI governance and NHI governance are converging, whether teams planned for it or not. The briefing ties agentic supply chain control to the same secret and identity problems already familiar in workload identity management. Once AI systems can read, summarise, and act on the same surfaces as engineers, access policy becomes a shared control plane issue. Practitioners should unify AI and NHI governance rather than running them as separate risk programmes.

From our research:

• 29 million new hardcoded secrets exposed on public GitHub in 2025, a 34% year-over-year increase, according to The 2025 State of NHIs and Secrets in Cybersecurity.
• From our research: 62% of all secrets are duplicated and stored in multiple locations, according to The 2025 State of NHIs and Secrets in Cybersecurity.
• The same research shows that 50% of organisations are onboarding new vaults without proper security approval, which signals how quickly control gaps can appear during AI and automation scaling.

What this signals

Ephemeral credential trust debt: The real programme risk is not just exposure volume, but the accumulation of valid trust that nobody can fully trace. If teams cannot prove who owns a secret, where it is used, and how fast it can be revoked, AI-driven automation will keep turning small exposures into broad access opportunities. For teams aligning this work to operating models, the NHI Lifecycle Management Guide is the practical starting point.

With 44% of NHI tokens exposed in the wild, the operational gap is already measurable rather than theoretical. Security teams should expect more incidents to originate outside source code, which means ticketing systems, chat platforms, and CI logs must be treated as first-class secret stores, not peripheral risk surfaces.

Programmes that already use the OWASP Non-Human Identity Top 10 can use this briefing to sharpen priorities around overprivilege, credential rotation, and detection. The likely next step is tighter coupling between identity inventory, revocation automation, and deception telemetry so that NHI governance can keep pace with agentic tooling.

For practitioners

• Map every secret to an owning NHI Create an inventory that links each exposed token, key, or certificate to the service account, workload, or agent that depends on it. Without that mapping, rotation becomes guesswork and incident response stalls while teams debate ownership.
• Shorten revocation paths for shared credentials Identify NHIs that are reused across multiple applications or automation chains, then split them before exposure turns into a fleet-wide incident. Prioritise credentials with broad dependency chains and replace them with narrowly scoped identities.
• Deploy deception on high-risk machine identities Place honeytokens and canaries where agents, CI systems, and service accounts are most likely to touch sensitive secrets. Pair them with behavioural alerts and pre-authorised containment so response can start as soon as misuse appears.
• Move secrets rotation into the incident path Treat rotation as part of containment, not a backlog task after remediation. Build runbooks that can revoke credentials across repositories, CI/CD, collaboration tools, and downstream services in the same response window.

Key takeaways

• AI-era exploitation still runs through credentials, so NHI governance remains a primary control problem rather than a secondary hygiene issue.
• The scale of exposed and unrevised secrets shows that exposure windows are still long enough for attackers to act before teams can contain the risk.
• Practitioners should build faster ownership mapping, rotation, and deception into the incident path, because containment now depends on machine-speed response.

Key terms

• Non-Human Identity: A non-human identity is a machine-usable identity such as a service account, API key, token, certificate, bot, workload, or AI agent. In practice, it is the trust object that lets software authenticate and act without a person present, which makes lifecycle control and ownership critical.
• Secrets Rotation: Secrets rotation is the process of replacing credentials before they are overused, copied too widely, or exposed for too long. In NHI programmes, it only works when revocation, dependency mapping, and downstream validation are part of the same workflow.
• Blast Radius: Blast radius is the amount of access, data, or operational reach an attacker gains after compromising one credential or identity. For NHIs, it is shaped by privilege scope, reuse, and the speed at which security teams can revoke trust across connected systems.
• Honeytoken: A honeytoken is a deliberately planted secret or credential designed to be detected when used. It helps security teams spot misuse early, especially in environments where machine identities and automation can move faster than manual investigation or containment.

What's in the full article

GitGuardian's full article covers the operational detail this post intentionally leaves for the source:

• A 90-day CISO action plan with the sequence the paper recommends for hardening, detection, and response.
• The full risk register language for unmanaged AI agent attack surface and related control priorities.
• Practical guidance on honeytokens, pre-authorised containment, and behavioural monitoring.
• The paper's framing of how secrets rotation, segmentation, and phishing-resistant MFA work together to reduce blast radius.

👉 The full GitGuardian article covers the 90-day plan, risk register, and control sequencing in more detail.

Deepen your knowledge

Secrets rotation and non-human identity governance are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building a response model for exposed credentials and agent access, it is worth exploring.