NHI risk is shifting from credential theft to privilege blast radius

At a glance

What this is: Andromeda Security argues that the NHI problem is driven less by secret theft than by over-privileged access, missing lifecycle control, and weak ownership across cloud and AI-driven environments.

Why it matters: For IAM and NHI practitioners, the implication is that discovery, entitlement reduction, and sponsor accountability must be treated as core controls, not optional hardening.

By the numbers:

• NHIs outnumber human identities by 25x to 50x in modern enterprises.
• Only 5.7% of organisations have full visibility into their service accounts.
• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.

👉 Read Andromeda Security's NHI risk brief on human and non-human identity security

Context

Non-Human Identity security is the governance problem created when service accounts, API keys, tokens, certificates, workloads, and AI agents operate outside the visibility and lifecycle controls that shape human identity programmes. In the article, Andromeda Security frames the issue around cloud scale, where NHIs can grow far faster than the teams responsible for access reviews, rotation, and offboarding.

The primary gap is not whether these identities exist, but whether organisations can inventory them, tie them to owners, and reduce the permissions that determine blast radius. That makes the topic directly relevant to IAM, PAM, and NHI governance, especially in environments where agentic AI and automation are expanding machine identity populations.

A useful reference point is the broader NHI lifecycle problem described in the Ultimate Guide to NHIs, especially where discovery, rotation, and offboarding fall between security, cloud, and engineering teams. The article's starting position is typical for the market: visibility is weak, privileges are high, and ownership is fragmented.

Key questions

Q: How should security teams govern non-human identities in cloud environments?

A: Treat non-human identities as first-class identities with owners, scopes, expiry conditions, and review cycles. Discovery alone is not enough. Teams should reduce standing entitlements, classify high-risk accounts separately, and automate revocation when a workload, vendor relationship, or AI workflow ends. Governance fails when machine identities are managed as one-off technical objects instead of accountable access paths.

Q: What is the difference between rotating secrets and reducing NHI risk?

A: Secret rotation changes the credential, but it does not change what the identity can do if the secret is still linked to broad permissions. Reducing NHI risk requires both rotation and entitlement right-sizing. If the blast radius stays large, a fresh secret still gives an attacker the same reach after compromise.

Q: Why do AI agents make identity governance harder?

A: AI agents combine delegated access, tool use, and autonomous execution, so their permissions can expand faster than traditional review cycles. They need identity controls that account for task scope, session boundaries, and revocation. Without that, agents become another unmanaged NHI class with higher-speed access decisions and weaker human oversight.

Q: Should organisations prioritise NHI discovery before automation?

A: Yes. Automation without discovery usually scales blind spots, because teams cannot protect what they have not found. Start by inventorying service accounts, tokens, certificates, and agent identities, then assign owners and classify privileges. Once visibility exists, automation can support rotation, revocation, and alerting instead of amplifying unknown access.

Technical breakdown

Why over-privileged NHI permissions widen blast radius

An NHI is only as safe as the permissions attached to it. When a service account, token, or API key is compromised, the attacker does not need to break authentication again if the identity already has broad entitlements. That is why over-privilege matters more than raw credential age in many cloud incidents. In practice, the blast radius is defined by what the identity can do across control planes, data stores, CI/CD systems, and SaaS integrations. The failure mode is structural: organisations often rotate secrets while leaving excessive entitlements intact, which preserves the attacker’s effective reach.

Practical implication: review entitlements first, then reduce standing access before treating rotation as sufficient.

How NHI lifecycle gaps create orphaned access

Unlike human identities, NHIs rarely inherit a clean joiner-mover-leaver process. They are created by developers, automation pipelines, vendors, or AI systems, then forgotten when the project ends or the owner changes. That produces orphaned service accounts, unused API keys, and certificates that remain active long after they should have been removed. The technical issue is not just inventory drift. It is the absence of a central system of record that can bind each identity to an accountable sponsor, a purpose, and an expiration condition. Without that linkage, offboarding becomes manual and incomplete.

Practical implication: establish ownership and expiry metadata for every NHI and enforce decommissioning triggers.

Why AI agents increase identity governance complexity

AI agents behave like software actors with execution authority, but they often need tool access, delegated credentials, and chained permissions to complete tasks. That makes them an NHI class with higher volatility than traditional workloads. When agents can call tools, query data, or trigger actions, the security model must account for scope creep, unintended actions, and context-specific privilege. This is why agentic environments are forcing organisations to think about dynamic authorisation rather than static account provisioning. The risk is not simply that an agent exists. It is that its authority can expand faster than governance can observe.

Practical implication: treat AI agents as governed identities with explicit scopes, not as generic automation.

Threat narrative

Attacker objective: The attacker aims to convert one compromised NHI into broad operational access by exploiting over-privilege and weak lifecycle governance.

1. Entry occurs when an attacker obtains a long-lived secret such as an API key, access token, certificate, or service account credential that was stored without strong lifecycle controls.
2. Escalation follows when that identity has excessive entitlements, allowing the attacker to reach adjacent systems, data stores, or cloud control paths without additional authentication.
3. Impact comes from lateral movement and persistence through delegated machine access, which can expose data, disrupt services, or create compliance failures across cloud and SaaS environments.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• Sisense breach — unauthorized GitLab access led to exfiltration of access tokens, API keys and certificates.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Over-privileged NHI access is now the main driver of identity blast radius. The vendor is right to frame credential theft as only part of the problem, because privilege scope determines how far an attacker can move after entry. In mature programmes, the first question is not whether a secret exists, but what that identity can actually reach. The practitioner conclusion is simple: entitlement reduction must precede any assumption that rotation alone is enough.

NHI lifecycle governance is still the category's weakest control plane. Most enterprises have processes for human joiner-mover-leaver events, but NHIs are created and retired through fragmented engineering workflows. That leaves orphaned access, stale secrets, and unclear ownership across cloud and automation stacks. The practitioner conclusion is to bind every NHI to an accountable owner, an expiry condition, and a decommissioning path.

Agentic AI makes the NHI problem more dynamic, not fundamentally different. AI agents are software identities that can acquire tools, data, and execution paths, which means they inherit the same governance gaps as other NHIs, only faster. This does not require a new identity discipline so much as stricter scoping, monitoring, and revocation. The practitioner conclusion is to treat agent authority as time-bound and task-bound from the start.

Identity discovery has become a security prerequisite, not an audit exercise. Without a complete inventory of service accounts, tokens, certificates, and agent credentials, teams cannot assess exposure or prove control. That makes visibility a control objective in its own right, not merely an inventory task. The practitioner conclusion is to operationalise continuous discovery across cloud, CI/CD, and SaaS.

Blast-radius control should be the organising concept for NHI security. This post sharpens a practical idea that teams can use across policy, tooling, and reviews: the identity blast radius. It captures how permissions, ownership, and lifetime determine real exposure. The practitioner conclusion is to manage identities based on reachable impact, not just credential state.

From our research:

• NHIs outnumber human identities by 25x to 50x in modern enterprises, according to Ultimate Guide to NHIs.
• Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, according to Ultimate Guide to NHIs.
• For the broader control gap, see Top 10 NHI Issues for how visibility, ownership, and privilege management intersect in practice.

What this signals

Identity blast radius is the right operational lens for programmes that are trying to contain machine identity risk. If a secret can be rotated in minutes but the entitlement set still exposes production data or cloud control paths, the security gain is marginal. That is why NHI governance needs to be built around reachable impact, not just credential freshness, and mapped against the OWASP Agentic AI Top 10.

The scale pressure is already visible: NHIs outnumber human identities by 25x to 50x in modern enterprises, according to Ultimate Guide to NHIs. That ratio means manual review models will keep failing as automation and agentic AI expand, so practitioners should plan for continuous discovery, scoped access, and revocation workflows that operate at machine speed.

Security teams should also align machine identity governance with NIST AI Risk Management Framework governance expectations wherever AI agents are in scope. The programme signal is clear: if an autonomous system can act, it needs an accountable identity, a bounded task scope, and a predictable shutdown path.

For practitioners

• Implement continuous NHI discovery Build a live inventory of service accounts, API keys, tokens, certificates, workloads, and AI agent identities across cloud and CI/CD systems. Include owner, purpose, last-used time, and expiration data so discovery feeds remediation rather than reporting.
• Reduce standing entitlements Review every high-risk NHI for unused permissions, then move rarely used privileges to JIT elevation or remove them entirely. Focus on data stores, control planes, and automation paths where one compromised secret can create broad reach.
• Attach lifecycle owners to every identity Require a named human sponsor for each NHI and define the revocation trigger that ends access when a project, vendor relationship, or automation workflow changes. This is the simplest way to close orphaned access gaps.
• Monitor for anomalous machine behaviour Use behavioural detection to flag impossible travel, unusual API call volume, new tool chains, or secrets accessed outside expected workflows. Tie alerting to immediate revocation actions where the identity has no legitimate reason to retain access.

Key takeaways

• The article's core message is that NHI security risk is driven by privilege scope and lifecycle gaps, not just by secret compromise.
• The evidence points to a structural governance problem, with machine identities scaling far faster than visibility and offboarding controls.
• Practitioners should prioritise discovery, entitlement reduction, and owner accountability before treating rotation as a complete fix.

Key terms

• Non-Human Identity: A non-human identity is any machine or software credential used to authenticate and authorise activity, including service accounts, API keys, tokens, certificates, workloads, bots, and AI agents. These identities often outnumber human users and require separate governance because they do not follow employee lifecycle processes.
• Identity Blast Radius: Identity blast radius is the amount of access and operational reach a single credential can create if it is compromised. In NHI programmes, blast radius is shaped by entitlements, workload connections, and delegated actions, so the control goal is to shrink what one stolen identity can touch.
• Just-in-Time Elevation: Just-in-time elevation is a pattern where higher privileges are granted only for a defined task and removed immediately afterward. For NHIs, it reduces standing access that attackers can exploit, but it only works when ownership, scope, and revocation are enforced consistently.
• Orphaned Identity: An orphaned identity is a machine credential or service account that remains active after its original owner, workload, or purpose has ended. Orphans are dangerous because they often escape review, retain permissions, and become easy persistence points for attackers.

Deepen your knowledge

NHI discovery, lifecycle control, and entitlement reduction are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If your programme is starting from fragmented ownership and weak visibility, this is a practical place to build from.

This post draws on content published by Andromeda Security: Non-Human Identity Security: Critical Risk Brief. Read the original.