TL;DR: Enterprises now have non-human identities outnumbering humans by more than 45:1 in some environments, while attackers continue to exploit compromised NHIs in major breaches, according to Token Security. The governance gap is structural: IAM programmes built for people do not reliably control machine-native identities or autonomous agents.
At a glance
What this is: This is an independent analysis of why NHI governance is becoming the control layer for agentic AI and machine identities, with the core finding that organisations still lack ownership, lifecycle control, and visibility over a fast-growing identity population.
Why it matters: It matters because IAM, PAM, and lifecycle teams now have to govern service accounts, workloads, and AI agents with the same discipline they use for human access, or the attack surface will keep expanding faster than controls.
By the numbers:
- Non-human identities outnumber humans by more than 45:1 in some enterprises.
👉 Read Token Security's analysis of NHI security in the agentic AI era
Context
Non-human identity governance is the discipline of controlling service accounts, APIs, cloud workloads, ephemeral processes, and AI agents with clear ownership, lifecycle controls, and visibility. In this article, Token Security argues that these identities have become a larger and less governed population than human users, which changes how security teams should think about access risk.
The practical problem is not just volume. NHIs are often created in code, persist beyond their intended use, and accumulate excessive privileges, which means IAM programmes built around employee workflows do not give the same assurance for machine access. That makes NHI lifecycle management a baseline control issue, not a niche engineering concern.
Key questions
Q: What breaks when non-human identities are created without lifecycle ownership?
A: When non-human identities lack lifecycle ownership, they persist beyond the workload, integration, or vendor relationship that created them. That creates orphaned access, privilege sprawl, and weak accountability because no one is clearly responsible for review or revocation. The result is not just poor hygiene. It is an exposure window that can survive ordinary IAM processes.
Q: Why do NHIs complicate traditional IAM programmes?
A: NHIs complicate traditional IAM because they do not behave like employees. They can be created in code, reused across environments, and left with standing privilege long after their original task is complete. Human IAM controls often assume stable ownership, periodic review, and user-centric authentication patterns, which do not fit machine identities well.
Q: What do security teams get wrong about machine identity risk?
A: Security teams often focus on the number of machine identities instead of the quality of their governance. A large inventory is not the core issue if each identity has clear provenance, narrow scope, and reliable deprovisioning. The real risk appears when identities are opaque, over-privileged, and difficult to revoke.
Q: How should organisations govern NHIs alongside human IAM?
A: Organisations should govern NHIs as a separate but connected identity population with its own lifecycle, ownership, and monitoring model. That means linking machine access to source systems, enforcing deprovisioning, and using detections that reflect machine behaviour. Human IAM and NHI governance need shared oversight, not shared assumptions.
Technical breakdown
Why flat NHI inventories miss the control problem
A flat inventory tells you an identity exists, but not why it exists, who owns it, or whether its privileges still match the workload that created it. In machine environments, identities are often generated dynamically from code or infrastructure templates, then reused across environments where context changes quickly. Without source linkage, the security team cannot separate legitimate runtime use from stale or orphaned access. That is why contextual discovery matters more than raw counts: it ties identity state to provenance, purpose, and effective scope.
Practical implication: map each NHI back to its source system and owner before you try to govern its entitlements.
Why lifecycle-first governance is the missing machine identity control
Lifecycle governance for NHIs means creating, reviewing, and removing access in step with the workload or process that depends on it. Unlike people, machine identities can be created by pipelines, consumed by ephemeral processes, and then left behind long after the task finishes. That creates privilege sprawl and lingering access that conventional joiner-mover-leaver processes do not catch unless they are adapted for non-human actors. The control gap is persistence without ownership.
Practical implication: treat offboarding and deprovisioning as mandatory controls for machine identities, not as cleanup tasks.
How machine-native detection differs from human IAM signals
Human IAM monitoring often looks for impossible travel, login fatigue, or MFA anomalies. Those signals do not fit NHIs, where abuse looks like unusual API patterns, secrets misuse, or workload-to-workload behaviour that diverges from the identity’s normal purpose. Effective machine-native detection needs context about expected call paths, privilege boundaries, and dependency chains. Without that context, security teams either miss misuse or drown in false positives that no one can triage quickly.
Practical implication: build detections around expected machine behaviour and secrets use, not human login patterns.
Threat narrative
Attacker objective: The attacker wants durable, quiet access through machine identities that can be reused across systems and remain valid long enough to extend breach impact.
- Entry occurs when attackers obtain compromised non-human credentials through exposed secrets, delegated access, or abuse of over-permissioned machine identities.
- Escalation follows when those credentials retain standing privilege, allowing lateral movement into cloud workloads, OAuth-connected services, or adjacent systems without strong ownership checks.
- Impact lands in broad access, data exposure, or service manipulation because the compromised identity often outlives the business process it was supposed to support.
Breaches seen in the wild
- Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
- Salesloft OAuth token breach — hackers stole OAuth tokens to access Salesforce data via Salesloft.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
NHI governance is no longer a side discipline inside IAM. It is the control layer that determines whether machine access remains attributable, reviewable, and revocable at enterprise scale. Token Security’s thesis reflects what many security teams are now seeing in practice: NHIs are larger than human populations and often less governed. When that is true, human-centric access models stop being the primary control plane and become only one part of the programme. Practitioners should treat NHI governance as a first-order architecture concern.
Contextual discovery is the missing prerequisite for lifecycle control. A flat list of identities does not tell a security team whether an account came from code, what it is entitled to do, or which business process created it. Token Security’s framing highlights a broader industry problem: lifecycle decisions are impossible when provenance is unknown. The practitioner lesson is to make identity origin and ownership visible before attempting enforcement.
Privilege sprawl in NHIs is a lifecycle failure, not merely a permissions problem. Excess access accumulates when machine identities are created dynamically, persist too long, and are never confidently deprovisioned. That is why the relevant governance lens is not just least privilege at creation time, but continuous entitlement verification across the identity’s life. Teams should stop treating machine access as static configuration.
Agentic AI raises the governance bar because it turns NHIs into decisioning actors, not just background infrastructure. The same access model that is already struggling with workloads becomes even harder to defend when an agent can spin up infrastructure, call tools, and act across systems. This is the identity convergence point for IAM, NHI, and emerging autonomous behaviour. Practitioners should reassess whether their controls assume a passive identity or an actor that can initiate work.
Identity blast radius is the right named concept for this shift. When machine identities are numerous, long-lived, and over-privileged, the breach impact is determined less by one compromised secret than by how far that identity can move before it is contained. Token Security’s emphasis on discovery, lifecycle, and response all points to that same field-level problem. Security teams should measure blast radius as a governance outcome, not only an incident metric.
From our research:
- 88.5% of organisations acknowledge that their non-human IAM practices lag behind or are merely on par with their human identity and access management efforts, according to The 2024 Non-Human Identity Security Report.
- Only 19.6% of security professionals express strong confidence in their organisation's ability to securely manage non-human workload identities, which underscores how thin the operational margin remains.
- For lifecycle depth and governance structure, start with Ultimate Guide to NHIs, which frames how ownership, rotation, and offboarding should work across machine identities.
What this signals
Identity blast radius: as NHIs multiply, the practical question is no longer whether a secret can be protected in isolation, but how far one compromised identity can move before governance closes the window. That shifts programme design toward provenance, ownership, and revocation speed rather than inventory size alone.
Teams should expect agentic AI to expose the weakest assumptions in existing IAM and PAM models, especially where controls still assume a human operator behind every access request. The right response is to separate policy for people, machine identities, and autonomous behaviour, then test whether each can be reviewed and revoked on its own terms.
For practitioners, the programme signal is clear: if non-human access cannot be tied back to an owner and a lifecycle event, it will eventually become a blind spot. Start with the identity classes that already touch production systems, then expand governance to the rest of the machine estate.
For practitioners
- Inventory machine identities by provenance Link each service account, API credential, and workload identity back to its source code, IaC template, or control owner so that every identity has an accountable parent.
- Make lifecycle offboarding mandatory for NHIs Build revocation steps into workload retirement, pipeline teardown, and vendor change processes so access does not survive the process that justified it.
- Replace human IAM signals with machine-specific detections Tune monitoring for anomalous API calls, unusual secrets use, and unexpected workload-to-workload relationships instead of login-centric alerting.
- Measure privilege sprawl as a control failure Track how many non-human identities retain broad access after the original workload, deployment, or integration has changed, and review those cases first.
- Prepare governance for agentic execution paths Assume future AI agents may initiate actions across tools and environments, then test whether existing approval, review, and revocation processes can still keep pace.
Key takeaways
- Non-human identity risk is now a governance problem, not just an inventory problem.
- The evidence points to a broad maturity gap: machine identities are growing faster than the controls that should govern them.
- Practitioners need provenance, lifecycle offboarding, and machine-native detection before agentic AI multiplies the blast radius further.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | The article centers on discovery and governance gaps in machine identities. |
| NIST CSF 2.0 | PR.AC-4 | Least privilege and access governance map directly to over-permissioned NHIs. |
| NIST Zero Trust (SP 800-207) | PR.AC | The post argues for continuous verification across machine and agent access paths. |
Inventory machine identities by origin and ownership, then verify their entitlements against purpose.
Key terms
- Non-Human Identity: A non-human identity is any digital credential or account used by software, services, workloads, or agents rather than a person. It includes service accounts, API keys, tokens, certificates, and emerging AI agent identities, and it must be governed through ownership, lifecycle control, and access review.
- Lifecycle Governance: Lifecycle governance is the set of processes that create, review, change, and revoke access across an identity’s life. For NHIs, it matters because identities can be created automatically, persist invisibly, and outlive the workload that depends on them unless offboarding is explicit and enforced.
- Identity Blast Radius: Identity blast radius is the amount of access, movement, and downstream impact a single compromised identity can create. In non-human environments, it is shaped by scope, standing privilege, dependency chains, and how quickly the identity can be revoked when abuse appears.
- Machine-Native Detection: Machine-native detection is monitoring designed to spot abuse patterns in non-human identities rather than human login behavior. It looks for unusual API use, secret misuse, workload anomalies, and unexpected service-to-service activity that indicate identity abuse or scope drift.
What's in the full article
Token Security's full blog covers the operational detail this post intentionally leaves for the source:
- How Token Security maps identities back to source code and IaC templates in its risk graph.
- The platform workflow for lifecycle governance, compliance reporting, posture management, and remediation.
- Machine-native detection examples for anomalous API calls and secrets abuse in live environments.
- The way automated response is integrated with SIEM, SOAR, and XDR for operational teams.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building or maturing an IAM programme, it is worth exploring.
Published by the NHIMG editorial team on 2026-05-31.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org