Nudge Security’s CRO hire signals a scale-up in AI governance

At a glance

What this is: Nudge Security’s CRO appointment marks a growth-stage push around SaaS and AI security governance, with the company highlighting AI agent discovery, visibility, and policy enforcement as the core of its market message.

Why it matters: For IAM and security teams, the signal is that AI tools and non-human identities are now being managed as a governance surface that spans SaaS, third-party risk, and workforce access.

By the numbers:

• Since its launch in October 2022, Nudge Security has experienced exponential growth, tripling ARR for two consecutive years, onboarding over 200 customers, and delivering rapid product innovation.
• The company has publicly announced over 150 product enhancements since the platform became generally available, with nearly 70 feature releases in 2025 alone.

👉 Read Nudge Security’s announcement on its new CRO and AI governance focus

Context

Non-human identity governance now sits at the intersection of SaaS sprawl, AI tool adoption, and third-party access. The core issue is not simply how many tools employees use, but whether security teams can see, classify, and control the identities and permissions those tools create across the environment.

This announcement is a market signal, not just a staffing update. A CRO hire around AI security governance suggests the vendor expects demand to keep shifting from point visibility toward broader operational coverage that includes discovery, policy enforcement, and lifecycle oversight for machine and AI identities.

Key questions

Q: How should security teams govern AI tools that create non-human identities?

A: Security teams should treat AI tools as identity-bearing services, not just applications. That means assigning ownership, recording permissions, reviewing OAuth scopes and API tokens, and recertifying access whenever the tool’s purpose or data reach changes. If the tool can act on enterprise data, it needs the same lifecycle discipline as any other non-human identity.

Q: Why does SaaS sprawl make non-human identity governance harder?

A: SaaS sprawl creates more delegated access paths than most IAM programmes can track manually. Each new connector, app, or AI tool can introduce its own permissions, shadow ownership, and data exposure. The result is that governance breaks down at the connection layer, where access is granted indirectly and often outside standard review cycles.

Q: What do teams get wrong about AI agent discovery?

A: Teams often treat discovery as a one-time inventory exercise, but AI-connected access changes as users add apps, permissions, and workflows. Discovery only has lasting value when it feeds ownership, classification, and recertification. Otherwise the inventory becomes a static list of already outdated identities and permissions.

Q: Who should be accountable for non-human identities created by employees?

A: Accountability should sit with the business owner of the workflow, the technical owner of the integration, and the security team governing policy. If no one owns the lifecycle, the identity becomes a permanent exception. That is how delegated access persists after the original use case no longer exists.

Technical breakdown

AI agent discovery and identity visibility in SaaS environments

AI agent discovery is the process of finding unsanctioned or partially managed AI tools and the identities they create or use inside SaaS environments. In practice, these agents often inherit access through OAuth grants, API tokens, or delegated user permissions, which means the security problem starts before the agent is formally registered. Visibility is therefore the first control layer. Without it, security teams cannot distinguish between approved automation and shadow AI, cannot map who approved what, and cannot trace which data or actions are reachable through connected apps.

Practical implication: inventory AI-connected SaaS access first, then classify each identity path by owner, scope, and review cadence.

Policy enforcement for non-human identities and delegated access

Policy enforcement in this context means applying governance rules to non-human identities, not just to users. That includes OAuth scopes, service permissions, app entitlements, and access paths that are granted by employees but exercised by software. The challenge is that these identities are often embedded in business workflows, so revocation or change control has to account for operational dependencies. Effective governance therefore depends on linking identity state to business ownership, not just technical authentication events.

Practical implication: tie each non-human identity to a named business owner and a documented approval path before granting long-lived access.

Lifecycle governance for AI tools and machine access

Lifecycle governance covers provisioning, review, change, and offboarding for every identity type. For AI tools, that means treating launch, model change, access expansion, and retirement as governance events, not just product milestones. The risk is privilege drift: an AI tool that starts with a narrow use case can accumulate broader access as employees connect more data sources or automate more tasks. Governance fails when the review process assumes static behaviour and stable purpose, which is rarely true in AI-enabled environments.

Practical implication: recertify AI tool access whenever scope changes, data sources expand, or the owner changes.

Threat narrative

Attacker objective: The objective is not a single exploit but persistent, poorly governed access to enterprise data through unmanaged AI and SaaS identities.

1. entry: Employees introduce AI tools and SaaS apps into the environment through normal work activity, creating new identity paths before security teams can fully catalogue them.
2. escalation: The tools receive delegated permissions through OAuth scopes, app connectors, or API credentials, widening the access surface beyond the original user intent.
3. impact: Security teams lose clear visibility into which non-human identities can reach sensitive data, making policy enforcement and third-party risk management harder to sustain.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• LiteLLM PyPI package breach — LiteLLM PyPI supply chain attack, credentials stolen from users.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Visibility has become the first governance control for AI tool sprawl. The vendor’s message reflects a broader reality across SaaS and NHI programmes: if security teams cannot see the identities created by AI tools, they cannot govern them. Discovery is no longer a reporting feature, it is the prerequisite for ownership, classification, and review.

Non-human identity governance is shifting from credential protection to lifecycle accountability. Employee-deployed AI tools often inherit access through delegated permissions, then expand their reach as workflows change. That means the real problem is not just secret leakage, but access that outlives the use case and escapes normal offboarding discipline. Practitioners should treat scope drift as a governance failure, not a tooling gap.

Third-party and OAuth exposure remain the structural weak point in AI-enabled environments. The underlying assumption that connected apps are visible, bounded, and centrally managed no longer holds once users can attach new services on demand. That assumption breaks most visibly in connected SaaS ecosystems, where access can proliferate faster than review cycles can catch up. The implication is that entitlement governance must follow connection paths, not just user records.

AI security governance is converging with NHI governance, not replacing it. The category is expanding because the same controls that matter for service accounts, API keys, and OAuth grants now apply to AI agents and AI-enabled workflows. The market is moving toward a single operational model for identity discovery, ownership, policy, and lifecycle control across human and non-human access alike.

Confidence gaps are becoming a strategic indicator, not a soft maturity metric. When organisations say they are unsure how well they secure non-human identities, that uncertainty usually maps to incomplete inventory, inconsistent ownership, and weak recertification. In other words, the governance problem is measurable even when the control stack is fragmented. Practitioners should read confidence as a signal of hidden access debt.

From our research:

• 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to Astrix Security & CSA.
• From our research: 45% of organisations cite lack of credential rotation as the top cause of NHI-related attacks, with inadequate monitoring and logging and over-privileged accounts each named by 37%, according to Astrix Security & CSA.
• The governance response is therefore not simply more discovery, but tighter lifecycle control over connected identities, OAuth grants, and delegated access paths.

What this signals

OAuth-connected access is becoming a governance boundary, not a technical detail. As AI tools and SaaS apps proliferate, the practical question is no longer whether users can connect services, but whether those connections are owned, reviewed, and revoked with identity discipline. The sharpest programmes will treat connected apps as part of the identity estate and map them into the same governance workflow used for privileged access.

Confidence gaps usually mean ownership gaps. When teams cannot explain who owns a connector, when it was last reviewed, or which permissions it actually uses, the problem is not visibility alone. It is a lifecycle failure that leaves access in place after the business need changes, and that is exactly where risk accumulates fastest.

Shadow AI will increasingly look like ordinary SaaS governance debt. Once employees can attach new tools without friction, unmanaged identities blend into routine business usage. The programmes that will keep pace are the ones that connect discovery to policy, policy to ownership, and ownership to recertification rather than treating each as a separate project.

For practitioners

• Map AI-connected SaaS identities first Inventory every AI tool, connector, OAuth grant, and API credential that can reach enterprise data. Assign an owner to each one and distinguish approved automation from shadow AI before you expand policy coverage.
• Bind non-human access to business ownership Require a named business owner, technical owner, and review cadence for each non-human identity. Without accountable ownership, delegated access will survive changes in team structure and tool usage.
• Recertify when scope changes Trigger review when an AI tool adds a new data source, new connector, or broader permission set. Treat those changes as lifecycle events, not routine configuration updates.
• Separate discovery from enforcement Use discovery to find AI and SaaS identities, then apply policy enforcement only after inventory is complete enough to support clean ownership and exception handling.
• Track third-party OAuth exposure as an identity problem Monitor connected vendors and delegated apps as part of identity governance, because OAuth sprawl often hides the most material access paths in SaaS environments.

Key takeaways

• Nudge Security’s appointment of a revenue leader signals that AI governance is moving from point capability to platform category.
• The practical risk is not only AI adoption, but unmanaged delegated access across SaaS and non-human identities.
• Practitioners should respond by tying discovery, ownership, and recertification to every AI-connected access path.

Key terms

• Non-Human Identity: A non-human identity is any machine, service, token, certificate, or software agent that can authenticate or be authorised to access systems. In governance terms, it is not a user account by another name. It is an identity object with its own lifecycle, ownership, permissions, and risk profile.
• OAuth grant: An OAuth grant is delegated permission that allows one application to access another system on a user’s behalf. It is a common way for SaaS and AI tools to inherit access without a shared password. Governance must track who approved it, what scope it has, and when it should be revoked.
• Shadow AI: Shadow AI refers to AI tools, agents, or services that are used inside an organisation without formal approval, inventory, or oversight. These tools may still be productive, but from an identity perspective they create unmanaged access paths, unknown data exposure, and gaps in ownership and review.
• Lifecycle governance: Lifecycle governance is the discipline of managing identity from creation through change, review, and removal. For non-human identities, it covers provisioning, scope changes, credential rotation, recertification, and offboarding so access does not outlive the business need that justified it.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Nudge Security: the appointment of Patrick Dillon as chief revenue officer and the company’s AI security governance update. Read the original.