TL;DR: Agentic AI is expanding the attack surface while reducing attacker breakout time to less than an hour, and organisations still struggle to combine near real-time visibility with practical identity governance, according to Orca Security’s webinar coverage. The key issue is no longer just runtime monitoring but whether cloud security programmes can govern non-human identities, telemetry, and response fast enough to keep pace.
At a glance
What this is: This webinar argues that runtime security must move toward near real-time detection, with agentic AI and NHI sprawl forcing tighter identity-linked visibility.
Why it matters: It matters because IAM, PAM, and cloud security teams now have to govern machine and agent identities as part of runtime control, not as a separate afterthought.
By the numbers:
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.
- Systems with least-privileged AI access had a 17% incident rate vs 76% for over-privileged systems.
👉 Read Orca Security's webinar coverage of runtime security and agentic AI
Context
Runtime security is the practice of watching workloads while they are active, then detecting and containing risky behaviour before it spreads. In this article, the core problem is that runtime monitoring is being asked to do identity work as well, because agentic AI and non-human identities now shape how quickly access is used, misused, and escalated.
For IAM and cloud security teams, that changes the control model. Visibility, privilege scope, and response speed now have to align across workload identity, agent access, and infrastructure telemetry, or the security stack will remain too slow for the pace of modern cloud attacks.
Key questions
Q: How should security teams handle runtime visibility for non-human identities?
A: Security teams should tie runtime visibility to the identities actually driving workload behaviour, including service accounts, tokens, and AI-driven automation. Process and network telemetry only becomes useful when it preserves credential and role context. That lets teams tell the difference between expected automation and unauthorised activity before the workload state changes again.
Q: Why does agentic AI change runtime security assumptions?
A: Agentic AI changes runtime security because it can accelerate both attack execution and defensive analysis. That compresses the time available to notice misuse, validate context, and act. Teams can no longer assume human-paced investigation will keep up with cloud activity that is being generated, prioritised, or escalated at machine speed.
Q: What breaks when runtime monitoring has no identity context?
A: Without identity context, runtime monitoring can show that something happened but not who or what was authorised to do it. That creates blind spots in environments where workloads, APIs, and machine identities overlap. The result is noisy detection, weak triage, and a higher chance of taking the wrong containment action.
Q: Should teams use agentless or agent-based runtime controls?
A: Teams should use the combination that gives enough telemetry fidelity without destabilising production workloads. Agentless coverage is useful for broad visibility, while agent-based or sensor-based tools may be needed where identity-linked runtime detail is critical. The decision should be driven by workload risk, not by a single preferred architecture.
Technical breakdown
Near real-time runtime security and breakout time
Runtime security is only useful when detection, context, and response happen fast enough to matter. The article’s breakout-time point reflects a simple operational truth: if attackers can move from entry to meaningful impact in under an hour, batch review and delayed alerting lose value. Near real-time runtime security therefore depends on low-latency telemetry, automated triage, and response paths that can act before the workload state changes again. In cloud native environments, this usually means pairing process, network, and identity signals so the defender sees both what ran and who or what was authorised to run it.
Practical implication: shorten detection-to-decision loops so runtime controls can interrupt activity before lateral movement completes.
Agent-based and sensor-based runtime telemetry
Traditional agent-based security stacks often create their own operational burden because every workload must carry extra software overhead. Sensor-based approaches, including eBPF-based monitoring, shift much of that burden out of the workload while still exposing process and network behaviour. The architectural difference matters for identity security because telemetry is only actionable when it is rich enough to tie activity back to the credential or workload identity that initiated it. In practice, the question is not whether agentless or agent-based is better in the abstract, but which combination gives enough fidelity without making production environments fragile.
Practical implication: map telemetry coverage to the identities and workloads that actually drive risk, not to a single preferred collection method.
Agentic AI in detection and response workflows
Agentic AI changes runtime security because it can accelerate both sides of the control loop. On the defensive side, it can help sort noisy telemetry and prioritise response. On the offensive side, it can also help attackers scale reconnaissance, testing, and exploitation. That dual effect means security teams need context-rich identity data before they trust automated recommendations. Without that context, an AI-assisted response engine can act quickly on the wrong signal, especially in environments where multiple non-human identities, APIs, and infrastructure permissions overlap.
Practical implication: gate automated response on identity context, not just on anomaly severity.
Breaches seen in the wild
- Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
- AI LLM hijack breach — attackers used stolen AWS access keys to hijack Anthropic LLM models on Bedrock.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
Runtime security is becoming an identity problem, not just a telemetry problem. The article shows that visibility alone is no longer enough when attack speed is compressing and cloud environments are increasingly driven by non-human actors. Runtime protection now depends on knowing which identity initiated the action, what privilege it held, and whether the response path can still act in time. Practitioners should treat runtime and identity control as one operating plane, not two.
Near real-time control is the new baseline for cloud native defence. When breakout time falls below an hour, delayed investigation becomes a detection failure, not merely an efficiency issue. That shift aligns with NIST-CSF thinking around continuous monitoring and with Zero Trust assumptions that trust must be re-evaluated in motion. Teams should measure whether their current stack can still see, decide, and contain within the same operational window.
Context-rich telemetry is the named concept this article exposes. Security tools that see process activity without identity context create an incomplete control surface, especially in environments where sensors, workloads, and AI-driven actions overlap. The problem is not just data volume, it is decision quality under pressure. For practitioners, context-rich telemetry becomes the difference between informed containment and blind automation.
Agentic AI amplifies both protection and risk because it sits inside the response loop. The article correctly frames AI as a force multiplier on both detection and attack automation. That means governance can no longer assume a human operator will always stand between signal and action. IAM, PAM, and cloud operations teams should re-evaluate whether their escalation paths still make sense when machine-speed decisions are involved.
Identity governance has to extend into runtime operations if non-human identities are going to remain manageable. The article’s discussion of NHI proliferation is directionally right. Once machine identities become the control point for cloud activity, lifecycle, privilege scope, and monitoring all converge at runtime. Practitioners should expect identity governance and workload security to merge into a single operational discipline.
From our research:
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security, according to The 2026 Infrastructure Identity Survey.
- Only 7% of security leaders admit they do not know how often their AI systems are making autonomous changes to infrastructure, which shows how quickly visibility can outrun governance.
- That gap makes Ultimate Guide to NHIs - Key Challenges and Risks the right next step for teams working through privilege scope and lifecycle control.
What this signals
Context-rich telemetry: this is the control gap that will separate mature runtime programmes from noisy monitoring stacks. If your tooling cannot connect process activity to the originating identity, the response layer will continue to act on partial truth rather than operational evidence.
With 70% of organisations granting AI systems more access than they would give a human employee performing the exact same job, per the 2026 Infrastructure Identity Survey, runtime security is now a privilege-governance problem as much as a detection problem.
For practitioners, the practical shift is toward tighter coupling between cloud security telemetry and IAM decisioning. That makes Top 10 NHI Issues useful for teams reworking visibility, scope, and offboarding across machine identities.
For practitioners
- Correlate runtime telemetry with identity metadata Link process, network, and cloud control-plane events back to the workload or service identity that initiated them. Prioritise telemetry pipelines that preserve credential, role, and session context so response teams can distinguish authorised automation from misuse.
- Set response targets around attacker breakout time Benchmark how long it takes your team to detect, triage, and contain suspicious runtime behaviour, then compare that to the current less-than-an-hour breakout window described in the article. Use that gap to decide where automation is justified and where human approval still blocks containment.
- Review where agentless coverage is insufficient Identify cloud estates, container clusters, and high-value workloads where sensorless visibility leaves identity-linked activity too thin for reliable response. Add deeper instrumentation only where the risk warrants it, and keep the control scope tied to the identities that matter most.
- Treat AI-assisted response as a governed workflow Require explicit rules for when automated security agents can recommend, escalate, or execute runtime actions. Verify that each step is backed by identity context, not just anomaly scoring, before allowing machine-speed containment.
Key takeaways
- Runtime security is no longer just about seeing activity, because cloud attacks now move too quickly for delayed response to be reliable.
- Agentic AI and NHI sprawl make identity context a core requirement for deciding whether runtime behaviour is authorised or malicious.
- Practitioners should align telemetry, privilege scope, and response automation so containment can happen inside the same operational window as the attack.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | Runtime identity context is essential when non-human credentials drive workload behaviour. |
| NIST CSF 2.0 | DE.CM-7 | Continuous monitoring is central to near real-time runtime security. |
| NIST Zero Trust (SP 800-207) | PR.AC-4 | Least privilege and dynamic access scope underpin identity-aware runtime control. |
Use DE.CM-7 to validate that cloud runtime monitoring can still detect and contain activity quickly enough.
Key terms
- Runtime Security: Runtime security is the set of controls that monitor and respond to behaviour while workloads are active. In cloud environments it focuses on process, network, and identity signals so defenders can detect misuse before an attacker completes lateral movement or data access.
- Context-Rich Telemetry: Context-rich telemetry is monitoring data that preserves enough identity, workload, and privilege information to explain what happened. It is more valuable than raw events because it lets teams connect an action to the identity that executed it and decide whether the behaviour was expected.
- Agentic AI: Agentic AI is software that can choose actions, tools, and timing during execution rather than only following a fixed script. In identity terms, it behaves like a non-human actor whose decisions can change the access path at runtime, which makes governance and containment more difficult.
Deepen your knowledge
Runtime visibility, NHI governance, and identity context are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If your team is trying to connect cloud telemetry to machine identity control, it is worth exploring.
This post draws on content published by Orca Security: Runtime Reinvented, how agentic AI is transforming cloud native protection. Read the original.
Published by the NHIMG editorial team on 2026-02-25.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
