Secret sprawl and workload identity: why NHI governance is lagging

At a glance

What this is: This is an analysis of how secret sprawl, workload identity, and AI agents are turning machine identities into a larger governance problem than human access.

Why it matters: It matters because IAM teams now have to control ephemeral workloads, static secrets, and autonomous agents with the same rigor once reserved for privileged people access.

By the numbers:

• In most organizations, machine identities outnumber humans by 82 to 1.
• GitGuardian's latest research found 24 million leaked secrets on GitHub alone.

👉 Read Palo Alto Networks' analysis of secret sprawl, workload identity, and AI agent identity risk

Context

Secret sprawl is the accumulation of API keys, tokens, certificates, and service account credentials across code, pipelines, vaults, and cloud services. In NHI governance terms, the problem is not just exposure, but long-lived trust that outlives the workload, the owner, or the business need. As machine identities proliferate across microservices, multi-cloud estates, and AI agents, conventional IAM controls struggle to keep inventory, ownership, and rotation aligned.

The article argues that workload identity can reduce reliance on static secrets by binding trust to runtime context rather than stored credentials. That direction is sound, but it does not remove governance obligations. Organizations still need discovery, issuance controls, lifecycle management, and audit trails, and that starting position is becoming typical rather than exceptional in modern infrastructure teams.

Key questions

Q: How should security teams reduce secret sprawl in machine identities?

A: Start by inventorying every secret across code, pipelines, vaults, and collaboration tools, then assign ownership, expiry, and revocation to each item. Rotate exposed credentials quickly, remove duplicates, and replace long-lived secrets with runtime-bound identity where possible. Secret reduction works only when discovery and lifecycle control are continuous.

Q: What is the difference between workload identity and static secrets?

A: Static secrets are reusable credentials that can be copied, leaked, and replayed. Workload identity binds trust to the running workload and verifies it cryptographically, which reduces the value of credential theft. The practical difference is governance depth: workload identity still requires issuance, renewal, and offboarding controls.

Q: When does workload identity reduce risk but not solve governance?

A: It reduces risk when the main problem is credential exposure, but it does not solve ownership, permission creep, or lifecycle failure. If organisations do not define who can issue an identity, how long it lives, and how it is revoked, the control gap simply moves from secrets to certificates.

Q: Why do AI agents make machine identity governance harder?

A: AI agents can create resources, call APIs, and chain actions autonomously, so their access decisions happen faster than manual review processes can keep up. That increases the need for policy-based, task-scoped access and clear audit trails. Treating agents like normal service accounts leaves too much authority in place for too long.

Technical breakdown

Why secret sprawl creates a machine identity governance gap

Secret sprawl is a control failure, not just a hygiene issue. When API keys and tokens are embedded in code, shared in chat, or duplicated across vaults, the organisation loses a reliable source of truth for who or what can authenticate. Static secrets also create a long tail of validity, which means compromise persists far beyond detection. In NHI terms, that converts every exposed credential into a durable access path unless rotation, revocation, and ownership are tightly managed.

Practical implication: Treat every stored secret as a governed identity with an owner, expiry, and revocation path.

How workload identity changes authentication for AI agents and services

Workload identity replaces shared static credentials with cryptographically verifiable identity bound to a workload runtime or attestation signal. Protocols such as SPIFFE establish a consistent identity model for services across environments, which makes authentication less dependent on secrets that can be copied or reused. For AI agents, that matters because the agent may create new resources or call APIs autonomously, so the identity model must support machine-to-machine trust without exposing reusable credentials.

Practical implication: Use runtime-bound identity for services and agents that need frequent, short-lived access.

Where certificate lifecycle management still becomes the failure point

Even with stronger workload identity, certificate and token lifecycle management remains a common outage and control failure source. Expiry, renewal, and revocation need automation because manual handling does not scale with thousands of machine identities. The control objective is not merely replacing one credential type with another, but ensuring the issuance pipeline, renewal cadence, and offboarding workflow are all governed. Without that, organisations simply move from secret sprawl to certificate sprawl.

Practical implication: Automate renewal and offboarding before expanding workload identity beyond pilot environments.

Threat narrative

Attacker objective: The attacker wants durable infrastructure access that can be reused without triggering immediate human suspicion.

1. Entry via a leaked API key or hardcoded secret that remains valid after exposure.
2. Escalation through overprivileged machine identity permissions that let the attacker reach additional systems.
3. Impact through infrastructure access, data exposure, or unauthorized workload creation using the compromised identity.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• Sisense breach — unauthorized GitLab access led to exfiltration of access tokens, API keys and certificates.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Secret sprawl is now a governance problem, not a storage problem. The central failure is not where credentials are kept, but whether the organisation can prove ownership, expiry, and revocation across thousands of machine identities. Once secrets spread across code, vaults, and chat tools, the control plane becomes fragmented. Practitioners should treat discovery and lifecycle management as core IAM work, not as an engineering side task.

Workload identity is the right direction, but it does not eliminate trust debt. Replacing static secrets with runtime-bound identities reduces exposure, yet every identity still needs issuance rules, attestation, and auditability. The field should stop presenting workload identity as a replacement for governance and start treating it as a stricter governance model. Practitioners should expect better containment, not magical simplicity.

AI agents create an identity class that traditional human-centric IAM was never designed to govern. These systems can create workloads, request access, and chain actions autonomously, which means entitlement decisions must happen at machine speed. The result is a narrower decision window and a larger blast radius if the identity model is weak. Practitioners should assume every agent is a privileged workload until proven otherwise.

Machine identity scale is exposing the limits of manual controls. Once organisations move from dozens to thousands of identities, spreadsheets and one-off reviews fail to provide credible governance. The market is converging on lifecycle automation, stronger workload identity standards, and policy enforcement at runtime. Practitioners should re-evaluate any programme that still depends on manual secret tracking as its primary control.

Identity blast radius is the right way to think about the risk surface. The issue is not only how many secrets exist, but how far a single compromise can spread once an identity is reused across services and environments. That framing helps security leaders prioritise containment over cleanup alone. Practitioners should measure the blast radius of each NHI class before expanding automation.

From our research:

• 69% of organisations now have more machine identities than human ones, according to The Critical Gaps in Machine Identity Management report.
• 57% of organisations lack a complete inventory of their machine identities, which makes ownership and offboarding difficult to enforce.
• For a deeper control model, see Ultimate Guide to NHIs , Lifecycle Processes for Managing NHIs for a lifecycle view of provisioning, rotation, and removal.

What this signals

Identity sprawl is now a programme-level risk for every security team that depends on cloud services and automation. As machine populations expand, the practical challenge shifts from protecting a few privileged accounts to governing an entire identity estate with uneven ownership and short-lived access needs. The right response is not a one-time cleanup. It is a continuous operating model that combines discovery, entitlement review, and revocation discipline.

With 66% of identity professionals saying their current tooling is not adequate to manage the scale of machine identities they now have, the control gap is already visible. That gap will widen as AI agents create more transient access relationships and more machine-to-machine transactions. The programme implication is clear: teams need a policy model that can keep up with runtime change, not just an inventory spreadsheet.

Secret sprawl should be treated as a blast-radius problem. A single exposed credential can cascade across build systems, cloud workloads, and downstream services if ownership is unclear. For practitioners, that means prioritising containment, short-lived credentials, and runtime verification before investing in broader automation.

For practitioners

• Implement continuous secret discovery Scan source repositories, CI/CD pipelines, chat tools, and vaults for exposed API keys, tokens, and certificates, then assign each secret an owner and expiry date. Use the 52 NHI Breaches Analysis to prioritise the most common exposure paths.
• Migrate high-risk workloads to runtime identity Start with cloud-native services and short-lived jobs that currently depend on long-lived secrets, then replace those secrets with workload identity and attestable certificates. Use the SPIFFE workload identity specification as the technical reference for the identity model.
• Automate certificate renewal and offboarding Set policy-driven renewal windows, enforce revocation on workload retirement, and test failure handling before certificates reach expiry. The lifecycle process should cover provisioning, rotation, and removal as one control chain.
• Review agent permissions as privileged access Classify AI agents as non-human identities with execution authority, then apply least privilege, approval gates, and scoped task boundaries to every high-risk action. Revisit the Top 10 NHI Issues for control gaps that commonly drive overexposure.

Key takeaways

• Secret sprawl turns machine identities into persistent access paths unless ownership and expiry are enforced.
• Machine identity scale is now large enough that manual tracking cannot provide credible governance.
• Workload identity helps reduce credential exposure, but lifecycle automation remains the decisive control.

Key terms

• Secret sprawl: Secret sprawl is the uncontrolled spread of API keys, tokens, certificates, and service account credentials across code, tools, and environments. It creates governance gaps because no single team can reliably track ownership, rotation, or revocation once those credentials multiply.
• Workload identity: Workload identity is a method of authenticating services or automated processes using a cryptographically verifiable identity tied to runtime context. It reduces reliance on reusable secrets and lets systems prove who they are without exposing long-lived credentials.
• Machine identity lifecycle: Machine identity lifecycle is the full governance process for a non-human identity from creation to retirement. It includes provisioning, access scoping, rotation, renewal, offboarding, and auditability, and it fails when any one of those steps is handled manually or inconsistently.
• Identity blast radius: Identity blast radius is the amount of damage a single compromised credential or workload can cause before it is contained. In NHI environments, it depends on entitlement scope, reuse across services, and how quickly revocation and isolation can happen after exposure.

Deepen your knowledge

Secret sprawl, workload identity, and AI agent access are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are formalising governance for machine identities and autonomous workloads, it is worth exploring.

This post draws on content published by Palo Alto Networks: Why Secret Sprawl May Be Your Biggest Security Threat and How to Help Fix It. Read the original.