Notifications
Clear all
Topic starter
06/06/2026 1:51 am
TL;DR: AI-agent adoption rose 840x year over year and copilot agent creation grew 1,767% in Oasis Security’s analysis, underscoring that agents now create access surfaces traditional IAM was not built to govern. Access review assumptions break when agents run continuously, delegate dynamically, and act outside human approval loops.
NHIMG editorial — based on content published by Oasis Security: The Agentic Access Management Framework: A Standard for Governing Agentic Access
By the numbers:
- Our Fortune 500 customers data shows AI-agent adoption up 840x YoY from July 2024 to July 2025.
- At this pace, large enterprises will see agents outnumber employees by the end 2025.
Questions worth separating out
Q: How should security teams govern AI agents that access enterprise systems?
A: Security teams should govern AI agents as non-human identities with explicit ownership, task-scoped privilege, credential lifecycle controls, and runtime monitoring.
Q: Why do AI agents create more access risk than normal automation?
A: AI agents create more access risk because they can make runtime decisions, select tools, and chain actions without being bound to a fixed script.
Q: What breaks when agent identities rely on hardcoded API keys?
A: Hardcoded API keys turn agent access into long-lived credential exposure, which increases the chance of reuse, leakage, and difficult revocation.
Practitioner guidance
- Map every agent to an accountable owner Assign a named business and technical owner to each agent, including copilots, plugins, and connectors.
- Replace static secrets with federated access paths Remove hardcoded API keys and embedded tokens from agent workflows where possible, and move those identities to vault-backed or federated trust models.
- Limit agent privilege to task-scoped boundaries Constrain each agent to the minimum data sources, tools, and actions needed for its current purpose.
What's in the full article
Oasis Security's full blog covers the operational detail this post intentionally leaves for the source:
- A seven-pillar framework with discovery, ownership, credential hygiene, trust management, monitoring, and continuous improvement.
- The AAM Self-Assessment flow that turns the framework into a 10-question maturity benchmark and action plan.
- Examples of how the framework maps to IAM, PAM, and cloud-native tooling in practice.
- The incident themes Oasis Security says it observed across enterprise agent deployments, including shadow AI and monitoring blind spots.
👉 Read Oasis Security’s framework for governing agentic access →
Agentic access management framework: what IAM teams need to know?
Explore further
06/06/2026 3:13 am
Agentic access governance is now an identity discipline, not a niche AI control problem. The article is right to frame access as the core issue because every agent, connector, and plugin introduces a new non-human identity with some degree of delegated authority. That pushes the problem squarely into IAM, PAM, and NHI governance rather than treating it as a separate AI operations concern. Practitioners should treat agent inventory and privilege mapping as part of core identity architecture, not an optional overlay.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
- Only 44% of organisations have implemented policies to govern AI agents, even though 92% agree that agent governance is critical to enterprise security.
A question worth separating out:
Q: How do organisations know if agent governance is actually working?
A: Agent governance is working when every agent is discoverable, owned, least privileged, and auditable at the action level. Look for reduced shadow AI, fewer embedded secrets, clean revocation on retirement, and logs that show which tools and data paths were used. If those signals are missing, governance is still partial.
👉 Read our full editorial: Agentic access governance needs a new framework for AI identities
