AI agent identity risk: are your IAM controls keeping up?

TL;DR: AI agents are frequently over-privileged, unmanaged, and difficult to monitor, with AuthMind reporting that about 65% of AI apps and services in enterprise environments sit outside IdP, PAM, or secrets tools and nearly 50% are unknown to security teams. The real governance break is that static access models assume agent behaviour stays stable, but runtime drift and compromise turn provisioned access into a moving attack surface.

NHIMG editorial — based on content published by AuthMind: LLMjacking: How Attackers Hijack AI Using Compromised NHIs

By the numbers:

• Roughly 65% of AI apps and services in enterprise environments are unmanaged, operating outside any IdP, PAM solution, or secrets manager.
• Nearly 50% are unknown to the security team entirely.

Questions worth separating out

Q: How should security teams govern AI agents that have broad access?

A: Security teams should treat AI agents like high-risk non-human identities and assign only the minimum access needed for the exact tasks they perform.

Q: Why do unmanaged AI agents create a larger risk than managed ones?

A: Unmanaged AI agents are harder to audit, revoke, and contain because no one can reliably answer who owns them, what they can reach, or whether they still need access.

Q: What do security teams get wrong about AI agent permissions?

A: Teams often assume that permissions are safe if the agent was approved at deployment.

Practitioner guidance

• Inventory every production AI agent Build a live register of deployed agents, their owners, connected systems, secrets, and whether each one sits inside IdP, PAM, or a secrets manager.
• Trim standing privilege to task scope Review agent permissions against the actual actions the system performs and remove broad access that exists only for deployment convenience.
• Monitor secret retrieval and downstream use Track when agents retrieve secrets, which systems those secrets reach, and whether the resulting activity matches the original authorisation context.

What's in the full article

AuthMind's full analysis covers the operational detail this post intentionally leaves for the source:

• Deployed-agent inventory patterns, including how to tie agents to owners, systems, and secret stores.
• Observed credential and vault access paths that determine whether an agent can drift outside its intended scope.
• Multi-agent propagation scenarios showing how a compromised agent can influence downstream workflows.
• Machine-speed attack patterns that help teams tune behavioural monitoring and detection thresholds.

👉 Read AuthMind's analysis of AI agent identity risk and compromised NHI exposure →

AI agent identity risk: are your IAM controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →