Notifications
Clear all
Topic starter
06/06/2026 2:08 am
TL;DR: AI agents are moving faster than workforce IAM can govern: long-lived credentials, session-only authorization and weak delegation tracking leave organisations exposed, according to Aembit’s analysis. The governing assumption is breaking, because many identity controls still assume access is stable long enough to be reviewed, certified or revoked after the fact.
NHIMG editorial — based on content published by Aembit: AI agent identity governance and workload access patterns
By the numbers:
- vendors report non-human-to-human identity ratios ranging from 50:1 to 144:1, with that last figure representing a 44% year-over-year increase.
Questions worth separating out
Q: How should security teams govern AI agents that use multiple tools?
A: Treat AI agents as workload identities with their own lifecycle, not as extensions of human sessions.
Q: Why do static credentials create more risk for AI agents than for traditional workloads?
A: AI agents execute quickly, can chain actions across systems and may terminate before manual review ever happens.
Q: What breaks when an agent spawns subagents without chain-level identity tracking?
A: Accountability breaks down because the organisation can no longer prove which actor initiated the task, which subagent acted and under whose authority each step occurred.
Practitioner guidance
- Inventory agent-facing access paths first Map every database, API, CI/CD pipeline and MCP endpoint that an AI agent can reach, then separate those paths from general service-account access so they can be governed as a distinct identity class.
- Eliminate long-lived secrets from agent workflows Replace hardcoded keys, persistent tokens and shared service-account passwords with short-lived credentials that are issued at task time and revoked automatically after use.
- Track delegation context across every hop Log the initiating user, the top-level agent, each subagent, the resource touched and the scope granted at each handoff so incident response can reconstruct the full chain of custody.
What's in the full article
Aembit's full analysis covers the operational detail this post intentionally leaves for the source:
- A step-by-step explanation of how blended identity is used to tie an agent action back to both the autonomous actor and the human authoriser.
- Implementation detail on token exchange and scoped credential delivery for MCP-based architectures.
- Examples of how runtime policy decisions are applied per request rather than only at session start.
- A closer look at how short-term credentials and attestation fit into a non-human IAM control plane.
👉 Read Aembit's analysis of AI agent identity governance and workload access →
AI agent identity risk: are your IAM controls keeping up?
Explore further
06/06/2026 3:38 am
Legacy IAM’s session-first model is no longer a safe default for AI agents. Human IAM assumes a person logs in, completes work and then leaves a stable audit trail behind. Autonomous agents do not behave that way, because they can sequence actions, select tools and terminate before a human-style review cycle ever starts. The implication is that identity governance must stop treating agent access as a faster version of workforce access.
A few things that frame the scale:
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to AI Agents: The New Attack Surface report.
- Our research also found that 80% of organisations report AI agents have already acted beyond intended scope, including unauthorised system access and sensitive-data sharing.
A question worth separating out:
Q: How do AI agent controls differ from normal IAM session controls?
A: Normal session controls assume a stable subject and a reviewable access window. AI agent controls need continuous verification, per-request policy and delegation-aware logging because access may be acquired, used and discarded within a single task.
👉 Read our full editorial: AI agent identity governance is outpacing legacy IAM controls
