Notifications
Clear all
Topic starter
04/06/2026 3:03 pm
TL;DR: As AI agents spread across SaaS, cloud, and internal services, organisations are struggling to discover what identities they use, what data they touch, and who owns them, according to Oasis Security. The core issue is no longer model access but identity visibility and lifecycle control across agent-driven actions.
NHIMG editorial — based on content published by Oasis Security: How to discover, map, and secure AI Identities
By the numbers:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%).
- When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes and as quickly as 9 minutes in some cases.
Questions worth separating out
Q: How should security teams inventory AI agents before granting production access?
A: Start by building a register that links each agent to its owner, the identities it uses, the systems it can reach, and the data it can touch.
Q: Why do AI agents create more identity risk than traditional automation?
A: Because agents combine access, decision-making, and tool use in ways that can expand scope during runtime.
Q: What breaks when AI agents have no clear owner?
A: Lifecycle control breaks first, followed by revocation, review, and accountability.
Practitioner guidance
- Inventory every AI agent and its identities Build a live register of agents, the tokens or service accounts they use, the systems they can reach, and the business owner responsible for each one.
- Link agent ownership to lifecycle control Require named accountability for creation, scope changes, exceptions, and decommissioning so agent identities do not persist after the use case changes.
- Score agent risk from actual access paths Assess each agent by what data it touches, which permissions it inherits, and whether its behaviour matches approved use.
What's in the full article
Oasis Security's full blog covers the operational detail this post intentionally leaves for the source:
- How Oasis models discovery across SaaS, cloud, local deployments, and the NHIs those agents leverage
- The seven-pillar access-management framework, including ownership attribution, credential hygiene, and threat detection
- Examples of the dynamic risk scoring logic used to surface anomalous or high-risk agent behaviour
- The platform's account of how vendor trust monitoring and continuous risk improvement fit into AI lifecycle governance
👉 Read Oasis Security's analysis of how to discover and secure AI identities →
AI identities and ownership gaps: what IAM teams need to know?
Explore further
04/06/2026 3:16 pm
AI identity sprawl is now a governance problem, not a model-management problem. The source article is right to focus on visibility because the real attack surface is the collection of identities agents use to act. When agents inherit tokens, service accounts, and embedded permissions, the programme is no longer managing one model but many reachable identity endpoints. That shifts the control question from model approval to identity inventory and relationship mapping. Practitioners should treat agent discovery as the first line of NHI governance.
A few things that frame the scale:
- 98% of companies plan to deploy even more AI agents within the next 12 months, despite documented rogue behaviour in 80% of current deployments, according to AI Agents: The New Attack Surface report.
- That same research found that 92% agree governing AI agents is critical to enterprise security, yet only 44% have implemented any policies to do so.
A question worth separating out:
Q: How do organisations know if AI identity governance is working?
A: They should be able to answer three questions quickly: which agents exist, which credentials each one uses, and who is accountable for each identity’s lifecycle. If any of those answers require manual searching across teams, the governance model is still incomplete and the environment remains difficult to audit.
👉 Read our full editorial: Discovering and securing AI identities before governance drifts
