Notifications
Clear all
Topic starter
08/06/2026 4:49 pm
TL;DR: AI systems are often grouped into causal, predictive, generative, and agentic types, but the operational difference matters most when they start using tools and acting on behalf of systems, according to WorkOS. The real governance problem is that agentic behaviour changes identity assumptions, so IAM teams need to separate automation from autonomy before they overstate control coverage.
NHIMG editorial — based on content published by WorkOS: What is the difference between causal, predictive, generative, and agentic AI?
Questions worth separating out
Q: How should security teams govern AI systems that can act on their own?
A: Treat them as identity subjects only when they can independently choose actions, select tools, and execute without a human approval gate.
Q: What is the difference between generative AI and agentic AI for IAM teams?
A: Generative AI produces content, such as text or code, but does not necessarily act.
Q: When does an AI system become a non-human identity risk?
A: An AI system becomes an NHI risk when it can access credentials, invoke tools, or complete workflows that affect systems outside the model itself.
Practitioner guidance
- Separate model output from execution authority Allow causal, predictive, and generative systems to inform decisions, but require explicit approval before any tool call, deployment, or privileged change occurs.
- Classify AI systems by runtime behaviour, not label Document whether the system only produces content or can independently select actions, choose tools, and execute without a human approval gate.
- Map autonomous behaviour into lifecycle governance Assign owners, entitlement boundaries, logging requirements, and offboarding steps for systems that can act in their own right, especially when they interact with service accounts or secrets.
What's in the full article
WorkOS's full article covers the developer-oriented distinctions this post intentionally leaves at the governance layer:
- Code-level examples of causal, predictive, generative, and agentic system design
- Visual comparisons of model types for product and engineering teams
- Use-case framing for choosing the right model in application design
- Plain-language explanations aimed at developers deciding between AI patterns
👉 Read WorkOS's overview of causal, predictive, generative and agentic AI →
Causal, predictive, generative and agentic AI: are controls keeping up?
Explore further
08/06/2026 6:39 pm
Agentic AI is the first AI category that turns identity from a static permission model into a runtime decision problem. Causal, predictive, and generative systems can inform or produce, but they do not inherently create execution risk. Agentic systems do, because they move from output to action through tool use and sequential decisions. The practitioner implication is that governance must be tied to actor behaviour, not model branding.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to the Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which means many access reviews are working from partial inventory data rather than a complete entitlement picture.
A question worth separating out:
Q: Why do existing access review processes fall short for autonomous AI?
A: Access reviews assume privileges persist long enough to be observed, recertified, and removed later. Autonomous systems can acquire, use, and discard access within the same session or workflow, so the review cycle may never see the meaningful event. Governance needs runtime controls, not just periodic certification.
👉 Read our full editorial: Causal, predictive, generative and agentic AI: identity implications
