Zero trust for workloads and AI agents: are your controls keeping up?

TL;DR: Workloads, service accounts and AI agents still rely on static secrets even as machine identities outnumber humans by 82 to 1 in the average enterprise, according to CyberArk and Aembit’s analysis, leaving traditional zero trust controls unable to govern runtime access. Static credential assumptions break once agents choose resources and timing autonomously, so identity-first, ephemeral and continuous controls become the baseline.

NHIMG editorial — based on content published by Aembit: Zero trust for workloads and AI agents

By the numbers:

• Machine identities outnumber human identities by 82 to 1 in the average enterprise.
• 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation.

Questions worth separating out

Q: How should security teams implement zero trust for workloads and AI agents?

A: Start by giving each workload or agent a verifiable runtime identity, then enforce request-level policy and issue short-lived credentials only after the identity and context checks pass.

Q: Why do static secrets create more risk for non-human identities than for human users?

A: Static secrets are copied easily, persist across environments and often outlive the workload that first used them.

Q: What breaks when network controls are used instead of request-level policy for machine access?

A: Network controls can tell you where traffic can flow, but they cannot decide whether a specific workload should call a specific API at a specific moment.

Practitioner guidance

• Map every non-human identity to an owner and a runtime boundary Inventory service accounts, CI/CD identities, API keys and agent credentials together, then assign explicit ownership, scope and expiry conditions.
• Replace shared secrets with attested workload identity Use platform-native attestation, federation and short-lived tokens so the workload proves provenance at request time instead of relying on stored keys in files, variables or build systems.
• Enforce request-level policy at the application boundary Move authorisation decisions closer to APIs and services so policy can consider identity, resource sensitivity and current posture before each request is allowed.

What's in the full article

Aembit's full article covers the operational detail this post intentionally leaves for the source:

• How the policy engine, policy administrator and policy enforcement point map to workload access decisions.
• The attestation methods used for Kubernetes, cloud instances and CI/CD identity federation.
• How ephemeral credential issuance works in practice across clouds and SaaS platforms.
• The posture signals and audit artefacts Aembit says it evaluates for conditional access.

👉 Read Aembit's analysis of zero trust for workloads and AI agents →

Zero trust for workloads and AI agents: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →