Notifications
Clear all
Topic starter
22/06/2026 10:04 am
TL;DR: Two infrastructure blind spots can hand attackers rapid access to domain-level control: misconfigured Active Directory Certificate Services and AI agents deployed with broad file, system, and identity access, according to Netwrix. Both expose how trusted defaults and plaintext credential sprawl can outrun audit and audit-ready governance.
NHIMG editorial — here’s why we think this discussion matters
Questions worth separating out
A: When certificate services are treated as ordinary infrastructure, organisations miss that they can mint high-trust credentials and shortcut normal access controls.
Q: Why do broadly deployed AI agents create identity risk even when they are not fully autonomous?
A: Broadly deployed AI agents create risk because they inherit access to files, systems, and identity infrastructure, then carry secrets that may be exposed in plaintext or through weak workflow controls.
Practitioner guidance
- Map trust-issuing systems as privileged assets Inventory certificate services, agent platforms, and identity-integrated workflows that can create or relay access.
- Review certificate template authority Audit which administrators can edit templates, approve enrollment, and influence certificate-based authentication.
- Remove plaintext secrets from agent workflows Trace every token, API key, and credential exposed to employee-built AI agents and move them out of plaintext storage, browser memory, shared docs, and reusable prompt context.
What to expect at the briefing
Netwrix's full webinar series covers the operational detail this post intentionally leaves for the source:
- Walkthroughs of how misconfigured AD CS templates become a domain compromise path in Windows environments.
- Practical examples of the certificate trust path behind Windows Hello for Business and 802.1X deployments.
- Discussion of how employee-deployed AI agents expose files, systems, and identity infrastructure.
- Speaker-led guidance on how plaintext credential sprawl appears in real operational workflows.
👉 Watch Netwrix's webinar series on AD CS blind spots and AI agent identity risk →
AI agents and AD CS: what identity teams are missing?
Explore further
22/06/2026 10:49 am
Trusted infrastructure is now a privilege escalation surface, not a passive backbone. AD CS and AI agents look different operationally, but both exploit the same governance gap: a component that is treated as infrastructure rather than as a high-risk identity issuer. When a backbone system can mint or relay trust, every misconfiguration becomes a privilege event. The practitioner lesson is to classify such systems as control planes, not utilities.
A few things that frame the scale:
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to the 2026 Infrastructure Identity Survey.
- Another finding from our research shows that only 44% of organisations have implemented any policies to manage their AI agents, even though 92% agree governing AI agents is critical to enterprise security.
A question worth separating out:
Q: Who should own governance when AI agents or certificate services can accelerate privilege?
A: Ownership should sit with identity, security architecture, and platform teams together, because these systems sit at the boundary between issuance and access. If no one is accountable for who can create trust, then recertification becomes reactive and incomplete. The right control question is who can grant authority, not only who can use it.
👉 Read our full editorial: AI agents and AD CS expose the same trust blind spots
