Notifications
Clear all
Topic starter
12/06/2026 9:48 pm
TL;DR: Most organisations now have more non-human identities than people, yet many lack visibility into what exists or whether access is appropriate; Delinea says first scans typically uncover hundreds of unmanaged machine and AI identities within hours. The governance problem is no longer inventory alone, but which hidden identities carry the largest blast radius and fastest attack path.
NHIMG editorial — here’s why we think this discussion matters
Questions worth separating out
Q: How should security teams inventory hidden machine and AI identities?
A: Start by aggregating identity data from cloud platforms, SaaS tools, directories, CI/CD systems, and secrets stores into one operational view.
Q: Why do unmanaged service accounts increase breach risk?
A: Unmanaged service accounts often retain standing access, broad permissions, and weak ownership, which makes them easy to overlook and hard to contain.
Practitioner guidance
- Inventory hidden identities across all control planes Pull identity data from cloud accounts, SaaS apps, directories, CI/CD pipelines, and secrets stores into one governed view.
- Prioritise remediation by privilege and blast radius Score newly discovered identities by access scope, production reach, and dependency on privileged secrets.
- Attach ownership to every discovered NHI Require a named owner, purpose, and expiry or review cadence for each machine or AI identity.
What to expect at the briefing
Delinea's full session covers the operational detail this post intentionally leaves for the source:
- A live walkthrough of identity discovery workflows across hybrid and cloud environments for teams ready to implement rather than plan.
- Practical examples of how hidden machine and AI identities surface in environments with existing IAM tooling already in place.
- Risk-prioritisation methods that separate low-value inventory noise from identities with real privilege exposure and blast radius.
- Board- and audit-friendly framing for explaining what was found, what it means, and what to do next.
👉 Read Delinea's session on hidden identity discovery across human, machine, and AI →
Hidden machine and AI identities: what IAM teams need to do?
Explore further
13/06/2026 12:07 am
Hidden identity risk is now an inventory failure, not a niche credential problem. The article’s central point is that service accounts, APIs, bots, and AI agents now outnumber human identities in many environments, which makes traditional directory-centric control incomplete. That gap matters because the identities most likely to be forgotten are often the ones with standing access and unclear ownership. Practitioners should treat identity discovery as a foundational control rather than a reporting exercise.
A few things that frame the scale:
- 88.5% of organisations acknowledge that their non-human IAM practices lag behind or are merely on par with their human identity and access management efforts, according to The 2024 Non-Human Identity Security Report.
- Only 19.6% of security professionals express strong confidence in their organisation's ability to securely manage non-human workload identities, according to The 2024 Non-Human Identity Security Report.
A question worth separating out:
Q: How do organisations keep an identity inventory current after the first scan?
A: Tie discovery to lifecycle processes so new identities trigger ownership assignment, review, and offboarding checks as part of normal operations. Continuous inventory matters because workloads, bots, and AI agents appear faster than annual or quarterly review cycles can capture them.
👉 Read our full editorial: Identity discovery now includes machine and AI accounts at scale
