TL;DR: Non-human identities now outnumber human users by 45:1, and Token Security argues that remediation is the hardest NHI security problem because revoking credentials or changing permissions can break workloads, deployments, and pipelines, according to Token Security. The real governance gap is not discovery but trusted remediation that preserves operational continuity.
NHIMG editorial — based on content published by Token Security: Why Remediation is the Hardest Problem in NHI Security
By the numbers:
- In the modern enterprise, non-human identities now outnumber human users by an astonishing 45:1.
- 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation.
Questions worth separating out
Q: What breaks when NHI remediation is attempted without dependency visibility?
A: Remediation fails when teams cannot see which workloads, pipelines, and integrations depend on a credential or permission.
Q: Why do service accounts and workload identities make remediation harder than human account fixes?
A: Service accounts and workload identities are embedded in runtime systems, code, and automation, so their access is often shared across processes rather than owned by one person.
Q: How can security teams know if NHI remediation is actually working?
A: Look for safe change outcomes, not just fewer findings.
Practitioner guidance
- Map consuming systems before changing NHI access Build a dependency view for each high-value service account, API key, token, or certificate before rotation or revocation.
- Classify remediation by operational blast radius Separate low-risk hygiene fixes from changes that can interrupt production workloads.
- Require machine-readable remediation instructions Convert high-frequency identity fixes into structured runbooks that can be executed consistently by operations and security teams.
What's in the full article
Token Security's full blog covers the operational detail this post intentionally leaves for the source:
- A contextual NHI Risk Graph workflow showing how the platform traces ownership, consumption, and runtime behaviour before remediation.
- Machine-readable remediation instruction generation for permissions changes, credential rotation, and policy enforcement.
- Examples of how the platform models downstream impact before offboarding an orphaned service account or revoking access.
- The integrations used to collect signals from CSPs, IAM systems, IdPs, vaults, logs, and configuration sources.
👉 Read Token Security's analysis of why NHI remediation is the hardest security problem →
NHI remediation risk: why fixing access breaks production?
Explore further
Remediation trust debt is the real NHI governance problem. Discovery creates inventory, but inventory does not create confidence that a change can be made safely. When teams cannot see which systems depend on a service account or secret, every remediation action becomes a production-risk decision, not a security decision. The practical conclusion is that NHI governance must measure safe changeability, not just asset count.
A few things that frame the scale:
- 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities, according to The State of Non-Human Identity Security.
A question worth separating out:
Q: What is the difference between finding an NHI issue and fixing it safely?
A: Finding an issue tells you that a secret, account, or permission is risky. Fixing it safely means changing that identity without breaking the systems that rely on it. The second step requires dependency knowledge, rollback planning, and operational validation, which is why remediation is a governance problem as much as a security one.
👉 Read our full editorial: Remediation is the hardest problem in NHI security