TL;DR: AI agents now retrieve secrets autonomously, workloads authenticate continuously, and shadow vaults expand the identity-to-secret attack surface, according to AuthMind. Static IAM and vault policy checks no longer provide enough visibility across identity, vault, secret, and workload behaviour, making end-to-end observability the governance gap that matters.
NHIMG editorial — based on content published by AuthMind: analysis of identity-to-secret attack paths in AI-driven environments
By the numbers:
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.
- 91% of former employee tokens remain active after offboarding, leaving organisations vulnerable to potential security breaches.
Questions worth separating out
Q: How should security teams govern secrets after they leave the vault?
A: Security teams should treat retrieval as the start of the control problem, not the end.
Q: Why do shadow vaults create such a large governance gap?
A: Shadow vaults break ownership, lifecycle control, and monitoring at the same time.
Q: What do security teams get wrong about secret rotation?
A: They often focus on the rotation event and ignore where the secret is copied, reused, or embedded afterwards.
Practitioner guidance
- Map the full identity-to-secret chain Correlate identity, vault, secret, and workload telemetry so you can see where access originates, how it is retrieved, and where the secret is used after retrieval.
- Discover shadow vaults and unmanaged secrets managers Continuously inventory credential stores across cloud and SaaS environments, then bind each instance to an owner, lifecycle process, and approved control path.
- Review role assumption against actual secret use Compare assumed-role entitlements with the secrets actually retrieved and the workloads that consume them, especially where human operators may sit behind machine credentials.
What's in the full article
AuthMind's full analysis covers the operational detail this post intentionally leaves for the source:
- How AuthMind correlates cloud, endpoint, and identity signals to validate real vault access paths
- The specific detection logic for shadow vaults, unmanaged secrets managers, and unexpected authentication routes
- Examples of how role assumption, secret retrieval, and workload execution are chained together in practice
- The full set of behaviours AuthMind uses to surface reused, hardcoded, expired, and orphaned secrets
👉 Read AuthMind's analysis of AI-driven identity-to-secret attack paths →
AI agents, vaults, and secrets: what identity teams are missing?
Explore further
Identity truth is now the governing model for AI-era access. Static policy has never been enough to prove what an identity really did after authentication, and that gap is now visible across vaults, secrets, and workloads. When agents and workloads can retrieve and reuse secrets continuously, security decisions must be grounded in observed behaviour rather than assumed entitlement. Practitioners should treat behavioural identity truth as the baseline for governance, not an advanced capability.
A few things that frame the scale:
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security, according to the 2026 Infrastructure Identity Survey.
- Another finding from the 2025 State of NHIs and Secrets in Cybersecurity shows that 60% of NHIs are being overused, with the same NHI utilised by more than one application.
A question worth separating out:
Q: How do IAM and PAM teams know whether vault governance is actually working?
A: Vault governance is working only when each credential store has a known owner, approved access path, and traceable relationship to the identities and workloads that use it. If unexpected paths, unmanaged stores, or unaccounted retrievals remain, the control model is still partial.
👉 Read our full editorial: Identity truth for AI agents and vaults is now the control plane