Yes. Procurement should include identity and lifecycle criteria alongside commercial and technical review. The key question is whether the vendor can prove least-privilege access, clear ownership, and rapid revocation across both human and non-human identities before the relationship becomes operationally dependent.
Why This Matters for Security Teams
AI-native software changes procurement because the real risk is no longer limited to features, uptime, or traditional vendor access. These systems may act autonomously, call tools, store secrets, and retain data in ways that create ongoing identity and revocation exposure. Procurement therefore needs to ask how the product authenticates agents, limits blast radius, and proves that access can be withdrawn quickly when the contract ends or the model behaviour changes.
This is especially important because secrets and credentials are often the weak link in AI-enabled environments. NHI Management Group research on The State of Secrets in AppSec shows that the average estimated time to remediate a leaked secret is 27 days, even though 75% of organisations express strong confidence in their secrets management. That gap matters when procurement is locking in a platform that may hold API keys, service tokens, or delegated access on day one. Aligning review to the NIST Cybersecurity Framework 2.0 helps procurement teams make identity governance part of supplier evaluation, not an afterthought.
In practice, many security teams discover identity sprawl and delayed revocation only after a platform has already become embedded in production workflows.
How It Works in Practice
Procurement criteria should move from generic security questionnaires to evidence-based questions about identity, privilege, and lifecycle control. For AI-native software, that means asking whether the vendor can show how each agent, integration, and backend service is uniquely identified, whether privileges are scoped to a task or session, and whether credentials are automatically revoked when the task completes. Current guidance suggests treating this as a supply-chain and runtime control problem, not just a due-diligence exercise.
Strong procurement language usually covers four areas:
Identity proof: Can the vendor distinguish human admins from non-human identities, and can it support workload identity rather than shared static accounts?
Least privilege: Are permissions role-based only, or can the platform enforce context-aware, just-in-time access for specific actions?
Secrets handling: Are API keys, tokens, and certificates short-lived, rotated automatically, and stored outside the application when possible?
Revocation and ownership: Who can disable access immediately, and how fast does the vendor prove deletion, token invalidation, and offboarding?
For implementation review, pair procurement checks with the DeepSeek breach lesson: once sensitive material is embedded in the system or supply chain, remediation becomes much harder than prevention. The vendor should be able to describe how it applies policy at request time, how it separates customer tenants, and how it logs agent actions for audit and incident response. The most useful external benchmark here is the NIST Cybersecurity Framework 2.0, because it reinforces governance, access control, and recovery as procurement-relevant capabilities rather than back-end implementation details.
These controls tend to break down when the product depends on long-lived shared credentials embedded in code, configuration, or third-party connectors because revocation becomes incomplete and slow.
Common Variations and Edge Cases
Tighter procurement criteria often increases sales-cycle friction and evaluation overhead, requiring organisations to balance speed to adoption against long-term control. That tradeoff is real, especially when the vendor is a fast-moving startup or the software is being used in a pilot environment with limited blast radius.
Best practice is evolving for AI-native software, so there is no universal standard for this yet. Some products expose strong identity and secret management controls, while others rely on platform-managed wrappers that obscure where privilege really lives. Procurement should treat those differences explicitly rather than assuming all AI tools are equally governable. If a vendor cannot explain workload identity, ephemeral credentialing, and rapid offboarding in plain operational terms, that is a signal to narrow scope or require compensating controls.
Edge cases also matter. A read-only summarisation tool may justify lighter controls than an agent that can send messages, trigger workflows, or modify records. Likewise, environments with regulated data, cross-tenant integrations, or delegated admin access need stronger evidence than low-risk internal use cases. The practical test is not whether the product uses AI, but whether it can prove that identity and privilege remain bounded as the system scales. NHI Management Group research on the State of Secrets in AppSec underscores why: secret handling failures persist even in mature organisations, so procurement must assume leakage and design for fast containment.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and CSA MAESTRO address the attack and risk surface, while NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Procurement should verify NHI credential rotation and revocation capabilities. |
| CSA MAESTRO | TRM | MAESTRO addresses trust, runtime control, and agent lifecycle governance. |
| NIST AI RMF | AI RMF governance supports procurement accountability for autonomous AI systems. |
Require vendors to prove short-lived, rotatable NHI credentials with documented offboarding.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 7, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
