Growing Security Risks from Non-Human Identities and AI Agents

First reported

22.09.2025 14:00

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Non-human identities (NHIs), including service accounts, API tokens, and AI agents, are proliferating in enterprise environments, creating significant security risks. These identities often lack clear ownership, oversight, and proper security controls, making them attractive targets for attackers. The rise of AI agents, in particular, introduces new challenges due to their autonomous behavior and broad permissions. Security teams are increasingly recognizing the need for proactive governance and unified identity management to mitigate these risks. The rapid growth of cloud-first architectures and AI adoption has led to a surge in NHIs, many of which are created automatically and operate with minimal visibility. This lack of oversight results in over-permissioned identities, orphaned accounts, and a growing attack surface that is difficult to manage manually. Traditional identity tools are inadequate for handling NHIs, leading to blind spots and potential security breaches.

Timeline

22.09.2025 14:00 1 articles · 7d ago

Security Risks from Non-Human Identities and AI Agents Highlighted
The growing use of non-human identities (NHIs) and AI agents in enterprise environments has been identified as a significant security risk. These identities often lack clear ownership, oversight, and proper security controls, making them attractive targets for attackers. The rise of AI agents, in particular, introduces new challenges due to their autonomous behavior and broad permissions. Security teams are increasingly recognizing the need for proactive governance and unified identity management to mitigate these risks. Traditional identity tools are inadequate for handling NHIs, leading to blind spots and potential security breaches. Modern identity platforms and an identity security fabric can help address these issues by providing visibility, control, and automated governance for NHIs.
Show sources

How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
Open in new tab

Information Snippets

Non-human identities (NHIs) outnumber human users by more than 80 to 1 in many organizations.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
AI agents initiate actions autonomously, often with broad permissions and little oversight.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
Many NHIs are created automatically during deployment or provisioning, leading to a lack of clear ownership.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
Service accounts are often over-permissioned and can be used for lateral movement and privilege escalation.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
AI agents lack clear ownership, follow no standard lifecycle, and offer little visibility into their behavior.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
Traditional identity tools are ineffective for managing NHIs due to their lack of intent, context, and ownership.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
Orphaned identities remain active and vulnerable, creating security risks and compliance issues.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
Modern identity platforms can scan environments to surface hidden tokens and unmanaged service accounts.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
Automating governance and lifecycle management for NHIs helps prevent orphaned accounts and ensures access control.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00
An identity security fabric consolidates all identities under a single control plane, reducing blind spots and improving response times.
First reported: 22.09.2025 14:00

1 source, 1 article
Show sources
- How to Gain Control of AI Agents and Non-Human Identities — thehackernews.com — 22.09.2025 14:00

Summary

Timeline

Security Risks from Non-Human Identities and AI Agents Highlighted

Information Snippets