All news with #non human identity tag

🔒 Semperis finds that 93% of global organizations use or plan to use AI agents for security tasks such as password resets and VPN access, while 92% report AI on endpoints with SSH and encryption key access. The survey of 1,100 organizations warns of over‑permissioned and abandoned 'zombie' non‑human identities that increase hijack risk. Semperis recommends treating agents as NHIs, enforcing least‑privilege, and improving observability and recovery readiness.

🛡️ Identity management is changing as AI agents introduce a new class of non‑human identities that can act, decide, and access resources at machine speed. Experts including Dustin Wilcox and Michael Adams recommend an identity-first security posture built on clean directories, enforced least privilege, and clear offboarding. They warn that legacy models and inventory processes won’t track proliferating tokens and agents, so organizations should catalog non‑human identities, assign ownership, and treat MFA as a baseline while moving toward phishing‑resistant methods and continuous verification.

🔒 An underscoped built-in role in Microsoft Entra ID, Agent ID Administrator, allowed users to assume ownership of arbitrary service principals and then add credentials to authenticate as those principals, enabling full service principal takeover. Silverfort researchers, led by Noa Ariel, reported the vulnerability on March 1, 2026, and Microsoft issued a patch across all cloud environments on April 9, 2026. After the update, attempts to assign ownership of non-agent service principals using the role are blocked and return a 'Forbidden' error. Organizations are advised to monitor sensitive role usage, audit service principal ownership and credential changes, and secure privileged non-human identities.

🔐 Cloudflare announces updates to secure non-human identities—agents, scripts, and third-party tools—by enhancing credential detection, OAuth visibility, and resource-scoped RBAC. New scannable token formats (with identifiable prefixes and checksums) and integration with GitHub Secret Scanning enable rapid verification and automated revocation of leaked tokens. Cloudflare One DLP extends prevention across network, email, SaaS, and AI traffic. The Dashboard now surfaces connected OAuth apps and permissions to simplify review and revocation.

⚠ The SANS Institute warns that rapid adoption of agentic AI is outpacing security controls, driving a 76% rise in non-human identities (NHIs) such as service accounts, API keys and automation bots. Based on interviews with more than 500 security professionals for the 2026 State of Identity Threats & Defenses Survey, SANS identified widespread credential hygiene failings and a surge in agent-linked NHIs that can double or triple in number. The report highlights that many organizations do not rotate machine credentials on a 90-day cycle and lack coordinated AI governance, and recommends secrets vaults, automated rotation and scoped least-privilege access to mitigate risk.

🔒 SpyCloud's 2026 Identity Exposure Report details a structural shift in credential theft, reporting a 23% increase in its recaptured datalake to 65.7B distinct identity records. Attackers are increasingly targeting non-human identities — exposed API keys, session tokens and AI-linked credentials — which often lack MFA and rotate infrequently. The report also flags large volumes of phished records, session artifacts, and malware-exfiltrated data that enable persistent, scalable access across cloud and enterprise environments.

🔐 The article explains how Model Context Protocol (MCP)-driven AI agents are rapidly moving from chat assistants into enterprise workflows, creating an emergent class of non-human identities that often evade traditional IAM controls. It warns these agents gravitate to low-friction credentials—local accounts, long-lived tokens, and API keys—creating pervasive “identity dark matter.” The piece recommends pairing agents with human sponsors, enforcing dynamic, context-aware access, centralizing visibility and auditability, and applying consistent governance across hybrids to prevent privilege drift and regulatory blind spots.

🔐 In late 2025, Flare researchers discovered over 10,000 Docker Hub images containing exposed production secrets — from API keys and cloud tokens to CI/CD credentials and AI model access tokens. The report frames non-human identities — tokens, service accounts and workload identities — as persistent, highly privileged artifacts that often outlive their creators and bypass traditional controls. It highlights incidents including the Snowflake breach, a long-lived Home Depot GitHub token exposure, and a Red Hat GitLab compromise, and urges teams to adopt automated secret scanning, short-lived credentials, and continuous monitoring of public registries.

🔒 Early agentic AI experiments have exposed a rapidly expanding cybersecurity problem: enterprises are accumulating vast numbers of non-human identities (NHIs)—service accounts, tokens, API keys and automation credentials—that security teams largely cannot see or govern. Analysts predict counts will jump from millions to tens of millions within months, driving visibility into these assets into the single digits. Experts recommend containment and segmentation of legacy NHIs, strict ownership, and a clean-slate approach to provisioning future agents rather than attempting perfect retroactive inventories.

🔐 Non-human identities — service accounts, API keys, automation credentials and AI agents — are proliferating across cloud environments and often sit outside governance, creating high-risk blind spots. The author recounts finding a dormant Azure service account with owner-level access and dozens of similar accounts, and cites industry data showing machine-to-human ratios of up to 500:1. He recommends continuous discovery, strict least-privilege defaults, elimination of static credentials and automated rotation to reduce this primary breach vector.

🛡️ Non-human employees — bots, AI agents, service accounts and automation scripts — are expanding enterprise attack surfaces as organizations scale AI and cloud automation. NHIs often live outside traditional IAM and frequently hold over-permissioned standing access and static credentials, making them attractive targets. The article recommends applying zero-trust, enforcing least-privilege and Just-in-Time access, and adopting ephemeral secrets and automated rotation. It highlights secrets and Privileged Access Management solutions such as KeeperPAM to centralize secrets, monitor privileged sessions, and make machine identities auditable and manageable at scale.

🔍 Identity has fragmented across SaaS, on‑prem, IaaS, PaaS and unmanaged apps, creating an invisible mass of ungoverned accounts and non‑human identities the author calls identity dark matter. Traditional IAM and IGA address only the nearly managed half of this universe, while APIs, bots, service accounts and agent‑AI remain unobserved and ungoverned. Orchid Security recommends shifting from configuration‑based controls to Identity Observability: collect telemetry from every application, unify audit trails, and extend governance across managed, unmanaged, and agent‑AI identities to achieve measurable visibility and faster response.

🤖 Robotic Process Automation (RPA) bots are rapidly becoming first‑class Non‑Human Identities (NHIs) that streamline provisioning, deprovisioning and credential handling while reducing human error. Left unmanaged, bot identities and embedded secrets expand the attack surface and enable privilege misuse or lateral movement. Organizations should treat bots like human users — using secrets managers, PAM, JIT access and unified IAM with Zero Trust controls to preserve least‑privilege and maintain auditability.

🔐 Rubrik Zero Labs warns that the rise of agentic AI has created a widening gap between an expanding identity attack surface and organizations’ ability to recover from compromises. Their report, Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats, finds 89% of organizations have integrated AI agents and estimates NHIs outnumber humans roughly 82:1. The authors call for comprehensive identity resilience—beyond traditional IAM—emphasizing zero trust, least privilege, and lifecycle control for non-human identities.

🔒 This roundup profiles ten cybersecurity startups founded in 2020 or later that CISOs should watch, chosen for funding, leadership, customer traction, and strategic clarity. It highlights diverse categories including non-human identity, software supply chain, data security posture, and AI agent security. Notable vendors such as Astrix, Chainguard, Cyera, and Drata have raised substantial capital and achieved rapid enterprise adoption. The list underscores investor enthusiasm and the rise of runtime‑focused and agentic defenses.

🔐 Enterprises are struggling to secure thousands of non-human identities—service accounts, API tokens, and increasingly autonomous AI agents—that proliferate across cloud and CI/CD environments without clear ownership. These NHIs often use long-lived credentials, lack contextual signals for adaptive controls, and become over-permissioned or orphaned, creating major lateral-movement and compliance risks. The article recommends an identity security fabric—including discovery, risk-based privilege management, automated lifecycle policies, and integrations such as Okta with AWS—to regain visibility and enforce least-privilege at scale.

🔒 Astrix introduces the industry's first Agent Control Plane (ACP) to enable secure-by-design deployment of autonomous AI agents across the enterprise. ACP issues short-lived, precisely scoped credentials and enforces just-in-time, least-privilege access while centralizing inventory and activity trails. The platform streamlines policy-driven approvals for developers, speeds audits for security teams, and reduces compliance and operational risk by discovering non-human identities (NHIs) and remediating excessive privileges in real time.