Identity Sprawl Driven by Non-Human and Ephemeral Cloud Identities
Security teams are reporting a growing loss of certainty in identity and access management as enterprises accumulate large numbers of poorly governed identities across cloud platforms, CI/CD pipelines, and automation frameworks. The reporting describes this as identity sprawl—a systemic drift where identity creation, usage, and governance fall out of sync with traditional lifecycle and access review models designed for predictable human users.
A key driver is the rapid proliferation of non-human identities (service accounts, APIs, workloads, and increasingly autonomous/agentic systems) that can be created and discarded in seconds, outpacing visibility and privilege management controls. The articles cite investigations and threat analysis indicating attackers are weaponizing exposed identity data at scale, and report survey data that 72% of identity leaders say the threat level of identity-related attacks increased or stayed the same over the past year.
Sources
Related Stories
AI and Non-Human Identity Sprawl Expands IAM Attack Surface
Reporting and commentary warn that **AI-driven non-human identities (NHIs)** are rapidly increasing the number and turnover of credentials inside enterprise IAM programs, amplifying long-standing weaknesses such as credential sprawl, unclear ownership, and inconsistent lifecycle controls. The Cloud Security Alliance’s findings highlight that many organizations treat *AI identities* like traditional service accounts or API keys, causing them to inherit existing governance gaps while adding new scale and speed pressures as identities are created programmatically, distributed across environments, and used continuously. CSO Online describes the operational drivers behind the surge—microservices, Kubernetes auto-scaling, CI/CD pipelines (e.g., GitHub Actions), and infrastructure-as-code (e.g., Terraform) generating large volumes of short-lived tokens and service principals—then argues that **agentic AI** further accelerates risk because these identities may be authorized to execute commands, move data, and change configurations autonomously. The net risk emphasized is that over-privileged AI agents and other NHIs can create breach conditions that may not resemble traditional intrusion, instead appearing as “normal” automated activity due to excessive permissions and weak visibility into post-authentication behavior.
1 months agoEnterprise Concerns Over Securing Non-Human Identities
Organizations are increasingly challenged by the rapid proliferation of non-human identities (NHIs), such as service accounts, API keys, digital certificates, access tokens, automated bots, IoT devices, and AI agents. More than half of enterprises surveyed express uncertainty about their ability to secure these NHIs, highlighting a significant gap between the adoption of automated digital identities and the maturity of tools and processes to protect them. The complexity and diversity of NHIs, which now form the backbone of modern digital infrastructure, have outpaced traditional identity and access management strategies, leaving organizations exposed to new risks. The exponential growth of NHIs, especially in cloud-native and automated environments, has led to a situation where non-human accounts vastly outnumber human users. This expansion, combined with issues like "secrets sprawl"—where credentials are scattered across codebases and pipelines—creates opportunities for account hijacking, privilege escalation, and lateral movement by threat actors. Security experts emphasize the need for unified visibility, consistent identity policies, and automated responses to address these risks, particularly as NHIs and AI agents become more integral to business operations and the attack surface continues to expand.
3 months ago
Non-Human Identities and Permissions Sprawl in Enterprise Security
Enterprises are facing significant challenges in managing the rapidly expanding attack surface created by both human and non-human identities. Reports highlight that permissions and entitlements are growing at a pace that outstrips the ability of security teams to maintain oversight, with hundreds of millions of active entitlements and billions of permissions in large organizations. This complexity leads to persistent blind spots, including dormant and orphaned accounts that remain active and pose a risk for misuse, as well as the accumulation of 'identity debt' where excessive and unused access quietly increases risk over time. Non-human identities (NHIs), such as machine accounts, tokens, and keys, are becoming increasingly critical in cloud environments. Effective management of these NHIs is essential for reducing risk, improving compliance, and increasing operational efficiency. Automation and centralized secrets management are emphasized as key strategies for maintaining visibility and control over both human and non-human identities, helping organizations address security gaps and reduce operational costs associated with manual oversight and credential management.
2 months ago