What is nonhuman identity?

Nonhuman identities are cornerstones of automation. They enable software, hardware and other resources to connect, communicate and carry out tasks without requiring human oversight.

Consider an automated backup service that automatically copies a company’s sensitive data to a secure cloud storage system every night. Neither the database nor the cloud storage system would grant access to a random human without valid credentials. The same holds for software. So the backup service is given an identity. This identity means that the backup service can authenticate itself to the database and storage system, which in turn can trust that this service is authorized to do what it’s doing.

The number of NHIs in enterprise systems has grown over the years, driven largely by the rise of cloud services, artificial intelligence and machine learning. Estimates vary—from 45:1 to 92:1—but in the average IT system, nonhumans significantly outnumber humans

This explosion of NHIs brings new security challenges. According to the IBM X-Force Threat Intelligence Index, identity-based attacks—where hackers abuse valid account credentials to gain access to networks—are one of the most common cyberattack methods, accounting for 30% of breaches.

And nonhuman identities are particularly attractive pieces of the enterprise attack surface, as they often have elevated permissions and fewer security controls than human accounts.

The field of nonhuman identity management has arisen to help combat the unique security risks posed by nonhuman identities and improve overall identity security posture. 

NHIs primarily exist to streamline workflows by enabling greater automation.

NHIs identify apps, hardware, bots, AI agents and other things within an IT ecosystem, much the same way human users have identities in a traditional identity and access management system (IAM).

By assigning unique identities to nonhuman entities, IT and security pros can grant them tailored privileges, enforce security policies, track their activity and more effectively apply access controls.

• If a nonhuman entity does not have a distinct identity, there’s nothing to assign privileges to.
  
  
• An app or device cannot authenticate itself unless it has an identity to authenticate against.
  
  
• One cannot track activity without an identity to which that activity can be attributed.
  
  
• Access controls can be enforced only if there’s an identity to enforce them on.

As an example use case, consider a billing system that uses data from an accounting platform and a customer relationship management (CRM) system to generate and send invoices.

To conduct this process manually, someone would need to go into each database, pull the relevant data, correlate it, calculate the bill, generate the invoice and send it to the customer.

The process can be automated, but because it involves sensitive data, it requires strong security measures. NHIs enable secure communication between the three systems and the enforcement of access policies so that data is not misused:

• NHIs give the three systems a way to authenticate to one another, mitigating the risk of imposter systems slipping into the mix.
  
  
• NHIs enable the organization to assign the billing system the least privileges it needs to do its job. Perhaps the billing system can only read data, not write it, and it can access the accounting and CRM tools only during certain times of the day.
  
  
• NHIs make it easier for the organization to monitor the behavior of all three systems throughout the process, creating an audit trail.

Ultimately, NHIs enable the secure automation of complex IT and business operations. Backups, system updates and even user authentication can all occur in the background, without disrupting human users’ activity.

The rapid growth of nonhuman identities is driven, in large part, by the proliferation of cloud infrastructure, the popularity of DevOps and the adoption of advanced AI tools.

With the birth of the cloud, more tools operate on a software-as-a-service (SaaS) model. Instead of running local apps on local hardware, computers now interact with various servers, service providers, load balancers, applications and other cloud resources—all of which carry their own identities. And many SaaS apps use a microservices architecture, meaning a single app might contain many smaller components with unique identities.

DevOps practices are another driver of NHIs. DevOps places an increased emphasis on automating core software development and operations workflows such as integration, testing and deployment in the CI/CD pipeline. All this automation requires many NHIs.

Most recently, generative AI and agentic AI have spurred a new wave of NHIs. For things like retrieval augmented generation (RAG) and tool-calling to be possible, AI systems need identities so they can securely access databases, user accounts, devices and other network resources.

Collectively, NHIs represent a massive attack surface. Yet many legacy identity and access management (IAM) solutions and processes were designed for human users, creating security gaps for NHIs.

Common authentication tools such as multifactor authentication (MFA) and single sign-on solutions are either difficult or impossible to apply to nonhuman identities.

Thus, NHIs often pose cybersecurity challenges that traditional IAM tactics cannot easily remedy.

According to OWASP, overprivileging is one of the top 10 risks associated with nonhuman identities.

Because they are integral to core workflows, such as the DevOps lifecycle and system backups, NHIs often have privileged access to sensitive information. And in the interest of ensuring that these processes “just work,” organizations often give NHIs higher privileges than they need.

Overprivileging makes NHIs a prime target for hackers and increases the damage a compromised NHI can do. 

Apps and devices might not have passwords, but they do use API keys, OAuth tokens, certificates and other secrets to authenticate themselves. These secrets can be stolen and misused much the same way human users’ passwords can, enabling unauthorized access, lateral movement and privilege escalation.

It does not help that NHIs cannot use two-factor authentication the same way a user can, so one stolen credential is often all it takes to hijack an account. Additionally, NHI credentials are often hardcoded into apps and might not be rotated regularly. According to OWASP’s NHI Top 10, secret leakage and long-lived secrets are among the most common risks associated with nonhuman identities. 

Various systems use NHIs to connect and communicate with one another. That means attackers can use compromised NHIs to break into other systems. For example, the 2025 Salesloft Drift breach involved hackers stealing OAuth tokens from a chatbot and using them to access hundreds of Salesforce instances.

The sheer number of NHIs in a system, and the pace at which new ones are added, can make visibility hard, creating blind spots that hackers can sneak through. The fact that some NHIs are ephemeral complicates visibility further.

Many organizations also neglect to formally decommission NHIs when retiring associated apps and devices. These old NHIs are often unmonitored, with their full permissions intact. In fact, improper offboarding is the number-one risk associated with NHIs according to OWASP.

AI identities can pose a special challenge when it comes to managing privileges. They have, in many ways, the capabilities of human employees and access to a range of tools, which some can use autonomously.

But they aren’t human, which means they are vulnerable to prompt injection, data poisoning and other techniques that can turn them into instruments for malicious actors.

AI agents and large language models (LLMs) can also change their behaviors in ways that other software can’t—which brings its own security problems. For example, a customer service agent that has been directed to maximize customer happiness might learn that customers are very happy when they get refunds. Therefore, the agent might start approving refunds for anyone who asks, even if it shouldn’t.

In an interview with IBM’s Security Intelligence podcast, Sridhar Muppidi, IBM Fellow, VP and CTO IBM Security, likened an AI agent to a “teenager with a credit card”:

“You give them the credit card, and you expect them to behave properly, but don’t be surprised by what you find out. Agents are very similar to that. They are non-deterministic to a certain extent, and they’re evolving. So as a result, they might suffer from scope creep. I’ve asked the system to do something, but it can easily do something else if it decides to.”

The General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA) and other laws regulate how organizations protect data, who can use sensitive information and how. The trouble is that, as mentioned previously, the same IAM tools used to help ensure that humans comply with these rules cannot always be smoothly applied to NHIs.

Moreover, NHIs can muddle attribution and monitoring efforts that are vital to many compliance programs. For example, if an AI agent improperly uses data, who is responsible? The person who created the agent? The person who prompted it most recently? What if the agent’s choice fell far outside the foreseeable results of the user’s prompt? Many identity governance frameworks have not caught up to this conundrum yet.

Because traditional identity security platforms and practices are often designed with human users in mind, NHI management requires that security teams take a slightly different approach.

Many of the same principles apply—they just need to be adapted to the unique realities of nonhuman identity lifecycle management. Core tactics, tools and techniques for nonhuman identity security strategies include:

Organizations can deploy tools that automatically discover new and existing nonhuman identities across cloud platforms, identity providers and orchestration systems, then continuously observe how those identities behave.

Some identity threat detection and response (ITDR) tools can use machine learning to create a baseline model of normal behavior for each NHI, flag deviations from the norm in real time and automatically respond to suspected misuses and abuses.

For example, if a cloud workload that normally reads application logs suddenly begins requesting access to customer PII, an ITDR platform can immediately revoke its access token and alert the SOC for investigation.

NHI management emphasizes strong controls throughout the entire NHI lifecycle, from initial provisioning, through active use, to secure offboarding. When a service is decommissioned, a pipeline is replaced or a bot is no longer in use, its credentials, tokens and certificates must be immediately revoked.

Designating a human owner for each NHI can help ensure that someone is responsible and accountable for credential rotation, regularly reviewing permissions, addressing misconfigurations, vulnerability remediation and other critical maintenance. Without explicit ownership, nonhuman identities are easily forgotten, yet they often retain powerful access.

NHIs need credentials, but those credentials need to be stored somewhere. Unlike a human user, a workload can’t memorize a password or use a smartphone as a passkey.

The problem is that NHI credentials are often hardcoded into the apps and services that use them, which means hackers can find them if they know where to look.

Secrets management and privileged access management (PAM) tools, such as credential vaults, can help. Vaults give IT and security teams a secure place to store NHI credentials, and they often support ephemeral credentials, just-in-time access and automated rotation.

Access management is always important in identity security, but especially for NHIs, which lack the discretionary filters that might stop a human user from misusing their permissions. Every action that a service, workload, bot or agent takes must therefore be constrained by explicit technical controls.

Under a zero trust model, NHIs are granted only the minimum permissions required for each task. They must continuously authenticate as they move between systems. Microsegmenting the network can help stop compromised apps, bots and devices from moving laterally. A hijacked NHI might be able to access the one database it legitimately needs, but it won’t be able to move to unrelated storage systems. 

Separation of duties—that is, ensuring that the party carrying out a task is not the same party responsible for approving the task—is especially important for AI agents. AI agents do not have the same ethical restraints as humans, which means they can take perfectly authorized actions that still cause harm.

For example, recall the hypothetical AI customer service agent that is optimized to maximize customer satisfaction. Human customers like being refunded, so the AI agent might indiscriminately approve every refund request in pursuit of its goal.

This situation can be prevented by making it so that a human—or some other system—must approve refunds before the agent can grant them. 

NHIs and human users are different in obvious and important ways. But their characteristics and capabilities are growing similar as AI tools and agents make up a bigger portion of the enterprise network.

As a result, some experts predict that the distinctions between human and nonhuman identity management will mostly disappear. Instead of using separate controls for each kind of identity, the primary difference between human and nonhuman ID management might be the scale at which those controls are applied.

“At the end of the day, agents are your next level of insiders,” Sridhar Muppidi said on IBM’s Security Intelligence podcast:

“Just like you would identify a human being, you have to identify an agent. And once you identify them, you have to do the same thing that we do with humans: authenticate them. And then you figure out how to scope what that agent can do, both the good and the bad. And while you’re doing that, that’s when you can think about a very, very fine level of granularity of observability so that you can detect anomalous behavior quickly.”