Securing the Surge of Non-Human Identities in the Age of AI
It’s no coincidence that the rise of Non-Human Identities (NHIs) is happening alongside the rapid adoption of AI-powered tools and autonomous agents. This surge in NHIs, driven in part by enterprise AI adoption, has ignited crucial conversations surrounding machine identity and governance.
Like their human counterparts, NHIs (AI agents, bots, scripts, cloud workloads, etc.) rely on secrets (credentials) to access sensitive systems and data. These credentials, diverse in form, demand careful management throughout their lifecycle, from creation to offboarding. However, unlike humans, machines lack the ability to utilize multi-factor authentication or passkeys. Furthermore, the rapid pace of AI development can lead to developers generating hundreds of these credentials, amplifying the challenge.
The enterprise adoption of AI, while offering significant efficiency gains, introduces substantial risks related to privacy, secret exposure, and insecure code. While Large Language Models (LLMs) offer exciting possibilities, increasing the complexity of our environment expands the attack surface. This is especially true when granting agency to AI agents.
The time to address NHI security within your increasingly AI-driven organization is now. Let’s explore the inherent risks associated with AI agent NHIs.
The NHI Risks Posed by AI
AI Agents and Secrets Sprawl
“AI agents,” unlike the deterministic bots of the past, are LLM-based systems that autonomously determine how to achieve a given task. These agents can access internal data sources, search the internet, and interact with other applications.
Consider an AI-powered procurement agent: it could analyze purchasing needs, compare vendors, negotiate prices, and even autonomously place orders. Each secure communication within this process requires credentials. The agent’s development through DevOps further increases the authentication points across the pipeline, often leading to credentials being scattered across systems, logs, and repositories.
AI agents are frequently granted broader permissions than traditional bots. Because they operate without direct supervision, restricting access too severely can hinder their ability to complete tasks. This often results in overly permissive access, increasing the potential impact of a credential leak.
A single leaked key could lead to data breaches or unauthorized actions. Robust NHI governance is paramount to securing these AI agents. This includes enforcing least privilege access, API key protection, and audit logging for known credentials within vaults. Critically, your strategy must also address the inevitable secrets residing outside of these vaults.
Orphaned API Keys
Orphaned API keys, those no longer associated with a user account (often due to employee departure), remain valid but lack ownership. In the context of NHIs, ownership becomes ambiguous. Is it the creator? The DevOps team? This ambiguity significantly increases the likelihood of a credential becoming orphaned, forgotten, yet still active.
The crucial question becomes: who bears the risk associated with a breach caused by these orphaned keys?
Prompt-Based Architecture and Sensitive Data Exposure
AI assistants like ChatGPT, Gemini, Claude, and even GitHub Copilot utilize prompt-based architectures. These models process, store, and transmit sensitive information through prompts, including context, commands, and data. This user-friendly approach facilitates rapid prototyping and development.
This risk extends beyond development teams. With the rise of shadow IT, the potential exposure of proprietary business data and credentials spreads throughout the enterprise.
For example, a finance team using an AI chatbot for invoice processing might include sensitive information like “Find all invoices over $100,000 in the past 6 months using API key ABC123” in their prompt. This API key is likely to be logged, potentially in plaintext, creating a vulnerability.
Safeguards are essential to prevent embedding sensitive data in prompts and logs. Ideally, LLM output should be scanned for sensitive information. While defining “sensitive data” can be complex, identifying and eliminating secrets should be a priority.
AI Agents and Data Collection Risks
AI agents often ingest and process data from diverse sources, including cloud storage, enterprise applications, and messaging systems. Sensitive information (credentials, PII, etc.) must be kept out of these systems. If an AI agent can access data, a path for attacker exploitation exists.
Rotating all keys found within internal systems associated with AI agents (version control, ticketing, messaging) is crucial. Coupled with thorough log sanitation, this can significantly improve security.
AI-Generated Code and Embedded Secrets
AI-powered development tools like GitHub Copilot can inadvertently contribute to secrets sprawl. AI-generated code may mislead developers into hardcoding secrets.
For instance, a developer asking Copilot to generate an API call might receive code with a placeholder key. Under pressure, a developer might replace it with a real key without proper security practices. This code could then be committed to version control, exposing credentials.
Guardrails are needed to support developers while preventing the commitment of secrets. Tools like GitGuardian’s ggshield and pre-commit hooks can scan code before commit. IDE extensions can even catch secrets upon file save.
The Path Forward: Securing Non-Human Identities
The first step in managing NHIs is identifying existing secrets. Platforms like GitGuardian’s Non-Human Identity Security platform can automatically discover AI-agent credentials. Integrating with enterprise secrets management platforms like CyberArk’s Conjur enables comprehensive discovery, both inside and outside vaults.
Simply finding a plaintext key is insufficient. Understanding its purpose, usage, and the critical systems it accesses is essential. GitGuardian’s Secret Analyzer automatically reveals key permissions, enabling rapid remediation of over-permissioned secrets.
Mapping secrets and their interconnections provides crucial insights into potential risks. GitGuardian can also prevent sensitive data from being embedded in prompts or logs, enabling real-time detection and sanitation.
Preparing Your NHI Governance Strategy for the Speed of AI
The future of AI agents is uncertain, but their rapid adoption is inevitable. The complexity introduced by deploying self-guiding AI agents presents both opportunities and perils. Tools like GitGuardian help organizations navigate this landscape securely, offering automated secrets scanning and insights into NHI access and privileges, enabling enterprises to manage and secure non-human identities at scale.
Reference:
https://blog.gitguardian.com/nhi-security
https://guptadeepak.com/non-human-identity-in-the-ai-age-a-technical-deep-dive