AI Agents: The Unseen Replicants Exposing Enterprise Identity Gaps
As AI agents and machine identities proliferate, they are rapidly outnumbering human users in enterprise environments. This surge creates critical blind spots in traditional identity governance frameworks, which were designed for human lifecycles, leaving organizations vulnerable to sophisticated attacks leveraging trusted, yet unmanaged, machine access.

Forty-four years after *Blade Runner* imagined replicants walking among us, security teams are managing their own version of a non-human workforce. These digital **replicants** already possess accounts, permissions, and access to sensitive data. They manifest as **AI agents**, service accounts, **OAuth** applications, workload identities, and the rapidly expanding number of machine identities that now outnumber human users in many enterprise environments.
This distinction is crucial because identity security historically centered on human behavior. People join companies, change roles, take vacations, and eventually leave. These lifecycle events formed the bedrock of identity governance. Machine identities, however, rarely adhere to this pattern.
According to the **Non-Human Identity Management Group**, machine identities can outnumber human users by as much as 50 to one in many IT ecosystems. Some exist for mere minutes, while others remain active years after the application or automation that spawned them has been decommissioned. Most organizations still struggle to answer fundamental questions about their ownership, purpose, or the scope of their access.
## Trust Scales Faster Than Governance
In 2025, a threat actor tracked as **UNC6395** obtained an **OAuth** token linked to **Salesloft's Drift** chat integration. This token was then used to move laterally through **Salesforce** environments across hundreds of organizations.
The danger of this token wasn't rooted in a software vulnerability; it was dangerous because it was inherently trusted. From this initial foothold, attackers accessed **AWS** credentials, **Snowflake** tokens, and other secrets stored inappropriately. One trusted machine identity became the gateway to several more.
**AI agents** don't create this problem, but they significantly accelerate it. Organizations are deploying **AI agents** that automatically create identities, inherit permissions, interact across diverse systems, and expand the pool of trusted credentials operating within the environment. If security teams lack visibility into these identities β or fail to understand their access privileges β the attack surface expands silently in the background.
## Identity Programs Were Built for People
The core issue isn't new; **AI** is simply exposing and amplifying an existing vulnerability within identity management. Traditional human identity programs assume an account owner, periodic access reviews, and eventual account removal. **AI agents** don't naturally fit this lifecycle. They can be created automatically, inherit permissions from other identities, interact with systems at machine speed, and even generate additional identities as part of their operations.
The consequence is an identity population growing at a pace that most governance processes were never designed to handle.
## Visibility Isn't Enough
**Netwrix's 2026 Data and Identity Security Report** revealed a stark finding: organizations where **AI** significantly expanded the number of identities in their environment reported a 43% breach rate over the previous year. This contrasts sharply with an 11% breach rate among organizations where **AI** hadn't substantially altered their identity footprint.
The surprising element wasn't the breach rate itself, but *who* was getting breached. Organizations with rapidly expanding **AI** identity counts generally reported stronger governance practices than their peers. They were more likely to monitor shadow **AI**, govern non-human identities, and maintain continuous visibility into sensitive data. Despite investing in the established security playbook, they still experienced breaches.
Security teams require continuous answers to four critical questions: What identities exist? Who owns them? What can they access? When should they no longer exist? Without these answers, every new **AI** deployment quietly expands the number of trusted identities operating within the environment.
## The Accountability Question
When an **AI agent** contributes to a security incident, who is accountable for that identity? Who approved its permissions? Who reviews its access? Who decides when it should be retired? For a standard service account, a clear audit trail usually exists. However, for an **AI agent** operating at machine speed, creating downstream identities, and interacting across multiple systems, that line of accountability back to a human owner can quickly vanish.
Knowing where sensitive data resides is only half of the equation. The other half involves knowing every identity that can reach that data, maintaining a current inventory, and ensuring each identity has a clear, assigned owner. The most critical trusted identities are not always the ones security teams are actively monitoring. Increasingly, they are the ones nobody remembers creating.
To learn how organizations are adapting identity security for AI, read the **2026 Data and Identity Security Report**.