What is AI Identity Security?
As organisations deploy Microsoft Copilot, autonomous AI agents and intelligent automation, thousands of new digital identities are created. AI Identity Security is the discipline of continuously discovering, understanding, governing and scoring these autonomous, non-human identities, before they become the next breach.
The category, defined
Every AI feature is an actor. A Copilot, an agent, an automation, an API integration, a service principal: each is granted its own identity and its own standing access to mail, files and data. These are non-human identities, and they already outnumber human ones ~45 to 1 on Gartner’s estimate, with some vendor telemetry running as high as 144 to 1.1
AI Identity Security is the practice of treating those identities as first-class citizens of your security programme: knowing every one that exists, what it can reach, who owns it, whether it is still needed, and how much damage it could do. It is continuous, not point-in-time, because the population changes every time someone switches on another AI feature.
Why traditional IAM was not built for this
Identity and access management, privileged access management and cloud posture tools were designed around people and infrastructure: a human logs in, an admin grants a role, a server runs a workload. AI identities break those assumptions. They act on their own, hold permissions continuously rather than only at login, are created faster than any review cycle, and are frequently unowned the moment the person who connected them moves on. Access reviews built around humans miss them entirely.
The four functions of AI Identity Security
The discipline resolves to one continuous, always-on loop:
- Discover every AI and non-human identity, by behaviour rather than naming, so nothing hides.
- Understand what each can reach, who owns it, why it exists and how dangerous it is.
- Govern it with policy and lifecycle, and turn findings into audit-ready evidence.
- Improve the organisation's identity risk over time, benchmarked against peers.
Why now
Three forces are converging. AI adoption is exploding across Microsoft 365, so the identity population is exploding with it. Attackers have noticed that a quiet, over-permissioned agent is an easier path than a hardened human account. And regulators are moving: the EU AI Act, DORA, ISO/IEC 42001 and NIST AI RMF all now expect organisations to know and govern their AI systems. Gartner projects that by 2027, 40% of enterprises will decommission or demote autonomous AI agents because of governance gaps found only after production incidents.2
Where Sabiki fits
Sabiki AIRM is the independent AI Identity Control Plane for Microsoft 365: the platform that performs all four functions across every tenant, agentless and read-only, and produces an independent NHI Risk Score. It is additive to Microsoft, Microsoft builds and enables AI; Sabiki independently governs and secures the identities it creates, including the third-party and non-conforming agents Microsoft's own naming-based discovery misses.
1 Gartner (analyst estimate, ~45:1); vendor telemetry: Entro Labs, NHI & Secrets Risk Report (H1 2025), 144:1. 2 Gartner, “Applying Uniform Governance Across AI Agents Will Lead to Enterprise AI Agent Failure”, May 2026. Third-party research cited for context; Sabiki is not affiliated.
See AI Identity Security on a real tenant.
Register free and run one read-only NHI Risk report on any Microsoft 365 tenant, and see every AI identity and what it can reach.
Free NHI Risk Score →