The category

What is AI Identity Security?

Sabiki Security·Category overview·5 min read
In a typical Microsoft 365 tenant, non-human identities already outnumber people, and AI is minting more every week.
1 human to ~45 non-human identities
Human users Non-human identities (service accounts, OAuth apps, workload IDs) AI agents & copilots: the new, fastest-growing slice
Machine-to-human identity ratio approximately 45:1 (Gartner). Service accounts, OAuth apps and workload identities already dominate; AI agents and copilots are the newest and fastest-growing part, and the one almost no tenant governs today.

As organisations deploy Microsoft Copilot, autonomous AI agents and intelligent automation, thousands of new digital identities are created. AI Identity Security is the discipline of continuously discovering, understanding, governing and scoring these autonomous, non-human identities, before they become the next breach.

The category, defined

Every AI feature is an actor. A Copilot, an agent, an automation, an API integration, a service principal: each is granted its own identity and its own standing access to mail, files and data. These are non-human identities, and they already outnumber human ones ~45 to 1 on Gartner’s estimate, with some vendor telemetry running as high as 144 to 1.1

AI Identity Security is the practice of treating those identities as first-class citizens of your security programme: knowing every one that exists, what it can reach, who owns it, whether it is still needed, and how much damage it could do. It is continuous, not point-in-time, because the population changes every time someone switches on another AI feature.

You cannot govern, or safely adopt, what you cannot see.

Why traditional IAM was not built for this

Identity and access management, privileged access management and cloud posture tools were designed around people and infrastructure: a human logs in, an admin grants a role, a server runs a workload. AI identities break those assumptions. They act on their own, hold permissions continuously rather than only at login, are created faster than any review cycle, and are frequently unowned the moment the person who connected them moves on. Access reviews built around humans miss them entirely.

The four functions of AI Identity Security

The discipline resolves to one continuous, always-on loop:

Why now

Three forces are converging. AI adoption is exploding across Microsoft 365, so the identity population is exploding with it. Attackers have noticed that a quiet, over-permissioned agent is an easier path than a hardened human account. And regulators are moving: the EU AI Act, DORA, ISO/IEC 42001 and NIST AI RMF all now expect organisations to know and govern their AI systems. Gartner projects that by 2027, 40% of enterprises will decommission or demote autonomous AI agents because of governance gaps found only after production incidents.2

Where Sabiki fits

Sabiki AIRM is the independent AI Identity Control Plane for Microsoft 365: the platform that performs all four functions across every tenant, agentless and read-only, and produces an independent NHI Risk Score. It is additive to Microsoft, Microsoft builds and enables AI; Sabiki independently governs and secures the identities it creates, including the third-party and non-conforming agents Microsoft's own naming-based discovery misses.

1 Gartner (analyst estimate, ~45:1); vendor telemetry: Entro Labs, NHI & Secrets Risk Report (H1 2025), 144:1. 2 Gartner, “Applying Uniform Governance Across AI Agents Will Lead to Enterprise AI Agent Failure”, May 2026. Third-party research cited for context; Sabiki is not affiliated.

See AI Identity Security on a real tenant.

Register free and run one read-only NHI Risk report on any Microsoft 365 tenant, and see every AI identity and what it can reach.

Free NHI Risk Score →
← Back to home