Glossary
Identity security, defined
Plain answers to the questions people actually ask about human, non-human, and AI-agent identity, written to be quoted.
Start here
Foundations
- What is identity security?Identity security protects human, non-human, and AI-agent identities through posture, threat detection, and runtime enforcement. Definitions and key stats.
- What does zero trust mean for identity?Zero trust means every identity, human or machine, is verified continuously at each request. Learn where NHIs and AI agents break zero-trust assumptions.
- What is the principle of least privilege?Least privilege means every identity gets only the permissions its task requires. Why it decays, and how AI agents make enforcement dynamic.
- What is the difference between PAM and IAM?IAM manages access for every identity. PAM adds stricter controls for privileged accounts. Compare them side by side and see where NHIs fit.
- What is identity sprawl?Identity sprawl: the unchecked growth of human and machine identities across SaaS and cloud. What drives it, how to measure it, and how to rein it in.
- What is an identity fabric?An identity fabric weaves fragmented IAM tools into one consistent layer for human, machine, and AI-agent identities. Definition, principles, and stats.
- What is CIEM?CIEM discovers and right-sizes permissions across cloud infrastructure. How it works, how it differs from ISPM, PAM, and NHI governance, plus key stats.
- What is identity security posture management (ISPM)?ISPM continuously finds misconfigurations, dormant accounts, and excessive privilege across human and non-human identities. See how it differs from ITDR.
- What is identity threat detection and response (ITDR)?ITDR is the Gartner-coined discipline of detecting and responding to identity attacks. See how it differs from IAM and where NHIs and AI agents strain it.
Human identity threats
- What is account takeover (ATO)?What account takeover is, how attackers get in through phishing, credential stuffing, session theft, and MFA fatigue, and why detection must happen live.
- What is session hijacking?Session hijacking steals the token or cookie minted after login, bypassing MFA entirely. How AitM kits and infostealers take over authenticated sessions.
- What is token theft?Token theft steals session cookies, OAuth tokens, and API keys to bypass MFA. How the attacks work, why MFA does not stop them, and how to detect replay.
- What is consent phishing?Consent phishing explained: how malicious OAuth apps use real consent screens to grab token access that bypasses MFA, and how to detect and prevent it.
- What is phishing-resistant MFA?Phishing-resistant MFA binds logins to the real site via FIDO2/WebAuthn, defeating AitM kits that bypass OTP and push. What it stops and what remains.
Non-human and workload identity
- What is a non-human identity (NHI)?A non-human identity (NHI) is a software actor, not a credential: service accounts, workloads, and AI agents. Definitions, counts, and how to secure them.
- What is the difference between a non-human identity and a machine identity?Machine identity covers infrastructure: devices, workloads, certificates. NHI is the broader umbrella adding SaaS actors and AI agents. Taxonomy and table.
- What is a machine identity?A machine identity authenticates devices, workloads, and services using certificates and keys. Learn how it fits under NHI and why cert lifecycles hurt.
- What is a service account and why is it risky?What a service account is, why long-lived, overprivileged, unowned accounts are risky, and how discovery, ownership binding, and deprovisioning help.
- What is workload identity?Workload identity lets pods, VMs, and functions prove what they are with short-lived attested credentials instead of static secrets. SPIFFE explained.
- What is workload identity federation?Workload identity federation lets workloads authenticate across clouds by exchanging platform-issued tokens for short-lived credentials, no static keys.
- What is SPIFFE?SPIFFE is the open standard for workload identity: SPIFFE IDs, SVIDs, SPIRE attestation, and where the standard stops short for AI agents.
- What are ephemeral credentials?Ephemeral credentials are short-lived secrets issued on demand and expired automatically. How they work, common forms, and what they solve vs static keys.
- What is API key security?API key security explained: why static bearer keys leak from repos, logs, and AI prompts, and how scoping, rotation, and runtime identity reduce the risk.
- What is secrets management?Secrets management stores, rotates, and injects credentials for software. Learn how vaults work, why vaulting alone fails, and how secrets tie to identity.
- What is secret sprawl?Secret sprawl is the uncontrolled spread of credentials across code, chat, CI, AI prompts, and browsers. Why every leaked secret is an identity problem.
- What is a token vault?A token vault stores and exchanges OAuth tokens so AI agents can act for users without holding credentials. How token vaults work and how to secure them.
- What is non-human identity lifecycle management?Non-human identity lifecycle management governs service accounts, keys, and AI agents from creation to decommissioning. See why offboarding is OWASP NHI1.
- What is the OWASP Non-Human Identity Top 10?The OWASP NHI Top 10 (2025) ranks the ten most critical non-human identity risks, from improper offboarding to secret leakage. Full list, one line each.
- What are OAuth app risks?OAuth app risks explained: consent phishing, scope creep, dormant grants, and invisible SaaS-to-SaaS access, plus how to find and revoke risky app tokens.
AI agents
- What is an AI agent identity?AI agent identity defined: how autonomous agents authenticate, why delegation chains and authority fan-out break legacy IAM, and where MCP fits in.
- What is agentic AI security?Agentic AI security protects autonomous AI agents that plan and act: agent identity, scoped authority, and runtime monitoring, beyond model safety.
- What are the security risks of MCP (Model Context Protocol)?The security risks of MCP: credential concentration in servers, confused-deputy attacks, token audience loss, unvetted servers, prompt injection.
- How does MCP authentication work?How MCP authentication works: OAuth 2.1, PKCE, resource indicators, and audience validation, plus where the spec stops and how to secure MCP servers.
- What is shadow AI?Shadow AI is unsanctioned AI use on personal accounts, invisible to IT. Learn how to discover it from real activity and steer it without blocking.
- What is enterprise AI governance?AI governance explained: sanctioned tools, identity-verified access, usage visibility, data controls, and how NIST AI RMF and the EU AI Act fit.
- What is prompt injection?Prompt injection explained: direct vs. indirect attacks, why it is an identity problem once AI agents hold credentials, and why it remains unsolved.
- What is the confused deputy problem?The confused deputy problem: how trusted programs are tricked into misusing their authority, from Hardy's 1988 compiler to MCP servers and AI agents.
- What is AI agent delegation (on-behalf-of)?How AI agents act on a user's behalf across tools and sub-agents, why authority fans out and context gets lost, and what auditable delegation requires.
- What is the OAuth on-behalf-of flow for AI agents?The OAuth on-behalf-of flow lets a service or AI agent exchange a user's token to call downstream APIs as that user. How it works, act claim, and risks.
- What is AI agent sprawl?AI agent sprawl is the unmanaged spread of AI agents past governance. Learn why it happens, the risks of orphaned agents, and how to inventory them.
- What is an AI agent registry?An AI agent registry is a governed catalog of every AI agent, tool, and MCP server in an organization. How registries work and why inventory comes first.
- What is the A2A protocol?The A2A (Agent2Agent) protocol lets AI agents from different vendors discover and work together. How it works, how agents authenticate, and what breaks.
- What are AI agent guardrails?AI agent guardrails are enforceable limits on what agents can access and do: scoped credentials, tool permissions, autonomy limits, and approval gates.
- What is excessive agency?Excessive agency is OWASP's LLM06:2025 risk: AI agents with more tools, permissions, or autonomy than the task needs. Causes, exploits, and how to fix it.
- What is Microsoft Entra Agent ID?Microsoft Entra Agent ID gives AI agents directory identities with conditional access, governance, and audit logs. How it works, coverage, and limits.
- What is AI data leakage?AI data leakage happens when sensitive data enters prompts, uploads, or agent workflows. Learn how point-of-use enforcement extends DLP into AI.
Enforcement and runtime
- What is runtime identity security?Runtime identity security protects identities while access is exercised, not just granted. How it differs from ISPM, ITDR, PAM, and posture tools.
- What is enterprise browser security?What enterprise browser security is, how extensions, enterprise browsers, and gateways compare, and why in-session visibility needs identity tie-back.
- What is just-in-time (JIT) access?Just-in-time (JIT) access replaces standing privileges with short-lived grants. How JIT works for humans, NHIs, and AI agents, and what it leaves out.
- What is zero standing privileges (ZSP)?Zero standing privileges (ZSP) removes always-on access: rights are granted just in time and revoked at completion. How it works, limits, and AI agents.
Go deeper: The Non-Human Majority, Identra’s point of view on securing the identities that now outnumber us.
