Podcast
The Non-Human & AI Identity Podcast
Hosted by Mr. NHI - NHI Mgmt Group · EN
By Humans for Humans, No AI Generated Content
Mr. NHI hosts and shares the voices shaping the future of Non-Human & Agentic AI Identity.
SME discussions, webinars, keynotes and panel sessions from conferences, summits and workshops and much more.
35episodes
Episodes
Newest firstAll episodes
Alexis Moyse is Mr NHI's Human Identity In The Hot Seat
2w ago00:15:34Tap to summarizeAssuming NHI risk is under control while AI agents are already in production isn't a security strategy — it's a liability waiting to surface.Alexis Moyse, from Clarity Security, faces 10 rapid-fire questions on whether organisations are taking non-human identity risk seriously enough, whether the identity market consolidation is actually improving security outcomes, and whether traditional IGA platforms have any chance of keeping up with autonomous agents operating at scale. Can agentic AI truly be governed — or is control an illusion we're comfortable believing? Will AI agents eventually need to be fired? And is the industry drawing a sharp enough line between agentic AI security and NHI security, or collapsing two distinct problems into one? From market dynamics to vibe coding, this clip covers the ground most security conversations are still circling.🔑 Key Takeaways:- NHI risk isn't being taken seriously — organisations are accepting breaches and moving on rather than making changes- Traditional IGA is compliance-first, not security-first — it won't adapt effectively to a world of autonomous agents- CISOs are aware the threat is coming but we've never handled service accounts, OAuth, or permissions at scale — what makes anyone think agents will be differentIn this clip, Alexis Moyse, from Clarity Security, delivers sharp, unfiltered answers on NHI governance, identity market consolidation, and why the assumption that CISOs are ready for autonomous agent fleets deserves serious scrutiny. From The Non-Human & AI Identity Podcast 🎙️00:00 Introduction00:16 Are Organizations Taking NHI Risk Seriously Enough?01:16 Identity Market Consolidation & New Vendors02:41 IAM for AI vs AI for IAM03:41 Can Agentic AI Really Be Governed?05:01 Will AI Agents Need to Be Fired?06:31 Can Traditional IGA Adapt to AI Agents?08:11 Is Agentic AI Security the Same as NHI Security?09:36 Will Agentic AI Cause Mass Unemployment?11:21 Are Agents Being Deployed Without Security Guardrails?12:26 Are CISOs Ready for Autonomous Agents?13:51 Vibe Coding: Opportunity or Risk?#CyberSecurity #NonHumanIdentity #IAM #AIAgents #IdentitySecurity #IGA #AgenticAI #shorts
Transcribe →Ep # 12 - When AI Agents Inherit Risk: The NHI Problem Expands
2w ago00:45:26Tap to summarizeMost security teams are still retrofitting human identity frameworks onto AI agents. It won't hold. Agents that spawn sub-agents, inherit domain admin permissions through accidental OAuth consent, and operate non-deterministically aren't just a new identity type — they're a governance collapse waiting to happen, and the misconfiguration that triggers it is probably already in your environment.In this episode, Alexis Moyes, CEO of @ClaritySecurity, breaks down why static entitlements and upfront permission grants can't govern autonomous agent behaviour — and what real-time, intent-based authorisation actually requires in practice.What's covered:- Why organisations are repeating every mistake they made with machine identities — only faster and at scale- How agents inherit super-privileged access through a single accidental admin OAuth consent- The shift from posture management to real-time risk: why governance needs to operate alongside data flows, not after the fact- Agent lifecycle management: why "firing" an agent is a real security requirement and almost no one is doing it- Why IAM for AI is more urgent than AI for IAM — and what that distinction means for your security architecture- What Clarity Aperture 2.0 does differently: non-deterministic misconfiguration detection, attack path visibility, and one-click remediation. Essential listening for CISOs, IAM architects, and anyone building or governing agentic AI in production.Key MomentsIntroduction & Meet Alexis Moyse [00:00–01:00]Mr NHI's Human Identity in the Hot Seat [01:00–16:35]How AI Agents Inherit and Amplify Existing NHI Risks [16:35–20:20]Securing Autonomous Agents: Least Privilege, Segregation of Duties & Just-in-Time Access [20:20–25:35]The Future of Agent Identity: Real-Time Authorisation and Intent-Based Security [25:35–30:10]Governing AI Agents: Practical Strategies Organisations Can Implement Today [30:10–34:15]Clarity Security's Vision for Continuous Identity Governance [34:15–37:20]Risk Assessment, Attack Paths & Securing Humans, NHIs and Agents [37:20–39:50]Advice for CISOs: Preparing for Agentic AI and NHI Security Challenges [39:50–42:50]Identiverse, Industry Trends & Final Thoughts [42:50–45:25]📚 NHI Knowledge Centre: nhimg.org🔗 Learn more about Clarity Security: claritysecurity.com📧 Contact: teamclarity@claritysecurity.com🎟️ Non-Human & AI Identity Summit at Identiverse — June 15Subscribe below and Follow Us On :LinkedIn – https://www.linkedin.com/company/non-human-identity-management-groupTikTok – https://www.tiktok.com/@mr_non_human_identity#cybersecurity #ai #artificialintelligence #nonhumanidentity #iam #aiagents #zerotrust #airisks #agenticsecurity #claritysecurity
Transcribe →Neil McGlennon is Mr NHI's Human Identity In The Hot Seat
3w ago00:11:00Tap to summarizeAI agents are evolving into powerful enterprise identities — yet most organisations still lack the governance frameworks needed to control them securely.Neil McGlennon, Global Field CTO at SailPoint, responds to 10 rapid-fire questions focused on AI identity governance, non-human identities, and the growing security risks tied to autonomous systems.As AI agents gain access to sensitive environments, the questions become harder to ignore: should they be governed like human employees or managed like software? Are businesses prioritising innovation speed over identity controls? And when an AI identity is breached, who is accountable for the consequences?🔑 Key Takeaways:• AI agents are creating a new class of identities that challenge traditional governance models• The way organisations classify AI agents impacts access control, auditing, and lifecycle governance• Many enterprises are accelerating AI adoption without fully addressing identity security risksIn this clip, Neil McGlennon explores the intersection of AI, identity governance, and enterprise security — and why organisations need to rethink how trust is established in the era of autonomous systems.#CyberSecurity #SailPoint #IdentityGovernance #AIAgents #ZeroTrust #IAM #NonHumanIdentity #IdentitySecurity
Transcribe →Michael Trites is Mr NHI's Human Identity In The Hot Seat
3w ago00:03:26Tap to summarizeEnterprises are deploying AI agents at machine speed — but governance and identity security aren’t keeping pace.Michael Trites, Senior VP of Global Sales at Aembit, tackles 10 fast-paced questions on the rise of AI-driven identities, the expanding NHI threat landscape, and why organisations are repeating familiar security mistakes as autonomous systems scale.Should AI agents be governed like employees with assigned accountability, or treated purely as software identities? Are security teams giving AI systems privileged access too quickly? And when an AI agent is compromised, does anyone truly own the incident response?🔑 Key Takeaways:• AI agents are becoming highly privileged non-human identities with limited oversight• Existing IAM and PAM frameworks were not designed for autonomous AI access patterns• The rush to operationalise AI is creating governance gaps that attackers are beginning to exploitIn this short-form discussion, Michael Trites shares perspectives on identity-first security, machine access governance, and why AI agents are rapidly becoming one of the biggest emerging challenges in cybersecurity.#CyberSecurity #Aembit #IdentitySecurity #NHI #AIAgents #MachineIdentity #ZeroTrust #IAM
Transcribe →Stanislas Crépin is Mr NHI's Human Identity In The Hot Seat
3w ago00:05:41Tap to summarizeAI agents are quickly becoming one of the largest unmanaged attack surfaces in enterprise environments — and most organisations still lack the controls to secure them effectively.Stanislas Crepin, Senior Global Director Sales Engineering at GitGuardian, answers 10 rapid-fire questions on the growing identity and secrets management risks surrounding AI agents and NHIs. From access governance to accountability, this discussion highlights where organisations are falling behind as agentic AI adoption accelerates.Do AI agents require the same trust validation as employees? Are companies unknowingly exposing sensitive systems in the rush to innovate? And as machine identities multiply, are security teams losing visibility over who — or what — has privileged access?🔑 Key Takeaways:• AI agents are introducing a new wave of non-human identities that traditional security models struggle to manage• Treating AI identities like software alone creates dangerous governance blind spots• Speed-to-deployment pressures are weakening security processes across agentic AI initiativesIn this clip, Stanislas Crepin breaks down the growing overlap between AI governance, identity security, and secrets exposure — and why organisations must rethink how they secure autonomous systems.#CyberSecurity #GitGuardian #NonHumanIdentity #SecretsManagement #AIAgents #IdentitySecurity #ZeroTrust #IAM
Transcribe →David Lee is Mr NHI's Human Identity In The Hot Seat
3w ago00:04:28Tap to summarizeAI agents are scaling inside organisations faster than security teams can properly govern them — and attackers are already taking advantage of the gap.David Lee, Field CTO at Saviynt, takes on 10 rapid-fire questions around the identity risks enterprises can no longer ignore. From the growing exposure created by unmanaged NHIs to the debate over whether AI agents should be treated more like employees or software, this conversation goes straight to the governance failures security leaders are now facing.Should AI agents undergo the same scrutiny as human users before receiving access? Are organisations sacrificing security controls in the race to deploy agentic AI? And when an AI-driven identity is compromised, who actually owns the fallout?🔑 Key Takeaways:• AI agents are rapidly becoming unmanaged identities that existing IAM and PAM strategies weren’t built to secure• How organisations classify AI agents directly impacts governance, lifecycle management, auditing, and access revocation• Pressure to accelerate AI deployment is causing security oversight to slip — increasing enterprise risk exposureIn this short clip, David Lee shares sharp insights on non-human identities, AI governance, and why enterprises are repeating many of the same mistakes previously seen with machine identity sprawl.#CyberSecurity #IAM #AIAgents #ZeroTrust #IdentitySecurity #NonHumanIdentity #PrivilegedAccess #AI
Transcribe →Oded Hareven is Mr NHI's Human Identity In The Hot Seat
4w ago00:10:59Tap to summarizeTreating AI agent identities the same as standard non-human identities isn't just lazy thinking — it may be the most dangerous assumption in security right now.Oded Hareven, Co-Founder and CEO of Akeyless, faces 10 rapid-fire questions on whether the industry is sleepwalking into the same governance failures it made with NHIs, only this time with autonomous agents operating at scale. Are CISOs truly ready to manage fleets of autonomous digital employees? Can zero trust even work for agents that make decisions independently? And if agentic AI identities need to be governed separately, is anyone actually building for that yet?From background checks for AI agents, to whether PAM needs a fundamental rebuild, to the question no one wants to answer — can you truly govern and control agentic AI at all — this clip covers the ground most security conversations are still avoiding.🔑 Key Takeaways:Agentic AI identities operate with a different threat profile to standard NHIs — conflating them is a governance blind spot most organisations haven't caught yetZero trust principles face a genuine stress test with autonomous agents that act, authenticate, and escalate privileges without human approval loopsThe industry is repeating the same under-governance mistakes made with machine identities — but the blast radius this time is significantly largerIn this clip, Oded Hareven, Co-Founder and CEO at Akeyless, delivers machine-speed answers on agentic identity governance, secrets management, and why the window to get this right is closing faster than most CISOs realise.From The Non-Human & AI Identity Podcast 🎙️#CyberSecurity #NonHumanIdentity #IAM #ZeroTrust #AIAgents #SecretsManagement #IdentitySecurity #shorts
Transcribe →Heiko Karl is Mr NHI's Human Identity In The Hot Seat
4w ago00:06:30Tap to summarizeMost organisations are deploying AI agents faster than they can govern them — and the identity security gap that creates is already being exploited.Heiko Karl, CEO of Nexis, faces 10 rapid-fire questions on the blind spots organisations can no longer afford to ignore. From whether NHI threats are being systematically underestimated, to whether IAM for AI is now more critical than AI for IAM itself — this clip cuts straight to where security strategy is falling short.Do AI agents behave more like employees or software? Should they require background checks before deployment? Is time-to-market pressure quietly stripping security controls from agentic rollouts? And when a machine identity is breached — who in your organisation actually owns that problem?🔑 Key Takeaways:AI agents are proliferating as ungoverned identities — most PAM and IAM frameworks have no answer for them yetThe employee-vs-software question for agents isn't philosophical — it determines how you govern, audit, and revoke accessOrganisations are consistently prioritising speed to market over security controls for agentic deployments, and the blast radius is growingIn this clip, Heiko Karl, CEO at Nexis, delivers machine-speed answers on NHI security, agentic AI governance, and why the same mistakes made with machine identities are being repeated with AI agents right now.#CyberSecurity #NonHumanIdentity #IAM #ZeroTrust #AIAgents #PrivilegedAccess #IdentitySecurity #shorts
Transcribe →Eleanor Meritt is Mr NHI's Human Identity In The Hot Seat
4w ago00:11:31Tap to summarizeMost organisations are still treating machine identities like a footnote in their security strategy — and AI agents are about to make that a catastrophic mistake.Eleanor Merrit, President of Arcon, faces 10 rapid-fire questions on the blind spots organisations can no longer afford to ignore. From whether NHI threats are being systematically underestimated, to whether IAM for AI is now more critical than AI for IAM itself — this clip covers the questions most security leaders are still avoiding.Are AI agents more like employees or software? Do they need background checks? Is time-to-market pressure quietly gutting security controls for agentic deployments? And when a machine identity is breached — who actually owns it?🔑 Key Takeaways:Most IAM frameworks were never designed for non-human identities — AI agents are exposing that gap in real timePAM is facing a fundamental rethink as autonomous agents operate with privileged access outside traditional governance modelsOwnership of breached machine identities remains undefined in most organisations, creating accountability voids that attackers are already exploitingIn this clip, Eleanor Merrit, President at Arcon, delivers machine-speed answers on NHI security, agentic AI governance, and why the window to get this right is closing fast.#CyberSecurity #NonHumanIdentity #IAM #ZeroTrust #AIAgents #PrivilegedAccess #IdentitySecurity #shorts
Transcribe →Ep #11 - Securing AI Agents In Runtime
4w ago00:47:15Tap to summarizeAI Agents Don't Have Identity — They Have Access. That's the Problem.Most security teams are still applying human and machine identity frameworks to AI agents. It won't hold. Agents with memory, tool access, and the ability to spawn sub-agents operate in a fundamentally different threat space — and the credentials sitting in that memory are a live vulnerability right now.In this episode, Oded Hareven, CEO and Co-Founder of Akeyless, breaks down why static entitlements and session tokens can't govern non-deterministic behaviour — and what a runtime authority model actually looks like in practice.What's covered:- Why credentials in agent memory aren't just a bad practice — they're game over (the Pocket OS breach shows exactly how)- The architectural shift from identity to per-action, intent-aware authorisation- How an AI gateway proxy gives you traceability, choke-point control, and ephemeral credential issuance — and why nothing else does- Agent-to-agent delegation: how OAuth-style context passing should work, how it's being done dangerously wrong, and what accountability collapse looks like- Why current IAM frameworks aren't mature enough for complex agentic architecturesEssential listening for CISOs, IAM architects, platform engineers, and anyone building or governing agentic AI in production.Key Moments:Mr NHI's Human Identity In The Hot Seat 1:40 – 12:38: What makes AI agents fundamentally different from machines and humans? 13:00 – 17:00Why credentials in agent memory are a critical security failure 17:00 – 20:00The shift from identity to "runtime authority" — a new security paradigm 21:20 – 24:40. The AI gateway proxy — how it works as a policy engine and kill switch 24:40 – 31:30Agent-to-agent delegation: the governance time bomb 31:40 – 37:20Are current frameworks mature enough for complex agentic architectures? 37:20 – 39:40Akeyless's agentic runtime authority vision and what's coming 39:40 – 42:00Key takeaways and where to start securing AI agents today 42:00 – 45:00Closing thoughts and Identiverse 2025 preview 45:00 – 47:00📚 NHI Knowledge Centre: nhimg.org 🔗 Learn more about Akeyless: akeyless.io 🎟️ Non-Human & AI Identity Summit at Identiverse — June 15Subscribe below and Follow Us On:LinkedIn - https://www.linkedin.com/company/non-human-identity-management-groupTiktok -https://www.tiktok.com/@mr_non_human_identity#cybersecurity #ai #artificialintelligence #nonhumanidentity #iam #aiagents #zerotrust #airisks #runtime #akeyless
Transcribe →