If your AI agent connects to Gmail, GitHub, or Slack, it's a privileged user with powerful access.
Attackers are increasingly targeting this "connective tissue" of identity and access, not the AI models themselves. We've seen over 91,000 malicious sessions targeting AI infrastructure since October 2025 (Cyberpress), while other attackers are abusing Google Cloud email features to bypass traditional phishing defenses (The Hacker News).
For identity and access management, this requires a clear plan:
✔️ Identity Lifecycle Management: Just like human employees, AI agents require strict onboarding, regular permission reviews, and timely offboarding. Long-lived OAuth tokens are a major risk if left unchecked.
✔️ Least Privilege Access: It's crucial to evaluate every OAuth scope assigned to an AI tool. Ask, “Does this agent really need write access?” Minimising permissions reduces the potential blast radius.
✔️ Continuous Access Evaluation (CAE): Static, one-time approval for an AI agent is no longer enough. Access should be reassessed dynamically in real time to catch malicious activity happening at machine speed.
✔️ Comprehensive Audit Trails: We need full visibility into AI agent API calls. Every integration should generate detailed logs to enable effective forensics and anomaly detection.
Breaches involving AI agents can escalate in milliseconds. This makes applying Zero Trust principles to machine identities more important than ever, extending identity-centric controls to them with the same rigor as we do for human users.
Managing the identity lifecycle and access boundaries for AI agents is becoming increasingly essential across organisations.
#IdentitySecurity #ZeroTrust #AI #IAM #CloudSecurity