Tech »  Topic »  How AI Agents Are Breaking Traditional Identity Assumptions

How AI Agents Are Breaking Traditional Identity Assumptions

5 hours ago   bankinfosecurity

Token Security CEO Talks Identity Attack Surface and Agent Inventory Tom Field (SecurityEditor) • December 31, 2025

A rapidly growing identity attack surface is exposing user credentials across increasingly decentralized environments, said Token Security Co-Founder and CEO Itamar Apelblat.

See Also: Going Beyond the Copilot Pilot - A CISO's Perspective

Factor in the rise of locally run artificial intelligence agents, including those using model context protocol servers, and sensitive information is easily within reach across SaaS, cloud and developer environments, creating data-rich opportunities for automated attackers. Some organizations struggle to even identify how many agents they've deployed - let alone the permissions they hold, or should hold. Unlike service accounts, AI agents are non-deterministic and often act on behalf of humans, complicating efforts to enforce least-privilege access.

"Before, you could look at the past and assume what will happen in the future. That's not the case for AI agents," Apelblat ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE