93% of surveyed organizations either use or plan to use AI agents for sensitive security tasks such as password resets and VPN access, even as many admit those agents create fresh exposure points, a new Semperis study finds.
Scope of the survey: who was asked and what they said
Semperis polled 1,100 organizations across eight countries — the US, UK, France, Germany, Spain, Italy, Singapore and Australia — to produce its State of Identity Security in the AI Era study. The results sketch a rapid operational shift: large majorities are deploying AI agents into security workflows, and nearly as many acknowledge material risk.
Key figures from the survey include:
- 93% of organizations use or plan to use AI agents for security tasks such as password resets and VPN access.
- 92% said AI is installed on at least some local machines that have access to SSH and encryption keys.
- 74% agreed that AI will increase attacks on identity infrastructure.
- 32% said they were “very confident” they could regain control after an AI-driven credential exposure.
- 83% said AI identity governance is a priority for the next 12 months.
Local installs, SSH keys and the narrow band between convenience and exposure
The study highlights a particular operational pattern: AI capabilities are being placed on endpoint machines that already have privileged material. With 92% of respondents admitting local AI installs with access to SSH and encryption keys, organizations have effectively expanded the set of systems that can touch core identity controls.
Semperis frames this as a direct exposure: the presence of AI on machines that hold credentials or keys multiplies the possible avenues for credential leakage or misuse. The survey’s respondents expect risk to increase: three quarters (74%) say AI will raise the volume of attacks aimed at identity infrastructure.
Zombie agents, shadow NHIs and over‑permissioning
Semperis draws attention to a governance problem that precedes AI: the proliferation of non‑human identities (NHIs) including AI agents. The report warns that many organizations are not treating these NHIs with the distinct controls they require. Only 65% said they fully register, authenticate and authorize their AI identities in a formal system; 6% said they do not track them at all.
Of the organizations that do track AI identities, a majority (57%) use the same system that manages human identities, a practice the report implies can result in over‑permissioning. Semperis describes the resulting risks as abandoned “zombie” agents and shadow NHIs that threat actors could potentially hijack — a governance gap driven by quantity (an “explosion” of agents) and by applied identity rights that mirror human accounts rather than the narrower scope AI agents need.
Semperis recommendations: guardrails, observability and recovery readiness
The report describes a set of controls Semperis recommends to align AI agents with identity security best practice. Semperis recommended organizations to:
- Treat agents as NHIs rather than human identities
- Enforce least‑privilege, just‑enough and just‑in‑time access for agents in the same way human identities are governed
- Segregate agent and human trust boundaries where appropriate
- Use user and entity behavior analytics (UEBAs) or similar tools to detect zombie or suspicious agent behavior
- Ensure the organization can quickly recover identity systems to a trustworthy state if they are breached
“What is striking about the study is not just how quickly AI is being integrated into identity systems but how unprepared many organizations are to recover when things go wrong,” said Grace Cassy, partner at cybersecurity venture capital firm Ten Eleven Ventures. Cassy framed the need for guardrails, observability and recovery readiness as the essential complement to operational advantages.
What this means for security teams, procurement leaders, and affected enterprises
- Security teams: they face a threefold task reflected in the survey — inventory and registration of AI identities, tightening of privileges, and building recovery plans; yet only 32% are “very confident” they could regain control after an AI‑driven credential exposure.
- Procurement leaders: with 93% adopting or planning AI agents for security work, procurement choices will determine whether agents arrive already segregated and least‑privileged or as additional entries in existing human identity systems (57% presently use the same system for both).
- Affected enterprises: the 92% of organizations that have AI on machines with SSH and encryption key access will need to prioritize observability and UEBA‑style detection to spot zombie or suspicious agent behavior before compromise escalates.
The survey presents a double reality: rapid uptake of AI agents for sensitive tasks and a simultaneous lack of full preparedness to govern, detect and recover from AI‑related identity incidents. With 83% making AI identity governance a near‑term priority, the coming 12 months will show whether organizations can convert intent into the practical guardrails, monitoring and recovery playbooks the study recommends.




