Contact us
Contact us

News

About

Home Crypto News Rising AI agents widen gaps in identity controls

Rising AI agents widen gaps in identity controls

Author Whitewallet Research
Posted: 14 May 2026, 07:05 CET 2 min read

Seventy-five percent of firms increased identity budgets in 2026 as identities fragment across GitHub, Okta and Jamf; 68% detect identity issues within 24 hours, 55% can respond in that period.

Omdia reported that 75% of companies increased spending on identity management in 2026, up from 57% in 2025. The SANS Institute found that 68% of organizations can detect identity problems within 24 hours, while 55% can remediate within that same period.

Identity control that once centered on Microsoft Active Directory has dispersed across developer platforms, endpoint management and cloud identity providers. Developer accounts in GitHub, device access in Jamf and single sign-on systems such as Okta and JumpCloud now hold identities and permissions.

Those systems create trust relationships that allow one identity to assert access into another. OpenID Connect, for example, can let a developer account provision cloud resources. When permissions and trust span multiple systems, access paths that are not visible inside each system can appear across the environment.

SANS highlighted that attackers exploit short windows to chain access and escalate privileges before remediation. Accounts that received temporary deployment rights can retain elevated permissions through group membership or inherited roles, creating unintended routes to additional resources.

Industry forecasts show rapid adoption of agentic AI and related non-human identities. IDC projects 40% of Global 2000 jobs will involve agentic AI by the end of 2026. Gartner forecasts 40% of enterprise applications will embed task-specific AI agents in 2026, up from under 5% in 2025, and predicts one in four of those applications will suffer multiple security issues annually.

Reports and vendor guidance emphasize establishing continuous visibility into accounts and the relationships between them. A static inventory of accounts and permissions is presented as an initial step; identifying which combinations of access create reachable risk is described as necessary to prioritize remediation, including fixing misconfigurations, removing excessive privileges and closing unintended cross-system access paths.

Because identities and permissions change continuously, especially with AI-driven automation creating and modifying accounts, assessments are described as needing to be ongoing rather than one-time. Delegated rights, inherited roles and cross-platform trust are identified as common vectors for lateral movement and privilege escalation.

Whitewallet Research
Author

Articles by this author

Malware in Pirated PC Games Steals Passwords and Crypto
Malware in Pirated PC Games Steals Passwords and Crypto
jun 8
Armstrong: Energy and Compute, Not Models, Will Cap AI Growth
Armstrong: Energy and Compute, Not Models, Will Cap AI Growth
jun 8
Custodial vs non-custodial wallet
Custodial vs non-custodial wallet
may 30
What is a crypto seed phrase
What is a crypto seed phrase
may 25
Seed phrase vs private key
Seed phrase vs private key
may 21

Latest News

MORE
Adam Back: Bitcoin won’t fire miners; Dashjr readies fork

Adam Back: Bitcoin won’t fire miners; Dashjr readies fork

jun 12 2 min read
Coinbase Lets AI Agents Trade Inside User-Controlled Limits

Coinbase Lets AI Agents Trade Inside User-Controlled Limits

jun 12 2 min read
Hackers Impersonate ChatGPT, Claude and DeepSeek

Hackers Impersonate ChatGPT, Claude and DeepSeek

jun 11 2 min read
Delaware advances bill to ban crypto ATMs after scam surge

Delaware advances bill to ban crypto ATMs after scam surge

jun 11 2 min read
MORE