Agents
Microsoft Security Blog: Identity Is the New Cyberattack Pressure Point — Non-Human Identities Outnumber Humans 40:1 to 100:1
Microsoft's March 25 security blog highlights identity as the primary attack surface in the agentic era: non-human identities (service accounts, API keys, agent tokens) now outnumber human identities 40:1 to over 100:1 in some enterprises, growing 40%+ year-over-year. As organizations adopt autonomous AI agents alongside cloud and SaaS, the rapid growth of NHIs expands the attack surface and increases gaps in protection. Microsoft frames this as the architectural rationale behind Agent 365, Entra agent identity, and the Security Analyst Agent.
↳ Follow the thread