Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português
  • Home
  • Products
  • NHI Governance current page
Link copied

NHI Governance

Extend lifecycle controls and accountability to every non-human and AI identity, strengthening NHI security via discovery, ownership, hygiene, and access governance.

Request Early Access
NHI categories vs roles banner
5
80
x
Non-human identities now outnumber human ones by 80:1
50
467
%
Year-over-year increase in AI agents operating inside enterprise environments.
10
88
%
Organizations had at least one agent-related security incident in the past year.
1

SASE/SSE Platforms Must Adapt to Secure the Rise of Agentic AI and (NHI) Non-Human Identity Access. Gartner. By Charanpal Bhogal, Charlie Winckless, Neil MacDonald, & John Watts. Dec 2025.

2

BeyondTrust Phantom Labs™, Phantom Labs Analysis of BeyondTrust’s Identity Security Insights Data Finds Enterprise AI Agents Growing 466.7% Year Over Year. March 2026.

3

State of AI 2026 Report. AvePoint. June 2026.

NHI Governance

Use Cases

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
NHI Ownership
Assign accountable human owners to every non-human and AI identity, ensuring credentials, service accounts, and agents never operate without oversight.
NHI Hardening & Hygiene
Strengthen credential security, reduce excessive access through least-privilege controls, and continuously govern NHIs to minimize risk and close unintended Paths to Privilege™
Identity Lifecycle Governance
Retire stale, orphaned, and abandoned identities before they become active risks, and govern NHIs and AI agents through every stage of their lifecycle.

"Seeing non-human identities (NHIs) was only half the equation. The other half is doing something about the privilege they carry at scale: deciding who owns each one, pulling back the privilege they aren't using, and retiring the ones that should not exist... That's managing NHIs at machine scale, on the same Pathfinder Platform that secures privilege for every identity, in every environment."

Beyond Trust B Hex Orange

— Marc Maiffret, Chief Technology Officer, BeyondTrust

Non-Human Identities Are Everywhere. Governance Isn't.

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Service accounts, API keys, OAuth clients, workload identities, and AI agents outnumber employees by orders of magnitude. Inventorying them doesn't reduce risk—it only exposes it.

Standing Privilege Without Ownership
NHIs are created constantly by developers, SaaS integrations, automation, and other machines. Each may hold privileged access, yet few are assigned accountable owners, reviewed regularly, or governed.
Weak Credential Hygiene
Many NHIs receive credentials on day one and keep them indefinitely. Without rotation, attestation, and continuous oversight, privileged access accumulates, becomes persistently exposed, and quietly expands the attack surface over time.
Orphaned & Abandoned Identities
Machine identities and AI agents often outlive the systems, projects, and people that created them. These stale identities continue to retain access long after their business purpose has ended.
SaaS-to-SaaS Supply Chain Attacks
Compromised OAuth tokens and application connections can provide direct access between trusted services. Because every action appears authorized, attackers can move data and perform actions without triggering traditional security controls.

Product Highlights

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

NHI Governance transforms identity visibility into action. Built on the same identity graph and relationship data that powers BeyondTrust Identity Security Insights®, it helps organizations assign ownership, enforce lifecycle controls, and govern AI agents using the context needed to improve hygiene, prioritize remediation, and reduce risk.

Gain accountability over each NHI

BeyondTrust NHI Governance establishes and enforces human ownership for every non-human identity. Each identity answers to someone. Nothing runs unowned.

With clear accountability, organizations can review access, validate business need, and ensure identities never operate without oversight.

Learn More

Govern identities beyond creation

Mature controls beyond inventory by continuously managing identities through their lifecycle. Prioritize high-risk identities for review, improve credential hygiene through rotation, and reduce excessive access and potential escalation paths with least-privilege controls that limit unnecessary exposure.

Learn More

Extend privilege-centric identity governance to agentic access

Retire what shouldn't exist; govern what should. Bring AI agents under formal governance with dedicated identities, accountable ownership, and defined access rights. Review, modify, and retire agents as requirements change, ensuring autonomous systems operate within established security boundaries.

Learn More

A one-platform approach to Identity Security

The BeyondTrust Pathfinder Platform unites our best of breed security solutions (including NHI Governance) under a single console, delivering a streamlined experience that enhances operational agility, while also bringing shared, intelligent context across all our products to unlock powerful synergies. With our integrated Pathfinder platform, customers can benefit from the broad and deep capabilities reflected in our multicategory identity security leadership, and leverage the fastest time-to-value via a unified approach to manage their entire identity attack surface.

Learn More

Gain accountability over each NHI

BeyondTrust NHI Governance establishes and enforces human ownership for every non-human identity. Each identity answers to someone. Nothing runs unowned.

With clear accountability, organizations can review access, validate business need, and ensure identities never operate without oversight.

Govern identities beyond creation

Mature controls beyond inventory by continuously managing identities through their lifecycle. Prioritize high-risk identities for review, improve credential hygiene through rotation, and reduce excessive access and potential escalation paths with least-privilege controls that limit unnecessary exposure.

Extend privilege-centric identity governance to agentic access

Retire what shouldn't exist; govern what should. Bring AI agents under formal governance with dedicated identities, accountable ownership, and defined access rights. Review, modify, and retire agents as requirements change, ensuring autonomous systems operate within established security boundaries.

A one-platform approach to Identity Security

The BeyondTrust Pathfinder Platform unites our best of breed security solutions (including NHI Governance) under a single console, delivering a streamlined experience that enhances operational agility, while also bringing shared, intelligent context across all our products to unlock powerful synergies. With our integrated Pathfinder platform, customers can benefit from the broad and deep capabilities reflected in our multicategory identity security leadership, and leverage the fastest time-to-value via a unified approach to manage their entire identity attack surface.

Other Recommended Products

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Identity Security Insights

See and understand the access escalation pathways of identities—even across domains—to gain unrivaled control over your identity attack surface.

Endpoint Privilege Management

Enforce least privilege dynamically to prevent malware, ransomware, and identity-based attacks, achieve compliance across Windows, macOS, and Linux endpoints, and enable your zero trust strategy — without compromising on productivity.

The New Frontier of Identity Is Non-Human. Meet the Governance Built for It.

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Request early access to NHI Governance.

Extend the accountability, least-privilege controls, and lifecycle governance long applied to human users to every NHI and AI agent.

Learn More

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Blog
A Security Researcher’s Guide to Understanding Copilot Studio AI Agents
Blog
Detecting Hidden Privilege with Machine Learning: Anomaly Detection in BeyondTrust’s True Privilege Graph
Blog
Salesforce Access Risk: How Hidden Permissions Create Security Blind Spots
Blog
Claude & Control: An Introduction to Agentic C2 with Computer Use Agents
Press & Media
The Most Powerful Actor on the Endpoint Is No Longer Human. BeyondTrust Secures It.
Press & Media
BeyondTrust Selected for Anthropic's Project Glasswing to Help Secure Critical Digital Infrastructure
Press & Media
BeyondTrust Expands Identity Security Risk Assessment with New Five-Pillar Framework for Human, Non-Human, and AI Identities

FAQs

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Non-human identities (NHIs) are machine-based identities used by applications, services, workloads, automation, and AI systems to authenticate to other systems and perform actions without direct human interaction. Typically secured with API keys, secrets, tokens, or certificates, NHIs now outnumber human identities and represent a rapidly expanding identity attack surface.

NHI Governance will be a module on the BeyondTrust Pathfinder platform that governs the non-human identities operating across cloud, SaaS, and on-premises environments, including service accounts, API keys, OAuth clients, workload identities, and AI agents. It extends the privilege centric discipline BeyondTrust has run for over two decades to the class of identity that now far outnumbers employees in nearly every organization.

Yes. AI agents are one of the fastest-growing classes of non-human identity. NHI Governance brings them under the same governance as other non-human identities, with their own credentials and their own access, rather than treating them as an afterthought of existing identity tools.

NHI Governance, which is part of the BeyondTrust Pathfinder Platform, is planned for general availability in Fall 2026.

Organizations can request early access to NHI Governance by completing the forms on this page or through their BeyondTrust account team.

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.