The bottom line: Agent identities must be integrated into a consistent, identity-based security strategy, as they operate on the same critical paths through cloud and development environments as compromised user identities.
Agent-based AI systems have reached productive deployment in 2025 and are granted the same broad permissions as human developers. The security question thus shifts from the agent’s performance to the privileges of its identity and the systems it can reach through trust relationships.
Autonomous AI agents have evolved from pure assistive functions into standalone systems that write and deploy production code, provision infrastructure, and access productive data repositories. In doing so, these agents operate with the same permissions and on the same paths as senior developers – and thus become legitimate identities in an organization’s access control model.
The central security danger does not lie in the agent’s reasoning capability, but in the fact that its identity can act equally across cloud, development, and production environments. Developer and agent identities frequently sit directly on attack paths to critical systems: they provision infrastructure, retrieve secrets, trigger pipelines, and inherit the trust of other services. If these identities are overprivileged, compromised, or manipulated, the attack follows the same trust relationships – from one identity to a system, from there to the next trust boundary.
For CISOs in Germany and Europe, this challenge is intensified by regulatory requirements. GDPR, EU AI Act, and sector-specific mandates such as KRITIS demand strict access controls, while at the same time hybrid cloud environments and decentralised development teams increase operational complexity. Agent identities must not be treated as a special case, but must be integrated into a consistent, identity-based security strategy.
The concrete starting points are clear: organisations must continuously analyse which identity can reach which systems and through which trust relationships this occurs. This requires a shift from static privilege management to permanent mapping of actual attack paths. Those who identify and proactively secure the most critical paths create the conditions to deploy agent-based AI systems productively while maintaining control over identity infrastructure.
Source: www.it-daily.net · Published 1 July 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.2.