CybersecurityEnterprise

When AI Agents Inherit Your Identity Dark Matter

Techstrong TV (DevOps.com)
Techstrong TV (DevOps.com)Jun 10, 2026

Why It Matters

The surge of AI agents expands unseen privileged identities, forcing enterprises to adopt next‑gen identity orchestration or risk unmanageable security blind spots.

Key Takeaways

  • Identity “dark matter” hides 57% of enterprise credentials
  • AI agents double identity count, amplifying security blind spots
  • Orchid Security’s 2026 report shows 67% non‑human identities invisible across enterprise systems
  • Traditional IAM tools can’t scale to agentic workforce
  • Orchid offers a control plane to operationalize AI‑driven identities

Summary

Orchid Security, a two‑year‑old identity‑orchestration startup, released its 2026 Identity Dark Matter report, highlighting how AI‑driven agents are reshaping enterprise identity management.

The study found that only 57 % of an organization’s identities are visible, while 67 % of the hidden identities are non‑human, created by services, bots and now autonomous AI agents. These agents effectively double the number of identities per employee, introduce excessive privileges, and expand the “dark matter” that security teams cannot audit.

Roy Catmore explained that traditional authentication flows—like a six‑digit bank code—create hidden tokens that slip past existing controls. He noted that AI agents act as hybrid actors: fast like bots but capable of improvisation, which multiplies risk and makes the visibility gap grow year over year.

For CISOs, the report signals that legacy IAM and PAM tools will soon be obsolete. Orchid’s control‑plane platform promises to operationalize both human and agentic identities, offering real‑time delegation, context‑aware access decisions, and built‑in governance for the emerging AI‑centric workforce.

Original Description

Enterprises can see less of their identity environment every year, and agentic AI is about to make it dramatically worse. Roy Katmor, CEO and Co-Founder of Orchid Security, joins Alan Shimel on TechStrong TV to walk through Orchid's 2026 Identity Gap report — a snapshot of what they call the "identity dark matter" hiding inside modern enterprises. Only 57% of enterprise applications are actually visible to a central identity provider, 67% of non-human identities authenticate locally outside any IdP, 40% of accounts are orphaned, and 70% of apps carry excessive privilege. Now layer on agentic AI — fast, improvising, and acting on behalf of humans and services — and the traditional "who has access" question collapses. Roy explains why identity has to move from static entitlements to continuous, intent-aware delegation, and how Orchid's identity orchestration and control plane is built to operationalize that across humans, non-humans, and AI agents.
In this conversation, Roy and Alan cover:
• What identity dark matter is and why it grows every year
• Inside the 2026 Identity Gap Report: 57% visibility, 67% local non-human auth, 40% orphan accounts
• Why agentic AI is a new kind of non-human identity — fast and improvising
• AI scale: when every employee has dozens of agents, legacy IAM breaks
• Moving from 'who has access' to 'what authority is delegated, under what conditions'
• How Orchid orchestrates identity across humans, non-humans, and AI agents
Chapters:
00:00 Welcome back to TechStrong TV
00:55 Roy's background and the origin of Orchid Security
02:30 What identity dark matter actually means
04:30 Inside the 2026 Identity Gap Report
07:30 Why agentic AI multiplies the identity problem
10:00 AI scale and the limits of legacy IAM
11:30 How Orchid operationalizes enterprise identity
14:30 Why PAM and IGA fall short without visibility
16:00 Where to find the report — Identiverse and Black Hat
Guest: Roy Katmor, CEO & Co-Founder, Orchid Security — https://www.orchid.security
Host: Alan Shimel, TechStrong Group
Subscribe to TechStrong TV for more interviews with the leaders shaping enterprise tech.
#IdentitySecurity #AgenticAI #IAM #Cybersecurity #TechStrongTV

Comments

Want to join the conversation?

Loading comments...