For example, within an MCP environment, an AI agent might monitor system usage patterns and, upon
            detecting  performance  degradation,  proactively  open  a  ticket  in  your  ITSM  platform,  scale  out
            infrastructure via your cloud provider’s API, and update an internal dashboard to reflect the change, all
            without human intervention. This kind of automation is powerful; but consider the permissions that were
            granted to facilitate this ability: read production environments logs and metrics; write access to ITSM;
            modify production deployment configurations.

            Now consider that in the rush to implement and utilize, many would simply give free reign to the agent by
            providing their own credentials, or provisioning access through largely over-permissive identities. It is
            increasingly difficult to navigate modern IAM requirements. What’s more concerning is that these agents
            often operate in the background, in bulk, and outside of standard security controls. Their activity is under-
            logged and their behavior remains essentially unmonitored.


            Giving  AI  agents  the  keys  to  the  kingdom  without  visibility  or  guardrails  could  have  severe  security
            consequences. Organizations should treat these identities as high-risk actors, applying least privilege,
            robust logging, and constant oversight to ensure safety and control.



            Coming Next

            AI is moving fast, but if identity isn’t part of the plan, risk moves faster. Security leaders need to know
            where AI is running, what it can access, and who—or what—it really is.

            Part Two, for future publication, takes it further, diving into how to bake security into AI automation from
            the start, including best practices for managing machine identities and protecting the credentials that
            power these tools.



            About the Author

            Amit Zimerman is the Co-Founder and Chief Product Officer at Oasis
            Security. He is a seasoned leader with a diverse technical and product
            background.  Before  co-founding  Oasis,  he  played  pivotal  roles  at
            CyberMDX,  and  Microsoft,  bringing  a  wealth  of  product  and  security
            expertise. Amit also had significant contributions during his seven-year
            tenure in Israeli Military Intelligence forces as a leader of some of the
            high-profile cyber projects at the time.

            Amit can be reached online at [email protected] and at our company
            website https://www.oasis.security/














            Cyber Defense eMagazine – September 2025 Edition                                                                                                                                                                                                          284
            Copyright © 2025, Cyber Defense Magazine. All rights reserved worldwide.