AI Agents and Machines Can’t Keep Secrets

Modern infrastructure runs on machines talking to other machines. Containers call APIs. Pipelines deploy code. Services authenticate to databases and cloud platforms. And almost every one of those interactions relies on a secret: an API key, token, certificate, or password.

The problem is that machines are terrible at keeping secrets.

Developers accidentally commit them to GitHub. They show up in logs, config files, and containers. At scale, the leaks add up quickly. A 2025 Git Guardian report found more than 23 million new secrets exposed on public GitHub repositories, including API keys, tokens, and credentials that could potentially grant attackers access to critical systems.

This is the reality behind Gartner’s new report, Machines Can’t Keep a Secret: Use Managed Workload Identities. The research highlights a growing challenge for security leaders: workloads now outnumber humans in most environments, and every one of them needs credentials to operate. The result is an expanding attack surface built on secrets that machines were never designed to protect.

A Framework for Securing Workload Identities

Most organizations are still trying to manage machine access with techniques designed for a much smaller world. Rotate the secrets. Store them in a vault. Scan for leaks.

Meanwhile the number of workloads keeps climbing. Containers spin up and disappear. Pipelines trigger new services. Every connection needs credentials. Now add AI agents to the mix, with workflows that call APIs and trigger actions autonomously. 

The result is predictable. Secrets multiply, spreading across environments, tools, and codebases, giving them more places to hide and more chances to leak.

Gartner breaks the challenge into a series of stages organizations pass through as they regain control over workload identity security. Early efforts focus on visibility and managing credentials. Later stages move toward identity-based access, short-lived credentials, and centralized governance.

Phase 1: Establish Governance and Standards

In most environments, machine identity has grown without a clear owner. Teams create service accounts, issue API keys, and wire up integrations as needed. It works, until it doesn’t.

Gartner’s guidance for the first phase is organizational. Establish ownership and define standards. Make managed workload identities the default for new systems, especially in high-risk areas like CI/CD pipelines, internet-facing services, and privileged automation.

Phase 2: Assess Current Exposure

Once teams start looking closely, they realize there is no single place that shows all machine identities or secrets. They are scattered across source code, CI/CD pipelines, container images, infrastructure templates, and cloud environments.  Some are active, others have been sitting for years. Many have no clear owner.

Gartner frames this as the point where teams “stop the bleeding.” That starts with building an inventory and mapping each identity to what it does, where it runs, and who owns it. In practice, discovery is not the hard part. Context is. Which identities and secrets are still in use? Which are overprivileged? Which are exposed? 

Phase 3: Prioritize by Risk and Business Impact

Not every workload carries the same risk, and treating them equally slows everything down. Gartner’s guidance is to focus on the identities and secrets that, if compromised, would have the greatest impact on the business. Public-facing APIs, for example, act as entry points into systems. CI/CD pipelines can leak credentials through logs or artifacts. Privileged service accounts often have broad access to sensitive data and systems. Cross-cloud and third-party integrations involve trust boundaries that can be vulnerable.

Phase 4: Implement Workload IAM for Modern Platforms

Up to this point, most of the work is about understanding and prioritizing the problem. In phase 4, Gartner advises moving to workload IAM with full lifecycle control, provisioning, rotation, revocation, and audit, all handled in a consistent, automated way.

For example, cloud platforms issue identities to workloads instead of using stored credentials. A CI/CD pipeline authenticates via OIDC and receives a short-lived token at runtime. Kubernetes workloads use service accounts with automatically rotated credentials.

The goal is to eradicate the use of static secrets in new workloads and instead issue just-in-time credentials that expire quickly. That shift lowers the risk profile immediately.

Phase 5: Contain Legacy Dependencies

There will always be systems that require static credentials. Legacy applications, third-party integrations, or environments that just can’t support modern identity frameworks. Gartner’s guidance is to accept this reality and handle these exceptions deliberately, with strict controls around how they are used.

This means centralizing where secrets live, rotating them frequently, and delivering them only when needed, with strong monitoring around their use. Controls like just-in-time access, audit trails, and continuous scanning help contain the risk.

Where Many Organizations Get Stuck

Most teams make it through discovery, start prioritizing risk, and then progress stalls.

Machine identities and secrets are spread across multiple vaults, clouds, and a mix of legacy and modern systems. Each environment handles credentials, policy, and access differently. One team might use a cloud-native secrets manager. Another relies on a different vault. A third builds something into their pipeline. The resulting fragmentation makes control and governance difficult to enforce.

From Framework to Implementation

Gartner outlines a clear path. The challenge is executing it across fragmented environments. This is where a unified identity platform like Akeyless becomes critical.

Gartner Phase	What It Requires	How Akeyless Supports It
Phase 1: Establish Governance and Standards	Centralized ownership, consistent policies, and clear architectural direction	Multi-Vault Governance provides centralized visibility and policy enforcement across AWS, Azure, GCP, HashiCorp Vault, Kubernetes, and more
Phase 2: Assess Current Exposure	Inventory of machine identities, secrets, ownership, and risk	Unified discovery and visibility across all secrets, identities, and vaults, including external systems
Phase 3: Prioritize by Risk and Business Impact	Focus on high-risk workloads, privileged access, and exposed systems	Granular policy engine, access controls, and identity context to enforce least privilege and reduce high-risk exposure
Phase 4: Implement Workload IAM for Modern Platforms	Short-lived credentials, identity-based authentication, lifecycle automation	Secretless authentication, workload identity federation, and automated credential lifecycle management
Phase 5: Contain Legacy Dependencies	Secure and control static secrets that cannot be eliminated	Centralized vaulting, automated rotation, just-in-time access, and full audit visibility across legacy systems

The Next Phase: Identity Security for Autonomous Systems

Gartner’s report focuses on machine workloads, but enterprises are starting to deploy AI agents that operate across systems, call APIs, and take action without direct human input. Each one introduces a new identity. 

That quickly changes the scale from thousands of machine identities to millions of short-lived, autonomous ones. At that point, managing stored credentials stops working completely. The model needs to change before that happens. Access must be issued at runtime, tied to context, and expire quickly.

 ➪Download the full Gartner report to explore the framework in detail.

That transition does not happen all at once. Most organizations operate in both worlds. Modern workloads move toward identity-based access, while legacy systems still rely on static credentials that need tight control. As automation expands, that balance becomes harder to maintain.

Akeyless is built to secure access for machines, AI agents, and humans. It enables identity-based access through secretless authentication, workload identity federation, and short-lived credentials. At the same time, it helps contain what cannot yet be modernized, with centralized governance, automated rotation, just-in-time access, and full audit visibility across every vault and environment.

As AI agents move from executing tasks to taking actions, access alone is no longer enough. Security must evaluate intent and enforce policy at the moment of execution. Akeyless extends identity security into runtime with Agentic Runtime Authority and Agentic Identity Intelligence, enabling real-time authorization, continuous monitoring, and the ability to stop unsafe actions as they happen. 

Request a demo to see how Akeyless supports every phase.

Frequently Asked Questions