AI Prototype: Non-Human Identity (NHI) Risk Analyzer

The Problem Most Enterprises Miss

While user identities are heavily governed, non-human identities (NHIs)—such as service accounts and API keys—often remain overlooked.

n many environments, I’ve observed:

• Service accounts running for years without review

• API keys with high privileges and no clear ownership

• Credentials that are rarely used—but never revoked

Unlike human identities, these do not trigger obvious alerts.

They don’t fail loudly—they quietly expand your attack surface.

The Idea

This led me to explore a key question: Can AI help detect risk in non-human identities using simple contextual signals?

Instead of relying on manual audits, I built a lightweight prototype that:

• Identifies risky service accounts and API keys

• Explains why they are risky

• Recommends actionable remediation

How I Built It

To keep the prototype fast and practical, I used:

• Streamlit → to build an interactive UI

• GitHub → for version control and deployment

• OpenAI API → for intelligent analysis and reasoning

• Python (Pandas) → for data processing and risk scoring

Simulating Enterprise NHI Data

I created a simple dataset representing:

• Service accounts

• API keys

• Last usage (in days)

• Privilege level

• Ownership

Even with minimal data, the goal was to test: Can meaningful risk patterns emerge from basic signals?

Turning Signals into Risk Intelligence

The system evaluates risk in two layers:

1. Deterministic Risk Scoring

Basic rules:

• High privilege → increased risk

• Inactivity (>90 days) → increased risk

• Missing owner → critical risk

This produces a risk score per identity

2. AI-Powered Reasoning

The enriched data is sent to the OpenAI model, which:

• Identifies high-risk identities

• Explains contributing factors

• Recommends actions such as:

  • Revoke unused accounts

  • Rotate API keys

  • Assign ownership

    
    

From Data to Insight

Using Streamlit, I built a simple interface:

• Upload CSV with NHI data

• View calculated risk scores

• Generate AI insights instantly

This transforms raw identity data into: Actionable security intelligence

Testing the System

High Risk

• Service account unused for 120+ days

• High privilege + no owner

Recommendation: Revoke or disable immediately

Medium Risk

• API key with high privilege but active usage

Recommendation: Apply monitoring and rotate periodically

Low Risk

• Active identity with assigned owner

Recommendation: No action needed

Key Insights

This simple prototype revealed:

• NHI risk is strongly driven by inactivity + privilege + ownership gaps

• AI can quickly convert raw identity data into clear decisions

• Many high-risk identities are invisible to traditional controls

The Bigger Shift in IAM

This exercise reinforced an important shift:

From:

• Human-centric identity governance

• Periodic reviews

To:

• Holistic identity security (human + non-human)

• Continuous risk evaluation

Why This Matters

For enterprises, improving NHI visibility means:

• Reduced attack surface

• Better control over service accounts and API keys

• Improved compliance and audit readiness

Most importantly: Security moves from reactive cleanup → proactive detection

Final Thought

Non-human identities are growing faster than human users in modern systems.

If we don’t govern them, they will become the weakest link in security.

AI gives us a way to finally bring visibility and intelligence into this space.