From NHI Security to the Identity Platform for Everything That Isn't a Person

It's rare to build a company around one of the oldest unsolved problems in cybersecurity and find yourself, two years later, best positioned to solve the newest one. That's what happened with Clutch. We set out to secure non-human identities, and the work we did there put us directly in the path of agentic AI. That’s not by accident. It is because agents and NHIs are the same problem at different layers.

But let me start from the beginning.

Service accounts have been a problem since Windows NT4. Machines needed credentials to talk to other machines, so admins created accounts, gave them passwords, and moved on. Most of those passwords never got changed. Most of those accounts never got reviewed. That was the mid-1990s.

Every technology wave since then made it worse. Cloud brought access keys. SaaS brought OAuth apps. CI/CD brought pipeline tokens. Containers brought workload identities. Each wave added a new category of non-human identity, and each one followed the same lifecycle: someone creates it, it works, everyone forgets about it. Everyone in this industry throws around a ratio. 45:1. 82:1. 100:1. The specific number doesn't matter. There are a lot of them, and almost none have an owner, an expiration, or any governance.

Why We Built Clutch

We built Clutch because we had been on the other side of this problem for years. I spent my career doing incident response and cybersecurity posture engagements for Fortune 500 companies, helping them shape their security programs for the next generation of attacks. My co-founders built enterprise security products from the ground up. Between us, we had seen what happens when a forgotten service account key becomes an attacker's entry point, and we had seen how wide the gap was between human identity security (mature, well-funded, well-tooled) and non-human identity security (basically nothing).

The core of what we built was Identity Lineage®: the ability to trace every non-human identity to its origin, the people connected to it, where it's stored, what consumes it, and what resources it can reach. Not just an inventory. A full map of context, because context is what turns a list of hundreds of thousands of service accounts into a prioritized set of risks you can actually act on.

Then Agents Changed the Equation

Agentic AI is not just another technology wave that adds more credentials to manage. It is fundamentally different. Agents have agency, they make decisions. They take actions. And the way they take those actions is through non-human identities. An AI agent that books meetings uses an OAuth token. An agent that queries your production database uses a service account. An agent that deploys code uses an access key. The underlying mechanism is the same credential layer that has existed for decades.

But agents add autonomy. A service account sits there until something calls it. An agent decides what to call, when, and why. It inherits permissions from the person who deployed it, uses NHI credentials to authenticate, and acts on its own. The boundary between human identities and non-human identities, which used to be clear, is gone. Agents sit in the middle. They bridge the two.

And they are everywhere. Coding agents on developer endpoints. Salesforce Agentforce and Microsoft Copilot in SaaS. AWS Bedrock and Google Vertex in the cloud. LangChain and custom frameworks running self-hosted. Four different categories of agents, but one common denominator: every single one uses non-human identities to do its work.

Identity Is Now a Continuum

The evolution of our platform followed the logic of the problem. We started with NHIs, the layer where things happen: service accounts, API keys, OAuth apps, tokens. Then we expanded into secrets, because what is a "secret"? It's a generic word for a programmatic way to authenticate. Secrets are the bridge between storage and access. They live in vaults, in code, in config files, in Slack messages. Understanding where they are, who owns them, and whether they're still active is inseparable from understanding non-human identities.

Agentic AI was the natural next step. Agents consume NHIs. They create new ones. They act through them. If you already have the deepest understanding of the credential layer, mapping what every identity connects to and what damage a compromise would cause, extending that to agents is not a leap. It's one more hop in the lineage: person to agent to tool to identity to resource.

When customers started telling us we were the farthest ahead in both NHI security and agentic AI security, it confirmed what we already suspected. The companies that understand identity context deeply are the ones that will secure agents well. You can't bolt agent security onto a product that doesn't understand the credential layer underneath.

What the Market Gets Wrong

We have watched this space long enough to see the same mistakes repeat. With NHIs, the popular answer was rotation. We spent an entire masterclass debunking it, because rotation at scale causes more outages than it prevents, and the real goal is elimination through ephemeral credentials, not periodic password changes.

Now we see the same pattern with agents. The pitch from some vendors is just-in-time credential provisioning: automatically provision a perfectly scoped, short-lived token for each agent action, then revoke it after use. It sounds elegant. But think about what it actually requires. You need an intent-based policy engine that somehow understands what an agent is about to do, provisions a correctly scoped token in milliseconds, and revokes it immediately after. Setting aside the question of whether that's even technically feasible at enterprise scale, it misses the bigger problem entirely. Agents can be prompt-injected. If an attacker manipulates the agent's instructions, the agent will carry out the attack using that perfectly scoped, just-in-time provisioned token. It will just do it in a very secure way. JIT doesn't solve the threat. It gives you a false sense of control over something you haven't actually contained. There’s a masterclass for this as well.

We built Clutch for practitioners. People who secure real environments with real constraints. Not idealized architectures where every secret is vaulted and every permission is least-privilege. Some enterprises have secrets in 1Password, Confluence, and hardcoded in config files. Some have agents deployed by developers who never told security. Some have service accounts created by people who left three years ago. That is the starting point, and any platform that pretends otherwise is solving a problem that doesn't exist.

Where We Are Now

Today, Clutch is three things: non-human identity security, secret security, and agentic AI security. One platform, built on a shared foundation. Identity Lineage® maps the full chain across all three domains. Every integration we add deepens the context for every customer. Every detection rule, every risk assessment, every governance workflow works across identities, agents, and secrets because the underlying data model was designed to treat identity as a continuum from the start.

The new website reflects where we are. Three pillars. One platform. Built by people who spent their careers on this problem before it had a name.

We are still early. The agent ecosystem is moving fast, the threat landscape is evolving, and enterprises are figuring out how to adopt AI without losing control. But the foundation is identity. It always has been.