Term · 27. Emerging Categories 2024-2026

Identity Sprawl

IDM/IGA Domain

JML NHI OWASP Introduced by: Gartner

Definition

Phenomenon of identity proliferation across disconnected systems — every cloud platform, SaaS app, on-prem system creates local accounts unmanaged by central identity. Results in orphaned accounts, inconsistent access reviews, weak MFA coverage, and compliance gaps. Typical enterprise: 100+ identity stores, 10× more service accounts than employees.

Synonyms

Static Account Sprawl
NHI Sprawl

Application: Regulatory: Gartner Magic Quadrant / Hype Cycle · OWASP NHI Top 10 (2025) / SAMM

MidPoint: Identity sprawl is a tangle of unmanaged, poorly managed and/or isolated identities.

Standards & regulations

Gartner
OWASP

Related terms

AI Agent Credential Lifecycle Management

Specialised lifecycle workflows for AI agent credentials — provisioning short-lived tokens scoped to specific tasks, rot …
AI Agent Lifecycle Management

Discipline of provisioning, monitoring, updating, and decommissioning AI agents as first-class enterprise identities. Mi …
AI Agent Identity

Identity assigned to an autonomous AI agent acting on behalf of a human or workflow. Distinct from human identities (wit …
Non-Human Identity (NHI)

Identities for service accounts, API keys, OAuth client secrets, machine certificates, workload identities (AWS IAM role …
Application Access Governance (AAG)

Application-specific identity governance — managing entitlements within a specific application (Salesforce, SAP, Workday …
Cloud Access Security Broker (CASB)

Cloud Access Security Broker (CASB) — intermediary between users and cloud services (SaaS/IaaS) providing visibility, co …

← Back to glossary · Open in main list