On July 28, 2025, OWASP released version 1.0 of its Securing Agentic Applications Guide, offering fresh security guidance for large language model agents and agentic workflows. This important document serves as the most up‑to‑date security baseline for anyone building or deploying agentic AI systems and MCP servers. Below are key practical takeaways for AppSec teams working with non‑human identities and secrets to enable Agentic AI in production.
Enterprise Security for AI Agents & Non-Human Identities
1. Prioritise Secure Secrets Management From Design Onward
OWASP stresses that secret hygiene must start in the design phase. The guide recommends avoiding hardcoded secrets and encourages the use of environment variables, dependency‑injection and dedicated secrets managers such as AWS Secrets Manager, Google Secret Manager or HashiCorp Vault. It emphasises that every component should run with the minimum permissions necessary. This early focus on least privilege helps contain blast radius if an agent is compromised.
“Secure Key Management: Avoid hardcoding secrets. Use environment variables, dependency injection, or dedicated secrets management services… Ensure components run with the minimum permissions necessary”.
For teams building agentic apps, this means adopting secret‑management patterns from day one and automating delivery through secure channels rather than embedding secrets in code or configuration.
2. When Possible, Adopt JIT Access and Short‑Lived Credentials
The guide emphasises just‑in‑time (JIT) access to minimise the window of misuse. Instead of long‑lived secrets, agents should use short‑lived tokens or temporary cloud credentials (e.g., AWS STS or GCP IAM tokens) that expire automatically. This principle of least privilege in time complements least‑privilege access scopes and helps contain secret leakage.
3. Use Managed Identity Services and Apply Granular RBAC
The guide recommends using managed identity services, such as AWS IAM roles or Azure Managed Identities, to avoid embedding secrets into code. It calls for role‑based access control (RBAC) with granular roles specific to agent functions. Permissions should be strictly separated into read versus write and audited regularly. OWASP also advocates issuing temporary credentials with limited scope and lifetime.
“Use managed identity services… Configure cloud providers’ identity services instead of embedding credentials. Apply Role‑Based Access Control… Grant only the minimum necessary permissions… Separate read and write access”.
4. Manage NHIs Just Like You Do Human Identities
One of the most important recommendations as we see it is OWASP’s call to manage non‑human identities. The guide notes that each agent or service requires a distinct, manageable identity for secure interactions and that these machine identities must be treated “with the same rigor as human identities”. They should be provisioned securely, have their credentials stored and rotated via secret managers, and be de‑provisioned when an agent is retired to avoid orphaned identities.
“Managing Non‑human Identities: Each agent instance or service requires a distinct, manageable identity… These machine identities… must be treated with the same rigor as human identities, involving secure provisioning processes, robust credential management (including secure storage and regular rotation of keys/tokens using secrets managers) and reliable de‑provisioning”.
5. Improve Runtime Observability and Anomaly Detection
OWASP highlights the importance of continuous monitoring and anomaly detection. It recommends scanning LLM prompts and responses for jailbreak patterns, policy violations and PII, logging all tool API calls and parameters, monitoring plan execution and memory updates and integrating with SIEM solutions.
Final Thoughts: Enters Entro
OWASP’s Securing Agentic Applications Guide makes it clear: a key part of securing agentic AI hinges on strong secret hygiene and non-human identity governance. Practices like least privilege, JIT access, managed identities, and full NHI lifecycle management are essential to reducing risk.
Entro helps organizations put these principles into practice.Our platform discovers exposed secrets and manages NHIs from creation to de-provisioning, while continuously monitoring for abuse and behavioral anomalies using the proprietary NHIDR™ engine. With Entro, application security teams can align with OWASP’s guidance and safely scale agentic AI.
Read how these risks are playing out at scale, Agentic AI is driving NHI to Human ratio up to 144:1 Get Entro’s H1 2025 Risk Report
