◈ AI Security Intelligence ← All terms
Defense  ·  Glossary

Zero Standing Privilege

Definition
A security principle where users, services, or AI agents are never granted permanent access privileges. Instead, access is granted only at the moment it is needed, verified in real time, and revoked immediately after use. No credential is ever held for longer than necessary.
Why it matters
Standing privileges (passwords, API keys held indefinitely) are the default in most enterprises, but they become dangerous at scale when thousands of autonomous AI agents hold them. Zero standing privilege eliminates the possibility of long-term credential compromise.
Demonstrated by recent findings
CrowdStrike Continuous Identity for AI Agents — Real-Time, Zero-Standing-Privilege Authorization via SPIFFE (Identiverse 2026)
Findings on this topic (3)
CrowdStrike Continuous Identity for AI Agents: Real-Time SPIFFE-Based AuthorizationShadow-Aether Campaigns: Active AI Agent Attacks Across Latin America — Full-Chain Threat Automation Using Jailbroken ClaudeUK AI Security Institute: Frontier Models Have Broken All Prior Trend Lines for Autonomous Cyber Capability
References
Keeper Documentation: Just-In-Time Access and Zero Standing Privilege
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →