Six months ago, identity-based attacks followed patterns you could model on a whiteboard. Credential stuffing. Session hijacking. Phished MFA tokens. The techniques evolved, but every one of them had a playbook. However, we observed two identity risks that have surfaced since then that don't—and they share one trait: no detection rule existed for either of them when they first appeared in the wild since neither was a “traditional” identity.

One customer surfaced an agent that quietly gained write access to dozens of applications in under a week. No credential theft. No MFA bypass. Just permission creep no rule was looking for. AI agents are accumulating permissions across SaaS environments with no human reviewing scope and in the process, becoming a key risk surface.

The novel second risk are synthetic job candidates: AI-generated resumes, AI-coached screening calls have resulted in real offers extended to people who don't exist. By the time someone flags the anomaly, the "employee" has a legitimate identity in the directory and system access to match.

Traditional rule-based systems need someone to write the rule before catching the attack. Behavioral AI doesn't wait. It baselines what normal looks like for a given identity, communication pattern, or access behavior—and flags deviations before the threat even has a name.

When Abnormal identified AI agent permission accumulation as a real vector, detection didn't require a new product cycle. The behavioral foundation already understood identity, access, and deviation from baseline.

You don't write a new playbook for every emerging threat. You build a system that doesn't need one.

See the latest from Abnormal's product and engineering teams.