The Labubu Blind Box For Your Enterprise: Unmasking AI Agents Across Industries
Okta, Thursday, July 31st, 2025
Imagine you're a security or IT leader, and your organization's digital landscape is like a collection of Labubu blind boxes. Each box represents a new AI agent or automated workflow. You know there's a non-human identity (NHI) or machine learning model in there, and it's intended to do something beneficial, like accelerate the US Department of Defense's financial audits or analyze retail customer feedback. But, like with Labubu, its identity and full characteristics aren't immediately apparent until you look within.
Just as Labubu figures range from common to highly sought-after "secret," "hidden," or "chase" editions, NHIs come with varying levels of risk and visibility.
Many are "common" NHIs, easily deployed but often with overly broad permissions and minimal monitoring, making them simple targets for exploitation. This is a common pitfall observed in rapidly deployed Internet-of-Things devices in manufacturing or customer service chatbots in retail and public administration.