AI Runtime Security & Agentic Zero Trust
Key Questions
What is the primary focus of the AI Runtime Security & Agentic Zero Trust highlight?
The highlight covers the most active domain of AI runtime security, emphasizing agentic zero trust architectures, non-human identity (NHI) management, and emerging frameworks like CoSAI for shared responsibility.
What new identity solutions are mentioned for AI agents?
Google Agent Identity uses SPIFFE-based approaches, while Kagenti provides practical zero trust implementations with Keycloak and AuthBridge to address the confused deputy problem in multi-agent systems.
Why is identity lifecycle management insufficient for AI agents?
Traditional IGA systems were designed for human users with employment records and managers, leaving gaps in handling autonomous AI principals that require cryptographic identity and auditable delegation.
What challenges do federal agencies face with AI agents in zero trust environments?
Agencies manage up to 7.4M auth events per day and need cryptographic identities plus auditable delegation, as current systems struggle with the scale and autonomy of AI agents.
How is BlueVoyant supporting AI agent security in Microsoft environments?
BlueVoyant launched a 90-day AI agent security service integrating Entra, Defender, and Purview to address visibility and lifecycle gaps for non-human identities.
What does the Renown Health case study demonstrate?
It shows successful IAM modernization efforts that incorporate AI agent governance alongside traditional identity controls in a healthcare setting.
What key insight does the article 'Identity: The operational control plane for agentic AI' provide?
It offers a five-layer framework showing that static credentials and standing privileges are inadequate, positioning identity as the primary operational control plane for AI agents.
What endpoint coverage gap is highlighted by Axonius and Ponemon research?
The research reveals a 12.7% gap in endpoint coverage, underscoring visibility challenges that extend to unmanaged machine identities and AI agents.
Most active domain. Key new: Google Agent Identity (SPIFFE-based), Axonius/Ponemon endpoint coverage gap (12.7%), Cisco NHI acquisitions (Astrix, WideField). Federal zero trust challenges with AI agents (7.4M auth events/day, need for cryptographic identity and auditable delegation). Identity Lifecycle Management gap for AI agents (IGA not built for autonomous principals). CoSAI framework for AI shared responsibility (Chuvakin). Renown Health case study on IAM modernization with AI agent governance. NetApp's zero trust for AI agents emphasizes MCP servers as security boundary. ITDR for cloud primer reinforces identity as primary vector. Zscaler CISO interview (Sam Curry) on AI adversaries chaining exploits at machine speed. Practical deep-dive on solving confused deputy problem in multi-agent AI systems using Kagenti's SPIFFE-based identity, Keycloak, and AuthBridge. New: Practical Zero Trust architecture guide with Entra ID for UK SMEs. KPMG article on NHI challenges highlights transparency gaps, regulatory pressure (DORA, NIS2). Identity data article reinforces identity as primary vector. This week's roundup: AI-generated ransomware using browser APIs, prompt injection via role confusion, Anthropic's jailbreak severity scale. CrowdStrike Falcon Secure Access uses JavaScript runtime injection to secure any browser. New articles: 'The agentic blind spots in your zero trust program' reinforces identity lifecycle gaps; 'Identity: The operational control plane for agentic AI' provides a five-layer framework; BlueVoyant launches AI agent security service for Microsoft environments (90-day engagement with Entra, Defender, Purview integration). A new NHI piece reinforces visibility and lifecycle gaps with operational guidance. New: ModelCop launches AI agent security platform targeting $25B NHI market, citing 45:1 machine-to-human identity ratio and OWASP Agentic AI Top 10 alignment—concrete product addressing lifecycle and blast radius gaps.