Identity becomes the control plane for enterprise AI security

The stolen credentials are responsible 80% of enterprise violations. Each major security dealer has become the same conclusion: identity is now a control plane for AI security. Approximately scale requires this change. 100,000 employees will manage more than one million identities when AI agents entered production.

Access control (IMAM) architecture to the traditional identity cannot be scale to ensure the spread of Agentic AI. With millions of autonomous agents that operate fast-operated by human level permits, thousands were built for thousands of human users. The response of the industry represents the most important Security transformation Since the adoption of the cloud calculation.

Substantiated substitutions in the nearby basis

Leaders are now using Bluetooth low energy Between devices and laptops (BLE) to prove physical proximity. Along with cryptographic personalities and biometrics, this creates four factor identification without the need for techniques.

Ciscon’s duo This demonstrates the update scale. Verification of their intimacy, with biometric inspection, provides phishing-sustainable identification using the winged proximity. This ability was opened Cisco Live 2025represents a key in the identification architecture.

Microsoft’s Entra ID Manages 10,000 AI agents in single pilot programs while processing 8 billion authenticity daily. “Traditional folder services were not for autonomous systems for autonomous systems that operate this rapidly,” Alex Simons, ID card in Microsoft.

Ping personality The Davinci Orchestra platform is pushing further. The system, more than 1 billion authentication incidents, AI agents are 60% of the traffic. When protecting cryptographic proof, each check ends in 200 millisals.

Behavioral analyst occupies soft agents in real time

Community AI evaluates agents as any other personality threat. Their hawk platform creates behavioral baselines for each agent within 24 hours. Deviations lead to an automated engine within seconds.

“AI agent is suddenly treated in the same way according to the credentials of an employee who is suddenly broken out of the patterned pattern.” The platform is watching the events related to 15 billion a day in the customer environment.

This speed is important. Crowdstritch of 2025 Global Threat Report These documents of enemies allow the initial access in less than 10 minutes. They move between 15 systems in the first hour. AI agents working with discounted identities increase this damage as an exponent.

Personality defect prevents catastrophic failures

Average 89 different identity stores in enterprise, cloud and sides on the ground Burnisher. This breakdown creates blind spots on the daily exploitation of enemies. Fix applies network principles to identity infrastructure.

Octa Advanced server accesses backup, cargo balancing and automated failures along the login, identity providers. When initial identification fails, the average systems activate 50 millisons. This is compulsory when AI agents operate in thousands per second.

“Personality is security,” October’s General Director Todd McKinnon said Octane 2024. “When transferred to the production of AI, you provide agents to access true systems, real data and customer information. You provide a discounted agent personality cascades in millions of automated actions.”

Zero trust scales for the recommendation of the agent

Palo Alto networks’ Cortex Xsiam perimeter leaves defense completely. The platform is working on a continuous compromise hypothesis. Each AI agent conducts verification before any action that conducts the verification before each move.

Mike Riemer, Field Ciso horse FeebleIn the last interview with Venturbeat, he strengthened the approach of zero confidence: “‘Never trust trust, always check’.

Ciscon’s Universal ZTNA This model extends to AI agents. The platform is expanding the automated AI systems and scale automated discovery and automated authorization, which covers Automated AI systems and zero confidence outside the IOT devices.

Automatic playboks immediately meet identity anomalies. If the harmful program identifies violations, XSIAM accepts and promotes the judicial analysis without human intervention. This zero delay reaction becomes an operating base.

Zscaler CEO Jay Chaudhry has set the main weakness Zenith Live 2025: “Network protocols are designed to allow reliable devices to communicate.

Universal ZTNA frames provides a million-agent placements

Architectural requirements are clear. Universal Zero Trust network access (ZTNA) Industry frames provide four opportunities that are important for the AI ​​environment.

Ciscon’s execution demonstrates the required scale. Their Universal ZTNA platform implements automated discoveries every 60 seconds, cataloging new AI placements and permission kits. This eliminates blind spots The attackers target. The Assembly Authorization Engine of Ciscon applies the limits of the lowest privilege through policy engines per second.

Comprehensive audit roads seize each agent for the investigation. Safety teams using platforms such as Cisco can reset millions of interactions. Native support to standards like Model context protocol Ecosystem provides interaction for their development.

Ivani approach complements these opportunities with AI-Powerli analysts. Daren Gooon, Product Management SVP in Ivii, “AI-powered endpoint security tools detect anomalies and clearly and more accurately and more accurately and more accurately identifying clear visibility, potential safety gaps on visibility, users and networks.”

Cisco’s AI Safety Architecture Sets Industry Direction

Cisco’s AI Secure factory places them as the first non-NVIDIA provider in NVIDIA’s reference architecture. By combining After the quantum encryption Cisco builds infrastructure to protect against new threats with new devices. Enterprise Takeaway: It is not optional to provide AI; Architecture.

In Cisco Live 2025, the company presented a comprehensive identity and AI security strategy that addresses each floor of the stack:

Announcement	The main problem is solved / strategic value	Technical details	Availability
Hybrid Mesh Firewall (including hypershield)	Distributed, fabric-native security; The safety takes the perimeter to the network fabric	EBPF-based application; Hardware acceleration	New Firewall: October 2025
Protect live	“45-day patch vs. 3 days maintenance” protects the cavity, fast, kernel level weakness	Patch in real time without restarting	Nexus OS: September 2025
SPLunk: Free Firewall Login Introduction	Reduces Siem to 80%; Cisco Firewall encourages adoption	Unlimited access input from Cisco Firewalls	August 2025
SPLunk: Observation for AI	Provides critical vision to AI stack performance	Follows GPU use and model performance	September 2025
Two	Develops from MFA to a full security-first iam platform	User directory, SSO, Identity routing engine	Now available
Duo: Proximity Verification	Provides phishing-continuous authentication without trading signs	BLE-based proximity, biometric inspection	The new duo part of iam
Duo: Personality Daisi	Applying to the risks of cutting critical IDPs	Recovery, load balancing and automated failure	In development
Cisco Universal ZTNA	Confidence in people zero confidence, iot / Oot devices and EU agents	Automatic discovery, entrusted permission	Ongoing evolution
Open Safety AI model	Democrats the AI ​​defense; 8B settings match 70b model performance	Works in CPU; 5b Security Tokens training	Available (embrace face)
AI Defense and Nvidia Partnership	AI provides development pipeline	Nvidia Nim Microservices Optimization	Now available
Post-quantum security	Proof against Quantum attacks	Macsec and Ipsec encryption	New devices (June 2025)
Identity intelligence	Continuous conduct monitoring	AI-Powered Anomaly Detection	Part of a security cloud
Reliable login	VPN and ZTNA converting their capabilities	Safe Input Service to the cloud provided	Now available

The seller accelerates collaboration

This Cloud Security Alliance Zero Trust Development Center Now contains each major security dealer. This unprecedented cooperation provides a single security policy on platforms.

“Security vendors must unite against general threats,” George Kurtz, Crowdstrike was emphasized during discussion with the latest platform strategy. “How was a data-centered approach Fast enemies and threats are developing“

Cisco President and CPO Patel reflected this feeling in an interview with Venturebeat: “Security is a condition for the EU reception. If people do not trust the system, they do not intend to use.”

The organization remains the problem. Cio Robert Grazioli determines the critical obstacle in Ivii: “CISO and CIO adaptation will be critical in 2025. This cooperation must be protected in effective institutions.

Personality fee

Cisco, Octo, ZScaler, Palo Alto Networks and Crowdstrike, the same results related to personality architecture are not coincidentally not coincidental.

Identity infrastructure determines security results. Organizations face two options: Architect personality or an imminent violations such as control plane. The space between the speed and personality security of the AI ​​placement is narrowed daily.

Three actions cannot wait. Check permissions of each AI agent’s identity and within 30 days. Instantly place a continuous inspection for non-human identities. Create a 24/7 personality security operation to prevent the operators in enemies.

The seller consensus sends an open and inaccessible signal. Identity became a control plane for AI security. Enterprises who cannot adapt will spend the violations that manage 2025 instead of innovation.