Enterprise identity was built for humans — not AI agents

Presented by 1Password

Adding agentic capabilities to enterprise environments is fundamentally reshaping the threat model by introducing a new class of actor into identity systems. The problem: AI agents are taking action within sensitive enterprise systems, logging in, fetching data, calling LLM tools, and executing workflows often without the visibility or control that traditional identity and access systems were designed to enforce.

AI tools and autonomous agents are proliferating across enterprises faster than security teams can instrument or govern them. At the same time, most identity systems still assume static users, long-lived service accounts, and coarse role assignments. They were not designed to represent delegated human authority, short-lived execution contexts, or agents operating in tight decision loops.

As a result, IT leaders need to step back and rethink the trust layer itself. This shift isn’t theoretical. NIST’s Zero Trust Architecture (SP 800-207) explicitly states that “all subjects — including ...