Stolen credentials are responsible for 80% of enterprise breaches. Every major security vendor has converged on the same conclusion: Identity is now the control plane for AI security. Scale alone demands this shift. Enterprises managing 100,000 employees will handle more than one million identities when AI agents enter production.
Traditional identity access management (IAM) architectures can’t scale to secure the proliferation of agentic AI. They were built for thousands of human users, not millions of autonomous agents operating at machine speed with human-level permissions. The industry response represents the most significant security transformation since the adoption of cloud computing.
Proximity-based authentication replaces hardware tokens
Leading vendors now use Bluetooth Low Energy (BLE) between devices and laptops to prove physical proximity. Combined with cryptographic identities and biometrics, this creates four-factor authentication without the need for hardware tokens.
Cisco’s Duo demonstrates this innovation at scale. Their proximity verification delivers phishing-resistant authentication using BLE-based proximity in conjunction with biometric verification. This capability, unveiled at Cisco Live 2025, represents a fundamental shift in authentication architecture.
Microsoft’s Entra ID handles 10,000 AI agents in single pilot programs while processing 8 billion authentications daily. “Traditional directory services weren’t architected for autonomous systems operating at this velocity,” states Alex Simons, CVP of identity at Microsoft.
Ping Identity’s DaVinci orchestration platform pushes further. The system processes more than 1 billion authentication events daily, with AI agents accounting for 60% of the traffic. Each verification completes in under 200 milliseconds while maintaining cryptographic proof.
Behavioral analytics catch compromised agents in real time
CrowdStrike treats AI agents like any other identity threat. Their Falcon platform establishes behavioral baselines for each agent within 24 hours. Deviations trigger automated containment within seconds.
“When an AI agent suddenly accesses systems outside its established pattern, we treat it identically to a compromised employee credential,” Adam Meyers, head of counter adversary operations at CrowdStrike, told VentureBeat. The platform tracks 15 billion AI-related events daily across customer environments.
That speed matters. CrowdStrike’s 2025 Global Threat Report documents that adversaries are achieving initial access in less than 10 minutes. They move laterally across 15 systems within the first hour. AI agents operating with compromised identities amplify this damage exponentially.
Identity resilience prevents catastrophic failures
Enterprises average 89 different identity stores across cloud and on-premises systems, according to Gartner. This fragmentation creates blind spots that adversaries exploit daily. The fix applies networking principles to identity infrastructure.
Okta’s Advanced Server Access implements redundancy, load balancing and automated failover across identity providers. When primary authentication fails, secondary systems activate within 50 milliseconds. This becomes mandatory when AI agents execute thousands of operations per second.
“Identity is security,” Todd McKinnon, CEO of Okta, said at Oktane 2024. “When you move AI into production, you give agents access to real systems, real data and your customer data. One compromised agent identity cascades across millions of automated actions.”
Zero trust scales for agent proliferation
Palo Alto Networks’ Cortex XSIAM completely abandons perimeter defense. The platform operates on the assumption of continuous compromise. Every AI agent undergoes verification before each action, not just at initial authentication.
Mike Riemer, Field CISO at Ivanti, reinforced the zero trust approach in a recent interview with VenturBeat: “It operates on the principle of ‘never trust, always verify.’ By adopting a zero trust architecture, organizations can ensure that only authenticated users and devices gain access to sensitive data and applications.”
Cisco’s Universal ZTNA extends this model to AI agents. The platform expands zero trust beyond humans and IoT devices to encompass autonomous AI systems, providing automated discovery and delegated authorization at scale.
Automated playbooks respond instantly to identity anomalies. When malware triggers authentication irregularities, XSIAM revokes access and launches forensic analysis without human intervention. This zero-latency response becomes the operational baseline.
Zscaler CEO Jay Chaudhry identified the core vulnerability at Zenith Live 2025: “Network protocols were designed to allow trusted devices to communicate freely. AI weaponizes this legacy architecture at scale. Adversaries craft phishing campaigns that compromise agent identities faster than humans can respond.”
Universal ZTNA frameworks enable million-agent deployments
The architectural requirements are clear. Universal zero trust network access (ZTNA) frameworks across the industry provide four capabilities essential for AI environments.
Cisco’s implementation demonstrates the scale required. Their Universal ZTNA platform performs automated discovery scans every 60 seconds, cataloging new AI deployments and permission sets. This eliminates blind spots that attackers target. Cisco’s delegated authorization engine enforces least-privilege boundaries through policy engines processing 100,000 decisions per second.
Comprehensive audit trails capture every agent action for forensic investigation. Security teams using platforms like Cisco’s can reconstruct incidents across millions of interactions. Native support for standards like the Model Context Protocol ensures interoperability as the ecosystem evolves.
Ivanti’s approach complements these capabilities with AI-powered analytics. Daren Goeson, SVP of product management at Ivanti, emphasizes: “AI-powered endpoint security tools can analyze vast amounts of data to detect anomalies and predict potential threats faster and more accurately than any human analyst. These tools provide clear visibility across devices, users and networks, proactively identifying potential security gaps.”
Cisco’s AI security architecture sets industry direction
Cisco’s AI Secure Factory positions them as the first non-Nvidia silicon provider in Nvidia’s reference architecture. By combining post-quantum encryption with new devices, Cisco is building infrastructure to protect against threats that don’t yet exist. The enterprise takeaway: Securing AI isn’t optional; it’s architectural.
At Cisco Live 2025, the company unveiled a comprehensive identity and AI security strategy that addresses every layer of the stack:
Cross-vendor collaboration accelerates
The Cloud Security Alliance Zero Trust Advancement Center now includes every major security vendor. This unprecedented cooperation enables unified security policies across platforms.
“Security vendors must unite against common threats,” George Kurtz, CEO of CrowdStrike, emphasized during a recent platform strategy discussion. “The data-centric approach wins given how fast adversaries and threats evolve.”
Cisco President and CPO Jeetu Patel echoed this sentiment in an interview with VentureBeat: “Security is a prerequisite for adoption of AI. If people don’t trust the system, they’re not going to use it.”
The organizational challenge remains. Robert Grazioli, CIO at Ivanti, identifies the critical barrier: “CISO and CIO alignment will be critical in 2025. This collaboration is essential if we are to safeguard modern businesses effectively. Executives need to consolidate resources — budgets, personnel, data and technology — to enhance an organization’s security posture.”
The identity reckoning
When Cisco, Okta, Zscaler, Palo Alto Networks and CrowdStrike independently reach identical conclusions about identity architecture, it’s confirmation, not coincidence.
Identity infrastructure determines security outcomes. Organizations face two options: Architect identity as the control plane or accept breaches as inevitable. The gap between AI deployment speed and identity security maturity narrows daily.
Three actions cannot wait. Audit every AI agent’s identity and permissions within 30 days. Deploy continuous verification for all non-human identities immediately. Establish 24/7 identity security operations to prevent adversaries from exploiting gaps.
The vendor consensus sends a clear and unmistakable signal. Identity has become the control plane for AI security. Enterprises that fail to adapt will spend 2025 managing breaches instead of innovation.
The post Enterprises must rethink IAM as AI agents outnumber humans 10 to 1 appeared first on Venture Beat.
