Vigyata.AI
Is this your channel?

Are Your AI Agents a Hidden Attack Surface? Rethinking Identity and Access in the Agent Era

33 views· 19:25· May 26, 2026

Podcast: The Security Strategist Guest: Jasson Casey, CEO & Co-Founder, Beyond Identity Analyst: Richard Stiennon, Chief Research Analyst at IT-Harvest In an enterprise technology market that’s saturated with AI copilots and coding agents, most enterprise security strategies are already outdated. On the recent episode of The Security Strategist podcast, analyst Richard Stiennon, Co-Founder and Chief Research Analyst at IT-Harvest, presses Jasson Casey, CEO & Co-Founder, Ceros by Beyond Identity, on a question few vendors are answering clearly. “How do you actually control autonomous agents once they’re inside your environment?” posed Stiennon. Casey’s answer is architectural, focusing on Ceros – a new control plane from Beyond Identity built specifically for agentic workflows. What is Ceros built for? The problem Ceros addresses is practically faced by enterprises. For instance, enterprises deploying tools like Claude, Codex, or Copilot for coding and workflow automation are effectively granting agents the same privileges as human operators, but without equivalent oversight. These agents write code, call APIs, and interact with sensitive systems, often across long-lived sessions where risk can evolve in real time. Casey points out that most enterprises fall into one of two active camps: those moving fast and accepting the risk, and those slowed by governance concerns. What both groups lack is visibility. Not logs after the fact, but live, session-level awareness of what agents are doing, what tools they’re invoking, and how their behaviour changes over time. Ceros is designed to sit directly in that gap. Rather than acting as a perimeter control or identity gateway, it operates in tandem with agent sessions, exposing granular telemetry on tool calls, device posture, and execution context. The emphasis is not on blocking upfront, but on establishing a real-time inventory of agent activity—a prerequisite for any meaningful governance model. Key Takeaways - AI agents are introducing major identity and visibility gaps across enterprise systems. - Traditional “authenticate then trust” models fail in dynamic, long-running agent sessions. - AI agents have no real identity. Ceros binds every agent action cryptographically to hardware, making credential theft pointless and every action attributable to a specific user and device. - Ceros gives security teams identity, visibility, and control over AI agents — enforcing policies at the proxy layer before agents can act, not after. Get started at ceros.sh. Chapters 00:00 Emerging Security Gaps in AI Coding Agents 03:03 The Role of Governance in AI Deployment 05:58 Beyond Identity: The Passwordless Revolution 09:00 Device-Bound Credentials and API Security 11:59 Integrating Security Solutions for AI Agents To learn more about Ceros and how agentic workflows in cybersecurity enterprises are changing, follow: Beyond Identity LinkedIn: @Beyond Identity Beyond Identity X: @beyondidentity Beyond Identity YouTube: @BeyondIdentity EM360Tech YouTube: @enterprisemanagement360 EM360Tech LinkedIn: @EM360Tech EM360Tech X: @EM360Tech Follow: @EM360Tech on YouTube, LinkedIn and X Stay connected for more expert insights, podcast episodes, and enterprise data strategy discussions. #AI #ArtificialIntelligence #AgenticAI #AISecurity #Cybersecurity #EnterpriseSecurity #IdentityAndAccessManagement #ZeroTrust #BeyondIdentity #CloudSecurity #AIGovernance #MachineLearning #TechPodcast #SecurityStrategy #FutureOfAI

🎬 More from Enterprise Management 360