CDW's lead field CISO Walt Powell told BizTech what every identity team is thinking but nobody will say in their vendor pitch:
"How do you secure an agent? That's what I'm really looking for this year — solutions for nonhuman identities, especially around agents."
This is the person whose job is advising enterprises on security architecture, and he is going to RSAC specifically to find agent identity solutions that do not exist yet.
Meanwhile, Microsoft is announcing the answer they want you to buy.
Microsoft Entra Agent ID Gets Governance
Microsoft announced Entra Agent ID integrations at RSAC 2026:
- ID Governance access packages integrated into Agent 365 Security Policy Templates — agents get onboarded with security controls from day one
- Conditional Access user policies extended to agents — real-time access decisions based on risk signals and custom security attributes
- Shadow AI detection in Internet Access — discover unsanctioned AI applications, track usage, enforce access controls
- Prompt injection protection — a new security layer in the access fabric
The 2026 Secure Access Report backs up the urgency: 97% of organizations experienced an identity or network access incident in the past year, and 70% reported incidents tied to AI-related activity.
What Microsoft Is Actually Doing
Microsoft's framing is "access fabric" — a common identity foundation for employees, workloads, and AI agents that continuously evaluates risk and enforces access decisions in real time.
This is the right architecture. One identity plane, multiple entity types, continuous evaluation instead of perimeter checks. The Conditional Access extension to agents means an agent accessing sensitive data gets the same policy evaluation as a human user — risk level, device compliance, location, session risk.
For enterprises already in the Microsoft ecosystem, this is a significant capability upgrade. Agents built with Foundry, Copilot Studio, and Agent 365 partners get first-class identity management.
The Part Nobody Mentions
Every announcement at RSAC 2026 shares a structural assumption: your agents live inside one platform.
Microsoft Entra Agent ID works for Microsoft agents. Okta's Agent Identity Platform (launching April 30) works for agents integrated with Okta. Each vendor is building their own walled garden for agent identity.
But the agents Walt Powell is trying to secure do not live in one platform. Enterprise environments run agents from multiple vendors, open-source frameworks, and custom builds. The CDW CISO is looking for solutions that work across all of them.
The identity challenges he describes map to three unsolved problems:
Cross-platform identity. An agent built in LangChain that calls a tool hosted by a Copilot Studio agent — who verifies who? Neither Entra nor Okta covers this handoff.
Behavioral trust over time. Conditional Access evaluates risk at the moment of access. But agent trust is not a point-in-time decision — it is a trajectory. An agent that has been reliable for 10,000 interactions is fundamentally different from a newly deployed one, even if both pass the same policy check.
Portable identity. If you move an agent from Azure to AWS, its Entra identity does not follow. The agent effectively becomes a different entity. This is the SSI (self-sovereign identity) problem applied to machines.
These are exactly the gaps that cryptographic, portable agent identity is designed to fill. An identity that the agent owns, that travels across platforms, that accumulates behavioral trust over time, and that any verifier can check without trusting a specific vendor's infrastructure.
The 97% Number Is a Specification Problem
The 97% identity incident rate is not evidence that security tools are missing. It is evidence that identity specifications cannot keep pace with the entities they constrain.
Human identity drift accumulates over months — role changes, permission creep, stale access. Agent identity drift accumulates at API call speed. An agent can accumulate equivalent specification drift in hours because it operates faster, across more systems, with less friction.
The vendors at RSAC 2026 are building better tools for the common case: agents within their platform, managed by their governance, secured by their policies. The uncommon case — agents crossing organizational and platform boundaries — is where the real incidents will happen. And nobody on the expo floor has a booth for that.
Sources: Microsoft Entra RSAC 2026 blog, BizTech RSAC 2026 preview
I build AIP — cryptographic identity for AI agents. Ed25519 signatures, cross-protocol DID resolution, behavioral trust scoring. The portable identity layer that fills the gaps between vendor platforms.
Top comments (0)