Identities Under Attack: How Adversaries Exploit the Human–Machine–Agent Divide

All right, welcome everybody. Today is the day where we’re gonna talk about identities and identities under attack.

A lot of the conversations have been occurring the past couple of weeks around how attackers actually exploit identity and identity is somewhat of the attack vector that everybody is looking at. It keeps CISOs awake at night and it keeps practitioners nervous if they’re making a mess of their identity stack and we are joined today by the esteemed Rajesh Patya, I hope I pronounced your name. You’re VP of Cybersecurity and Identity and Access Management with Comcast. We have Simon Moffitt, you are the Founder and Research Analyst at the CyberHut.

So you engage daily with customers and vendors and have a really broad understanding of what goes on in the market. And we’re also joined by our very own Paul Dant. He’s our Senior Solution Consultant. And I know for a fact, Paul, that you expert when it comes to red teaming and looking through the adversarial lens.

So a warm welcome to all of you gentlemen.

Maybe is there anything in addition that I forgot about the introductions at this point that you want to bring forth?

Well, I can start by saying I go by Raj, it’s much easier.

I’ll refer to you as Raj.

All right, we talk about identity being the new perimeter and then that’s something that we see that with vendors, we see that with customers, everybody talking about identity being that number one attack vector. But my question is really, does most organizations actually internalize what that means operationally or is it still pretty much a talking point? Now I’ll start with you Raj, since since you were the one that spoke.

Sounds good. So I agree. You know, most organizations conceptually agree and maybe on a journey for comprehensive identity protection, but currently, operationally, maybe still defending applications and networks.

So may not be protecting full identity interactions yet.

And these days, real attackers don’t break in anymore.

They typically log in.

So, I think the pivot to identity types protection is happening, but it’s a journey for large enterprises.

And, you know, until identity becomes the central protection control plane, you know, we have to manage all the apps and parameters. But, ultimately, we need to get to managing all human identities, machine identities, agent identities. And it may be slogan for some companies, but, you know, at Comcast, we are taking it seriously and focusing on it.

I can imagine and I’ve interacted with you in the past, I know some of your complexities. But Simon, how do you see this from sort of the analyst point of view? You’re engaging with both vendors and customers and people that are interested in this topic.

What’s your point of view?

It’s a really interesting one. Think I’m actually a nail on the head there. It’s a journey and it’s a level of maturity as well. Think it’s if I’ve been identity quite a while, I always see identity as the as the perimeter or as the control plane is the attack verdict. Obviously, maybe slightly biased in that respect, but I think it is definitely a level of maturity around you sort of zoom back a little bit, look at the existing technology landscape. You know, fifteen, twenty years ago, we bought network technology and we bought data technology and maybe bought some malware endpoint technologies.

That that sort of thing doesn’t really happen anymore. And I guess the the budgets in the operating of those those pillars have dissolved a little bit, and they’re all grounding themselves on identity and networks, endpoints, data security, all of that stuff. It doesn’t really work without identity. Think that those boundaries are just dissolving essentially.

I think you see the service providers and vendors altering their narratives and features. I think also the buy side of re architecting around identity as being you Roger, you mentioned a good word there control play, you’re making identity as the as the main sort of levers, if you like, for protection and detection. But it it is definitely not an overnight thing. It’s a change process and to change your architectures and understand how all of that ties together.

So it’s it’s definitely a journey.

I see you’re nodding the head, Paul. Is that is that your your your opinion as well when it comes to because I know you’re advising clients in protecting and ensuring that the identity surface is under control.

Anders, yeah, definitely. In fact, would even take it a step further and say identity has always been the perimeter.

We’ve just been focused largely on the wrong problems. We’ve listed those out, endpoint, network, web applications.

I think the really challenging part today is, as Raj said earlier, hackers, attackers aren’t breaking in anymore. They’re logging in. That makes it particularly challenging. When we see attackers using ODAYS, buffer overflow exploits, those types of things to get inside of a network, those actions are typically noisy.

We’re knocking over servers. We’re closing applications down, causing them to restart. But when an attacker just logs in, there’s really nothing that looks bad about that. And then if we follow kind of the MITRE ATT CK framework progression of your typical ransomware attack, everything in the middle looks pretty innocent as well, and it’s crafted specifically to look that way.

Each one of these these steps in the attack broken down to look like reasonable activity on the system or on the network until everything blows up and we detonate ransomware. And that’s when suddenly we realize that we have a problem. So I think what we’re really saying is, you know, the focus on detection and prevention has maybe led us down the wrong path in some ways where containment was always where we should have been focused. And of course, that’s really where identity comes into play is these over privileged accounts, system accounts, nonhuman identities, whatever we want to call them, are all being used to carry out nefarious things within an organization’s network.

Yeah. I mean, we at Radiologic, we view the identity problem as three faced with, human identities, non human identities, and the emerging agentic category. But Raj, back to you. I mean, you represent an organization that is of scale and with scale comes a level of complexity that you won’t find at mom and dad shop down the street.

It spans both workforce, customers, partners, but obviously also I would assume the non human identity side, the agentic side. But when did this truly become a security concern for your team? And and what was was there a forcing point in time that that you really need to rethink, how how you approach identity?

So for large enterprises and complex enterprises like us, you know, identity became more central when cloud started to emerge, when SaaS started to emerge, when microservices architecture started to emerge, and APIs and automation and all of these drivers forced us to collapse those parameters. So I think everyone talked about different aspects of defense in-depth capabilities.

But as we started to go granular beyond the human identity, it became a forcing factor to have some visibility, governance, and policy enforcement as well.

So it has been additionally forced upon us as an industry by all the public breaches that may have occurred around us.

And the business impacts, operational impacts, customer loss, brand loss, in technology terms, credential or access token abuses that have emerged over a period of time.

And not malware lately, you think about it, not as much.

So I think I at scale, if I think about it, IIM started to be seized from the IT function, so to speak, and became a business risk control plane enforced by regulatory and compliance implications and started to be talked at the board level as well, which is, I think, the time when all these large ecosystems started to focus on identity as a security perimeter.

Yeah. I I think you touched on something that resonates with the entire crowd. If by the way, you if you do have questions throughout the webinar, feel free to put that in the chat and we’ll try to answer that.

I think what you’re saying is when cloud emerged, all of a sudden you had these two different worlds that were all being tried to live simultaneously and protecting that with a firewall was no longer possible, but you also touched on these different types of identity that are all interwoven into one single mesh. Like I said, we call it the three identity problem with human, non human, agentic. Simon, you’ve done a lot of research on the taxonomies around identities, and how would you frame the distinction between what we’ve referred to as human identities, that could be the shape of customers, citizens, or as employees, partners, and sort of the workforce related, and the non human identity versus the agentic, because it all fits together in my world. It all kind of chains together to form one single attack surface that to Paul’s point, can exploit, and you can you can chain attacks and exploit that….

Yeah. Exactly right. I think it’s this is actually quite interesting because touched on this a little bit at the beginning around the existing or the previous technology pillars were were very separate in the sense of you’d have network access control, you may then have some data loss prevention stuff over here. And the never never the two shall meet as it were.

And, obviously, now we have this perfect storm of of of transformation around cloud. Cloud’s a good one because that was a real forcing factor on how we sort of think about identity. But I try and sort of keep it simple when when doing this in workshops. So I’ll get the whiteboard out and say, am I okay?

What are the three main factors we have within the technology landscape? And first one’s people. We know people, hopefully, as people ourselves. So we start off with people, then you have software, and then you have hardware.

So keep keep it nice and simple. Then on the people, of course, you touched on this a little bit. You know, we have the b two e workforce ecosystem, which is really where identity emerged. And we’ve got a lot of maturity there, a lot of experience, a lot of technology, a lot of, good practices, lots of good understandings, a lot of problems in there as well around excess permissions, cost accounts, often accounts, hygiene problems, IGA, which often gets into stress, and lots of bad stuff going on there.

We’ve got a lot of maturity in process and understandings. And but not all people are the same. We have b two e. We have b two c.

We have citizens. We have gig workers, contractors, partners. So not all people are the same, and and the identity world there can be very subtly different. And then we start thinking about software.

And Raj touched on this right to the beginning of things like microservices. And you start to see things like machine identities and workload identity becoming a bit of a soft sub area, if you like, which isn’t the same as people but does require some similar concepts around authentication, lifecycle management, authorization, disabling and removal, credential management. So you have the same terms, if you like, all the same plot problems. But the implementation is obviously entirely different.

And yes, we may be good with strong authentication or biometric authentication in the people world. But then how do you take that concept and apply it to workloads and NHIs? And I don’t know how long we’re in here. Well, let’s mention AI.

Let’s let’s get AI into the the conversation as well. We have this new thing, agentic identity as well, which is yet another subtly different construct. And then the far right hand side, I would also add in a category for hardware identity as well. So Internet of things, automation, transportation, smart cities, all of this.

What used to be SkyFi sort of technology is now really, really in the sort of consumer space. So you have those three buckets. Are they all the same? Absolutely not.

And the requirements both functionally and non functionally very, very different. But I like to start off with those buckets, and these sort of can work out additional types. But one thing I’ll just finally add here is once you’ve done that is to think about the end to end life cycle of each of those identity types, be it a person, a customer, a workload, a service, an IoT smart device, for example. But you’re gonna have identity verification.

You have assurance. You’re gonna have profiles, permissions, policies, strong auth, hopefully, just in time authorization, credential management. So you sort of take the life cycle and then you boil out the requirements there. And will just in time authorization be the same for each?

Probably not. But you’re gonna need to think about how to design and implement that in each of those different constructs. So, essentially, you sort of end up with a quite a big matrix of your different types of identity and then end to end, essentially how you create them, how they get used, how they are deprovisioned and removed, and how you do all of the security analysis, posture management, risk analysis, and all of the the good stuff, which we’re starting to talk about here. And it can be quite a complex matrix, I guess, is what the the end goal looks like.

It is a complex matrix, and there’s gaps in between, and that’s where you can typically exploit and Paul, I know if we put on your sort of gray or white hat hacker lens, if you look at it from a pure data and identity infrastructural point of view, where would you say based on the conversations that you have daily with organizations that it breaks down when you’re trying to manage all these, let’s call it three types of identities for the simplicity, in sort of a unified way. Is it a pure tooling problem? Is it a governance problem? Something else? Or a combination of multitude of things?…

Yeah, so I would say first and foremost, think especially from an attacker perspective, we have an overarching philosophical problem. And that is really that when we design systems, when we build systems, we tend to avoid thinking about what could go wrong.

So when we’re just simply creating user accounts and granting those user accounts certain entitlements, roles, permissions, whatever, we’re not really thinking this user account might be exploited and used by another person. We’re not really thinking along those lines. So there’s this philosophical breakdown where we’re not really anticipating what will happen if one of these accounts has taken over. But then as we get into the technology, I think we have a visibility problem and that comes from an issue that we refer to as identity data sprawl, where even for just human identities, we might have multiple sources that ultimately build that identity profile on who that user is, what that user is able to do, what systems he or she can access, etcetera.

But then when we factor in nonhuman, when we factor in now agentic where we have completely separate disparate platforms that might be managing authentication and authorization, we have a really serious visibility problem. So the first step there, of course, is how do we bring all of that identity data together so that it’s unified and we can see it in that perspective. I think the other problem that we have is data hygiene. And I kind of like to use the analogy with the OSI reference model taking us back quite a ways on an abstracted layer based visualization of how network traffic moves from the physical medium, the Wi Fi signal, whatever it is, all the way up to being used within an application.

We have kind of the same concept when it comes to identity.

IGA, IAM, they’re at kind of, you know, layer six or seven using that same OSI reference model analogy, whereas identity data is way down at that first level. That’s where we need to focus on hygiene, because if we don’t, as that data becomes used at higher levels like by SailPoint or Savient, if that data is no good, everything coming out of that will be no good. So workflows will break down. And that’s really where we see the identity challenges that we have today.

When workflows break down suddenly, users are over privileged. I say users meaning any of those three types of identities. They are essentially users that are logging in maybe not interactively, but at the end of the day, this is all based on authentication and authorization of some account, some user. And that’s really where the hygiene piece causes a lot of things to break down as well.

So kind of to summarize, I think our overarching problem is we simply can’t see in a single view. I’m not going to say pane of glass, but in a single view what is going on with identity within our organizations.

Oh, I represent marketing from Radiant Logic, so, we love that term, single pane of glass.

But, The whole industry does,

yes.

Simon opened up for the sort of, different types of identities, nonhuman identities, and and and he mentioned service accounts, APIs, workloads, etcetera. Raj, I know you’re you’re you’re battling with agentic, right, and non human identities. I like to play with OpenClaw because I think it’s cool technology, I do that safely behind my own little network, and I realize that the more agents I spin up, the more API keys I need, the more little sub process that it uses, the more credentials and certificates to some Linux service that I have, it just accumulates. I’m going to admit, I have no control of that and I don’t really care, but for someone like you, you have to care. And in my case, it’s completely out of control, it’s just me, right? But I can just imagine from a Comcast point of view, from where you see it, the ratio must be incredible. How does that look like in your environment and where do look at that from a sort of governance point of view?…

Yes, so in large enterprises typically nonhuman identity ratios are orders of magnitude to human identities.

Typically, what we we may have heard or seen is one is to twenty to up to one is to fifty. We have some extreme data as well. One is to ninety or ninety five as well in large ecosystems because rightfully so, the workforce is trying to adapt and learn agentic way of working.

And all of the enterprise users are attempting to pivot from their day to day working style to new styles of working. So the way we bucket these identities and the capabilities that everyone is spinning up is the typical no code, low code, and kind of pro code services in large enterprises, which need different levels of visibility, governance, enforcement, observability, and controls.

So as we build these capabilities, as people experiment with the technology, the volume to make these manual lifecycle management and access reviews is just impossible.

And the governance for us in in Comcast, and I’m sure in the large ecosystems, is pivoting from, you know, your normal UAR or accessory certifications to more of policy driven enforcement and automated controls.

One of the key challenge that large environments are currently battling with is discovery. So as you mentioned, you can build, you can download locally something on your machine, your endpoint, and we need to be able to see the traffic and we need to be able to discover what is being executed, what data, is it personal, is it customer, is it organizational sensitive data is being executed in that little environment that could be in your containerized ecosystem or your machine itself. But the exposure becomes real.

And that is where we need to come up with new capabilities of discovery, whether on the endpoint, whether on the network. And intelligence services has to emerge as an industry to be able to control all of these high ratio identities that are spinning up, whether from from a life cycle management perspective or secret credentials, all of those aspects long term.

I I think you you touched on something that’s quite interesting, Raj, and that’s the fact that there’s a lot of experimentation going on in various enterprises.

It is mandated from top down that use AI to your advantage, do more with less, use agents to solve every business problem that you can think of. That obviously creates a lot of sprawl in the sort of agent sense.

But it’s also, if we look at AgenTik AI and agents, it is also the, at least in my point of view, the least understood identity type.

I’m going to open it up to all of you.

You anyone have any good real live world example of when AI agents is creating an identity access problem or challenge that that wasn’t anticipated when when that initiative was, rolled out.

Anyone wanna take a stab?

That’s go on, Raj. Go on.

Yeah. I mean, so in my mind, agentic systems reuse tokens and permissions, and they go far beyond their original scope in my mind.

AI actions start unintended privilege chain access challenges that are not typically foreseen.

And in traditional AI, I’m basically lacked any model of intended drift or autonomous execution.

And as you think about Anders starting spawning their own agent experiment, sharing it with Raj because Raj is a colleague, then promoting it to Paul and Simon, and it becomes a departmental issue.

Then you add SharePoint just to play around and now you’ve exposed corporate assets. So I think these are the kind of chained challenges of agents and capabilities that we are trying to contain and manage proactively rather than reactively is what what we are observing in in the industry as well as in all ecosystems like Comcast.

I I think you’re spot on, Raj. Any anyone else wanna take a stab at that one?

Simon, have you have you seen any

Yeah.

Just to amplify just to amplify some of these, you know, it’s I guess, agentic AI specifically, it’s almost the worst of both worlds. And by this, I mean, it’s it’s the worst of of of the NHI workload things. You’ve got scaling problems. So you’ve got lots of them.

Now why do you have lots of them? Well, the productivity benefits for for some of these agents are off the scale. You mentioned OpenClaw there. But there are other sort of more commercial sort of shadow led systems which have massive productivity impacts to the accounting department, to marketing, to sales, to to wherever, you know, which department is is consuming them.

And it’s it’s like, well, it’s really hard to remove that that consumption. It’s maybe it’s a SaaS thing or a trial thing. No code. You don’t need to be a technical expert.

And the productivity value is huge. It’s really tangible. You know, it clears your inbox or it builds your presentation or whatever. So that’s really hard to to reverse from.

So you have that that shadow thing to deal with. But I think as well, it’s the optimization aspect there that Raj was just mentioning. It’s you may give an objective to an agent to go and do something, and that’s what they will do. They will they will optimize in any direction they see fit to to make that a reality.

And and that could mean deleting databases. It could mean, you know, speeding up a query to something. Because if I don’t know. Maybe if if half the database has been removed, it makes the response time faster.

So it’s you know, you have to be very careful on what what sort of objectives you can give to an agent and the the guardrails and the potential impact.

We…

have all these old frameworks that have been floating around the industry for a very long time, you know, role based access control to name one, privileged access management with prominent vendors that are supporting that, and every single IGA player out there is trying to solve the joiner move or leave it process.

How does that translate to agentic identities? Are starting from scratch? Do we need new frameworks? No new protocols? New standards?

I always like to stand on the shoulder of giants to call Isaac Newton or whoever, but I think we definitely need to think differently. Not necessarily reinvent everything, so that’s not a smart thing to do either. We have to to learn from our experience that we have. But I think equally, we need to be really realistic that agentic and AI in general is creating different requirements, amplifying existing vulnerabilities and weaknesses in both the code and the process and how how we do things.

You know, we talk about ethics and morality and compliance. These are these really difficult, hard things to codify and structure. So I think absolutely, you know, the the frameworks and the approaches from yesteryear have been very linear and being very isolated and being very predictive and and looking signatures. And if I look for this pattern, there’s a there’s a bad thing.

And if that pattern’s not there, we’re safe. It’s like, oh, that that isn’t the world that we live in anymore. So we do have to think about the whole end to end. Yes.

Lifecycle. Yes. Governance. But also things like intent has become a big deal this last probably six to twelve months around.

What’s the real intention of this agent, of the end to end agentic system? Can that be analyzed? Can you look at the behaviors? Yes.

They have the correct permissions.

Should they be using those permissions now? What are they using the permissions for? Is that different? Is it expected?

And these are all much more subjective, I think. And that I think will require, yes, different frameworks. We said a different way of analyzing the problem. And should we start from scratch?

No, because we still need strong authentication. We still need authorization and gateways enforcement and so on. So we need to take the concepts. I just don’t think they’re going to be using the same technologies and the same tooling that we’ve had from fifteen years ago.

That’s the important thing to consider.

And Paul, every time you and I meet up in a bar drinking a couple of beers, we always talk about how can you leverage different exploits and sort of chain them together.

Is that something that you know, we know it starts kind of with phishing and social engineering, but then you pivot to abuse accounts of some sort. I recently realized that it was just a couple of days ago, there was this really nasty exploit that just required a couple of lines of Python and it would exploit the kernel module and Linux system. Essentially all Linux systems out there are vulnerable to this, and I can just imagine the panic going on there. But if you chain all these different techniques together, you create a sort of an attack that is tricky to get an understanding of, an overview of, and how does fragmented identity data make it so hard to get that overview? And I don’t want to lead into a single, you know, pane of glass to get that overview, but what’s your take on that, Paul?…

Yeah. So what I’ll say is two things. The first is when we look at kind of the typical flow of an attack, that chain of attacks, we’re not always talking about exploits anymore.

The one you mentioned, certainly, from a lateral movement perspective where you might have network connectivity to vulnerable Linux systems you’re interested in getting to, awesome. That’s going to work really well. But in a lot of cases, these attacks are difficult, sometimes impossible to detect because each one of those steps, those chains, may look completely normal. It’s done somewhat in isolation. So, even something as simple as an attacker who’s gained access to a particular account, adding his or herself to a group that extends their abilities in that network, that doesn’t necessarily look like a bad thing.

If we’re not tracking where those identity state changes happen, then a user adding themselves to a group, it happens. And I would say to piggyback on that, talking about the agentic thing, that’s exactly what agentic AI, that’s what agents are doing, is they’re given a set of objectives. As Simon mentioned, guardrails are a huge problem.

And so it’s going to complete those objectives however it’s able to within the constraints of those guardrails that you’ve given it.

The problem there is now it doesn’t necessarily, unless you specifically say don’t escalate your privileges, that agent may be able to go out and not necessarily use an exploit, but very much like an attacker, add itself to a group that it sees will give it capabilities to do what it feels it’s supposed to do. And of course, you know, with what we’ve learned with agentic, I’m sorry, generative AI, large language models, it’s not infallible. So what we give it as a set of objectives in our minds could be very different from how it perceives it, particularly once it started doing its work. Those objectives may shift in the mind of that AI.

And yeah, I think it mirrors perfectly how attackers are typically carrying it out. And all of that comes down to, as you said, the fact that these identity data sources are separate.

There’s no real unified visibility, so we can’t really make heads or tails of what’s happening. As far as we’re concerned, if the SOC doesn’t see an alert, everything’s fine, when we really know that’s not the case.

Yeah, I think, Raj, from your practitioner point of view, at least from your colleagues that I’m sure are up at night, I’m sure you’re sleeping great. But what is that threat perspective from your point of view? Is it the human element or the sprawl and proliferation of non human identities that just gets out of control? Or is it the fact that all of a sudden we have this emerging agentic layer that can add itself to a group, which all looks fine from the optics of it, but in reality, it could be something that goes wrong because of the guardrails of the LLM behind it or what have you.

Yeah. So well, we are equally not sleeping great because I think the industry by itself is is open up to all these challenges that that everyone is trying to battle with, you know, whether it is, you know, capabilities of of Mitos like, you know, model that’s coming out or capabilities of LLMs that can be paired up with any, you know, Rag or any other system to Paul’s point, adding themselves into groups and getting the set of objectives done one way or the other is a worry for everyone.

But I think we talked about, as Simon had mentioned, in proper buckets and you as well, in terms of people or human identities.

The second part is nonhuman identities.

And the third is the emerging category that Anders you already talked about from agentic world perspective.

But from nonhuman identities perspective, we are concerned because attackers exploit them.

Only after when they compromise a human identity or impersonate or they have a window in to get into an ecosystem.

But from there, they pivot into these ephemeral identities or privileges, which are typically overprivileged. They are long lived.

They are invisible to most governance platforms.

Human identity may start an attack.

Machines now can scale them and they sustain them, it’s very hard for any environment to know what is a real risk in the environment that is just sleeping to be potentially abused in the future, which is what all environments are all all industries are trying to battle with so that they can discover what risks each environment has to prioritize from their long term sustainability in the industry perspective.

Those are the kind of challenges that we see and we are

And keeps you up at night as well.

Exactly. Simon, if we’re if we’re staying within sort of the nonhuman identities, but pivoting slightly, one of the things I always like to play around with is something called Pineapple Wi Fi.

Pineapple Wi Fi has a little module called Evil Portal, which is a great way of impersonating Office three sixty five or Okta or Google, what have you. You log on to a Wi Fi, you put in your credentials and boom you got internet access. It’s a very easy way to trick and manipulate people that are not thinking about what they’re doing, they just need access and they’re providing some credentials and that immediately allows you to intercept credentials or intercept the sort of access token, even if you have MFA in place.

How would you advise organizations to kind of rethink that trust model in a world where these tokens are just as good as stolen passwords? I mean, I trick you into logging into my little pineapple Wi Fi that I’ve configured, and you go through the whole process of MFA, and I get access to, let’s say, your Microsoft account. I can get your documents, I can get your email, I can do everything that you can as a legit user by just having that credential and that access token….

It’s absolutely. It’s really the the security in general has evolved. I think quite good with cliches in in our industry around things like defense and depth and so on. And it’s it’s actually quite difficult to to do this at a level of maturity level of scale.

And that’s a really good example of the post authentication attacks here. And I think, you know, again, historically, we’ve been quite good authentication, I think. And and and by this, I mean, the industry is is designed multiple different authentication modalities. Be that, you know, back in the day, you’d have one time passwords getting sent via email and stuff, which nobody does that in your office.

It’s highly insecure, and that evolved to one time passwords on your mobile. And then you push notifications and and and so on and so forth. It’s continually innovating. Now authentication is is it fixed?

Not really. But if you have things like pass keys, passwordless, biometrics, you know, face face, ID, and the and the like, that’s actually pretty difficult for an attacker to go after that stuff. You know, it’s it’s leveraging protocols that have been very well analyzed and the like. So what do the bad guys do?

They go after the the weakest link in your security chain. And, again, if you are looking at architectures and designing things, you should really invest in the weakest point first before you extend everything else. And session, post authentication, session management, session issuance, access tokens, token theft, all of that sort of stuff. It’s it’s a real, sweet spot for adversarial activity because, again, back to the blind spot argument, it’s not often managed, monitored, understood.

What happens post authentication? So we’ll be very good at putting these big barriers in place to gain access to a system at the identity provider. Device ID checks, maybe a bit of biometrics, maybe some whatever location IP check stuff. But then once you’re in and you have a session, it’s like a free for all.

It’s like, yay, you’re you know, a two, three, six month session token or access token has full capabilities and so on. I think it is again back to back to basics around. Okay. Authentication is good.

What happens next? Okay. Tokens everybody, you know, time bound, scoped, maybe tied to that particular browser or that particular device. You’ve got sort of device binding there on the on the token material.

So you just have to get have to have those little controls put at every part of the identity lifecycle. Obviously, been talking about people here, but the same equivalent controls have to put in place for for workloads and and NHI and the like as well. But, yeah, unfortunately, things like session hijacking, access token manipulation, that is leading to lateral movement, process injection, privilege escalation and abuse, all of the classic MITRE attack. So persistence and x fill techniques that are all all looking at, okay, authentication is becoming quite hard.

What’s next? Where’s the next part of the of the food chain? And instead of just maybe attacking Simon’s password, why don’t we just, you know, maybe attack the access token management frameworks and token issuance and token validation? Because in honesty, that that’s a bigger effort rewards for for the bad guys there.

So, yeah, we we think end to end. We need to think about risk and trust as being a spectrum. It’s not black and white. Yes.

You trust it. No. You’re not. I think you have to think about, trustworthy versus trusted.

You know, the the quite subtly different. Is is your ecosystem trustworthy, which is a proven thing, versus, you know, constantly verifying every interaction? So there’s end to end is important. Lots of controls is important.

And, again, thinking of of that risk and trust is a a much broader thing than just yes, no, allow, deny. There’s more fine grained options there, think….

Doctor. Seems, Paul, if we’re talking about, you know, LLMs and the way that attacks occur, one of the typical approaches is to inject stuff, whether that is into code, try to do a buffer overflow, you exploit SQL. I mean, these are all classical stuff, but we’re seeing the same thing with large language models, whether you’re trying to kind of bypass the guardrails, trying to trick the LLM model, if you will, to manipulate and get some unintended malicious actions out of it.

How would you say that is a real threat today? I’ve seen some stuff floating around. Can’t recall if it’s Instagram or TikTok or what have you, but there was some burger chain somewhere in the world where it was supposed to give you, take an order and serve you the burgers, but in reality they were able to trick it into giving all kinds of answers to scientific questions on how to grow marijuana.

Now, that is obviously not what was intended for that agent, but how big of a threat is that and how big of a thing is that?

It’s definitely a thing.

So even if we take the attacker out of the equation, we already know that these guardrails are tricky.

Give you a really interesting extreme example that I call the paperclip problem. Let’s say that we have an AI agent and we’ve instructed it as its objective to create as many paperclips as quickly and as efficiently as possible. And we just leave it at that. So we expect guardrails like don’t wipe out the human race to be understood by that AI agent, and it’s not.

So if we let that agent run its course through that objective, before we know, we might find that the entire world has been stripped of natural resources as this agent has created bots to build all of these paperclip factories, cause it just wants to help and complete the objective that we gave it. So completely like that example that you gave, I mean, these unintended consequences are possible even without attacker involvement. When you put attackers in that might have a view into a system where they can analyze what an agent is doing, and for simplicity’s sake, let’s also just make this base statement.

An AI agent is really nothing more than infinitely running code with some breakpoints that has the ability to communicate with a large language model. So if it’s going out and it’s retrieving data that it then sends to an LLM for analysis, that will then inform the agent on which step to take in that code next. As an attacker, if I can see that, I can then manipulate that data that it’s analyzing and sending to the LLM to trip that LLM into doing something completely different than what was actually intended. So yeah, I think it’s very real.

And as more organizations start bringing agentic AI into their actual production environments, it’s going to become more and more of a serious threat.

So it’s a quick around the room here. Raj, I’m starting with you. If if you were to name the single biggest identity gap that adversaries are trying to exploit right now, what would that be? Then then we just move on to you, Paul and and Simon.

Sure. In my mind, that would be discovery of unknown long lived nonhuman identities with excessive privilege would be the one that I would say that we need to really have a hand good handle on.

What about you? Yes.

So I think visibility into the overall state of identity is is our biggest challenge right now. It’s ultimately what is allowing attackers to live off the land and carry out phases of attacks without any detectable exploits.

Simon, what are you seeing?

Both of those. A hundred percent. We have too many assumptions around what we know. I think there’s two questions I always sort of ask ask the buy side really.

It’s it’s do you know what your identities can do, and do you know what your identities are doing? So you have the past tense and the and the current. And, obviously, on the back of that, it’s back to the discovery thing. Know?

Do do you know where identities are, what they’re doing, why they’re doing it? And it’s, yeah. What can they do? Why are they doing it?

I think if you can answer those two questions, you can then look at a whole host of deviations from what you expect to be good.

Good insights. Raj, for security mindful people like yourself leading a complex organization and and their security work, where and we’ve talked a lot about, you know, the sprawl of identities in all three identity buckets.

Where would you say would be the concrete step number one for the audience that listens to start? How do you get a grip of this? How do you start unifying this?

Yeah. I’d say a single authoritative identity data source. Like, you know, we talked about for humans, it’s typically the HR systems that we need to consolidate and have view on.

Nonhumans, just like the same, we need to have a view and be able to manage them and for agent equal the agent registry. So in my mind, it’s the identity three sixty degree view for all identity types and having the ownership purpose and life cycle on each of them.

And to Simon’s point, we need to have controls what they can do they cannot, and, that is how you manage and and go on….

And, Simon, Raj mentioned Vue. What does good look like in terms of having a visibility across these identity systems or identity types, if you will? What’s are there any metrics or signals that we should look for? How do we track it?

Yeah. It’s it’s a really good one. Think identities it’s been plagued with bad metrics and bad success for a long, long time because it’s and that’s one of the things that maybe held it back around visibility in discovery, I think. And just just to just to go back to one of our points, that ownership is really important as well.

You know, ownership of people identities is okay. But amplifying that to workload services, AgenTik is really, really important. It allows that traceability and accountability aspect. But I guess the metrics here, they’ve got to think about identity metrics in three main buckets, I think.

And Gartner do a good job of describing this for technology metrics in general, maybe not specifically to identity and cyber. But you gotta think of three areas. One is coverage. One is performance.

And one is effectiveness. And you’ve got to pick metrics which you can control. I think cyber and identity often gets sort of stuck in this. Oh, you think about threats and stopping exploits, you can’t control that.

You can’t control what the bad guys are doing. You can’t control the bad guys are gonna attack or exfil. You can’t control it. What you can control is your your coverage, your visibility, how many systems are automated, how many systems have provisioning workflows and deep provisioning workflows, how many systems have just in time access in place for them, how many systems do you have an inventory for?

And these are really basic things. So inventories and registries aren’t necessarily sexy, but they are essential to to be able to manage your future security landscape. So coverage, you know, how many systems are under management? You know, how many identities do you have?

How many identities is a percentage can you see? What’s the performance throughput sort of characteristics there? Is this working effectively? And by that, I mean, is it automated?

Is it manual? You know, is it centralized? Is it controlled? So you sort of think again in those three categories there and leveraging metrics that you can control, which the biggest one is coverage.

How many systems can you get integrated into this? And not all of those will be identity related, of course. But, yeah, coverage coverage of your controls is really, really important one.

I think that’s that’s that’s sound advice, Simon, and it gives a good set of metrics to look for. Paul, in your mind, I think we have established that identity data is at the core of governance and being able to, to rise points, achieve that visibility and surface up the problems.

You said it yourself, even though you didn’t use those terms, but garbage in garbage out.

What is the foundation when it comes to data practices that organizations need to get right before they invest in tooling? You were kind of touching on it. You put in a lot of money into these you know, do everything type of IGA solutions, but if you have that garbage in, you’re going to get garbage out.

So what kind of investments actually pays off?…

So yes, I mean in that line of thinking I would say identity data hygiene is paramount.

A perfect example of that is take any given important identity attribute, social security number, phone number, hire date, if that hire date, the day and month is switched between regions as we see in real life, that can cause really serious problems later downstream in, say, a system like SailPoint where we’re not properly calculating hiring dates, termination dates, and actually understanding if people are still employed. As silly as it sounds, something that small can cause serious identity workflow breakdowns later. So hygiene is critical, consistent hygiene. And then unification.

We need to achieve a point where we can view that holistic unified identity state and observe for state changes, not just what’s changing, but how and why. If we can achieve that for those three buckets of identities we’ve been talking about today, we are in a much better place to not only surface proactive, maybe compliance audit issues, but also react in near real time to things that might actually be part of an attack and maybe actually shut attacks down before they achieve that ransomware detonation point, which is where most attacks are headed today, and tend to go undetected. So yeah,

hygiene and unification for identity data are the critical pieces. I appreciate that Paul.

I think we’ve surfaced

a lot of good and solid advice and I would touch on some key problems that we’re all struggling with, whether we’re like myself and Raj staying up, sleepless at night.

But, and we’re heading in towards Identityverse in Las Vegas, where you know we’ll be present and we’ll go into more of these topics. If you stay, know, come by our booth, we’ll be able to talk more about that. But for everyone, in a single sentence, what is the most important thing you want identity and security leaders to walk away about differently after we’ve had this conversation? I’ll start with you, Raj.

Sure. So in my mind, the future ReadyIM basically governs intent, behavior, risk, and not just access.

That’s something we should all be walking back because humans, machines, and agentic capabilities are converging in the identity plane, and that is what we are going to defend for all enterprises in the future.

And you, Paul?

I would say, contrary to a lot of thinking today, this is a problem that we can realistically solve, meaning Radiant Logic can help to solve that problem.

But also just as an organization, as a community, this is something that we can tackle versus things like detection and prevention where we will have endpoint protection on systems and malware will still run successfully all day because it’s not necessarily an impossible problem to solve, but it’s a very difficult problem to solve, detection and prevention. But this, starting with identity data, we can actually solve this problem and demonstrably and significantly reduce risk, even in a measurable way.

Thanks, Paul. And Simon, any final last thought?

Yeah, I guess for me, I think if you know identity is it’s a real pillar of your security strategy. You know, if you have a security strategy which doesn’t have identity in it, that will fail, I think ultimately, I think if you then get security right, you can you can share more, you can do more, you can sell more, and the business can do more. And I think that is that is really the the exciting, I guess, pivot point where where we’re at right now is if you get security right, the business will succeed and will flourish.

And security is now reliant on identity. Think that to me is a is a really important thing to take away.

Gentlemen, it’s been a very interesting conversation. A lot of good viewpoints being surfaced.

And To the audience listening, thank you so much for tuning in, and thank you to our esteemed guests. Much appreciated and very good conversation. Thank you.

Thank you for having us. Bye.