Identiverse 2026 Reviewed: Are We Ready for the AI Era?
Buzz words abound, but it's only the beginning of the AI era
"Now this is not the end. It is not even the beginning of the end. But it is, perhaps, the end of the beginning." Albeit attributed to one Winston Churchill in somewhat more serious times, the identity and access management era has definitely moved into a different epoch. The world of static permissions, human-centric platforms, blinds spots and isolated systems is over.
Non-human discover-ability, runtime controls and agentic intent management are now becoming table stakes - in conversations at least.
Has the AI-identity era begun, or are just saying goodbye to the beginning of IAM as we know it?
Last week I braved the 41 degree heat to travel over to Las Vegas for the Identiverse 2026 event. As always, an immersive 4 day conference, with a range of established and emerging vendors, practitioner talks, breakout sessions and of course World Cup games.
Whilst I didn’t attend as many event talks as I would have liked, vendor briefings, side hustles, beer and coffee chat and general wanderings proved incredibly insightful to what is happening and what may be emerging.
What it is in the Rear View Mirror
Technology evolves, standards come, go and come back again and capabilities disappear. Several “perfect storm” moments are happening in identity right now and are changing entirely how we design, buy and think about IAM features.
Zero Trust, Cloud and API Economy
Let’s start with a few givens. The multi-decade migration to zero trust (ZTNA) is of course still a thing. Many organisations are not fully there and are slowly but surely embracing a perimeter-less approach to data access, edge security and continuous forms of authentication and access management. No one explains this anymore. Business cases rarely need to be made internally, but the implementation, migration and operational management still needs to be done. All in ZTNA is just the defacto way of discussing general network security - and of course IAM is central to this design paradigm.
Two other concepts that are really just “givens” are the cloud-first consumption of IAM features and the ability to consume these services as APIs. Absolutely the “hybrid” deployment approach is and will continue to be a thing for a long time yet - and this is something I’ve discussed many times on The Analyst Brief Podcast - but these two non-functional requirements are the default deployment and consumption facade and not the exception.
The general narratives from vendors and system integrators follows this, with the general assumption that a buy-side org will engage with identity services via a subscription, cloud and API deployment that will fit natively into a “continuous” IAM strategy that supports ZTNA. Of course, what “continuous IAM” actually is I will cover later.
Moving Towards Obsolescence
Of course AI is and was everywhere. Nearly every (maybe every) vendor had some narrative around AI. Perhaps securing all of AI (ambitious) or more likely agentic-identity security. Suddenly, since the end of say 2024 we’re seeing many often confusing, conflicting and sometimes conflating ideas, questions and concepts relating to AI security.
We see two distinct phases: AI for IAM and IAM for AI. If we tackle the former for a moment and add in some ideas around what might suddenly start to become obsolete from an IAM point of view in the not too distant future. Of course any predictions of the like are able to come back and haunt, so take this with a pinch of salt.
What can AI help us with in the IAM world and let us get on with some “real problems”.
Populating descriptions for AD group, roles and policies: this is boring manual work that expensive humans hate. We avoided it and the result was group and role explosions.
Access review certifications: instead of managers rubber-stamping yes/no on lists they don't understand, AI can pre-analyse each entitlement, flag anomalies and recommend approve or revoke with a rationale, reducing certification to exception handling.
Writing access request justifications: users currently struggle to articulate why they need access; AI can draft the justification based on their role, peer group and the resource being requested, reducing friction and improving audit quality
Application on-boarding and connector configuration: mapping an application's roles, attributes and entitlements into an IGA or access management platform is largely a pattern-recognition task - either for filling in template documents or perhaps even building the basic connector
Writing and maintaining access policies: this is a game changing one, and may not be entirely made redundant, but translating business rules like "only finance team members in the EU can access payroll data during business hours" into formal policy syntax (XACML (remember that?), OPA, Rego, Cedar et al) is exactly the kind of structured translation task AI handles well, removing the bottleneck between business intent and technical policy enforcement
Many of the above are likely to get to the 80% “automagic” point (see Pareto Efficiency for that) without really start to “cost” anything. The last 20% might well start to make other areas less well off in the short term, but humans getting involved just for the “last mile” exceptional cases would be a huge improvement.
What Car Are We Tailing
So we can definitely see “light” at the end of the old-world IAM tunnel with many issues hopefully starting to disappear - or at least move towards a potential obsolescence time line. But we can’t just put our feet up at this point.
We (as identity and cyber security nerds) now have more to worry about, as instead of just fixating on human-identity, we have to manage non-human and agentic-identity too.
Identiverse generated many interesting points around AI and agentic security - some exciting, some insightful, some obvious, some very wrong (?!), some tedious but all entirely useful as signals to what is happening in both the vendor land and practitioners worlds.
Let me jot down a synthesised view of some of the key statements and questions that dominated many of conversations and briefings I had last week:
Statements
Agentic access without governance is a risk
Secrets sprawl is the new shadow IT
NHI: the identity problem nobody planned for
Non-human identities now outnumber human identities in the enterprise
AI agents are the new insider threat vector
Every AI agent needs an identity, a role and an access policy
Agents amplify the weaknesses inherit in human authorization management
Questions
Who authorises the AI agent?
Who should access an AI agent?
How to support JiT/ZSP for agents?
How to find an owner for an agent?
Can you revoke access from an AI agent in real time?
Can you see all of your AI agents?
What happens when your AI agent gets compromised?
Does your IAM strategy cover non-human identities?
What is intent management?
So we have the fear - volume, variety and vulnerability - and the complexity - intent, governance and management.
I would like to add in a few more comments here. We need to step back a little and think about what we really want to fix as an industry. If we return back to the World Cup for a second, Agentic-identity is a little like a friendly match before the tournament starts, or perhaps the first half of group game 1. It’s frantic, hot, full of mistakes and to be honest, the result doesn’t mean a great deal. But we can use it to learn.
We are very early with respect to deployment, design patterns, standards and real world experience when it comes to agentic-identity. Yes AI and specifically agentic-deployments are sky rocketing, but equally we don’t have decades worth of project scars to rely upon. We are generating more questions than answers right now, and that is perfectly fine.
But it is important to work out what is tactical versus what is long term and strategic.
Tactical Concerns
Securing MCP
Securing RAG
Agentic Discovery and Ownership
Stragetic Concerns
Attribution and Intent (biological, lineage, behaviour, accountability)
Trusted Interactions (humans, non-humans, agents, service providers)
Data Authentication and Integrity (organisational, geo-politcal, societal)
The divide between tactical and strategic is important - namely as the tactical phases of technology evolution are moving increasingly fast. AI makes feature acquisition “fast” - in the sense incumbent platforms can extend at the edge of their horizontal capabilities very quickly. Previously this may have required acquisitions or partnerships. Today that means AI-assisted development.
As today we see “AI Security” and “Agentic Security” vendors, whereas tomorrow all “infosec vendors” will be AI and agentic security vendors by proxy.
Further Resources:
Where Are We Heading
The strategic concerns are really where we we are heading towards - with several bumps in the road as we get there.
There has been considerable uptick in the past 24 months in concepts like data encryption, post-quantum crypto, crypto-agility and authorization. None are AI-specific, but AI deployments are amplifying vulnerabilities in some of these core areas.
A more AI-centric concept that has emerged both in 2024 and certainly at Identiverse was that of Intent Management. (This is a concept The Cyber Hut are actively tracking and are looking to release a cheat sheet on this in July 2026 - if you are a vendor in this area get in touch for a briefing).
I will cover intent in more detail next month, but essentially agentic access management requires three distinct anchor components:
Guardrails (outer bounds for expected behaviour - prompting, ingress, egress)
Authorization (PDP/PEP, PBAC, JiT)
Intent Analysis (behaviour, drift, sequencing)
What do these components ultimately do? They identify risk (at runtime), detect if a composite threshold has been reached and do something about it. Both the “threshold” crossing and “do something about it” are still very much in their infancy but solutions are developing rapidly here. For certain the response will be more than just an “allow or deny” and must contend with fine grained access changes, perhaps deceptive redirection and monitoring along with degradation and disruption ideas.
Bumps in the Road
Several conversations (nods to the likes of Transmit, Descope and LoginRadius here) have touched on the agentic-commerce area - with agents operating on the behalf of a consumer. This can have some very interesting consequences with respect to how a service provider binds and owns a B2C identity. Will the agent essentially act as a barrier to a personalised experience and disrupt data capture? Or improve privacy? The ability to expose services, products, pricing and the like to AI search engines is popular. The secondary aspect here is to expose agents that can in turn “talk” to agents operating on-behalf-off (OBO) of a B2C identity. This is emerging and patterns have not become stable.
A further comment on intent and agentic behaviour observation. A term that is popping up more is that of an LLM “judge” or observer. This is essentially trying to act as the independent analyser of behaviour that also carriers the same non-functional characteristics of the thing it is monitoring - namely optimization and learn-from-doing.
To that end are we simply heading to a “robot-wars” scenario, where only AI can protect AI?
Event Shout Outs
I did manage some “time out” from briefings and the Expo floor and shout outs to P0 Security, The Identity Underground, Silverfort, Britive and Saviynt for some great post-event “parties”.
Thanks also to those that attended The Cyber Hut watch event for the England -v- Croatia World Cup game at Flanker Kitchen and Sports Bar. Great turnout and an England victory!
Podcast Shout Outs
Thanks also to the Silverfort Identity Decoded Podcast and Saviynt SaviTalk Podcast for having me on your shows and the great conversations. Watch out for when those shows drop soon!
Vendor Briefing Shout Outs
As a former vendor guy for 15 years I understand totally that conferences can be exhausting for vendors. Customer meetings, prospect meetings, partner meetings, VC meetings, then booth duty, then having to brief analysts on your current (and often changing) plans. I spoke to many vendors last week, but a specific shout out to those I met for 1-2-1s and briefings:
Aembit, AppViewX, Britive, C1, Crowdstrike, Descope, ManageEngine, Ory, P0 Security, Redblock, Reva, Saviynt, Silverfort, Stackbob, WSO2
Further Training Resources:
About The Author
Simon Moffatt has over 25 years experience in IAM, cyber and identity security. He is founder of The Cyber Hut - a specialist research and advisory firm based out of the UK. He is author of CIAM Design Fundamentals and IAM at 2035: A Future Guide to Identity Security. He is a Fellow of the Chartered Institute of Information Security, a regular keynote speaker and a strategic advisor to entities in the public and private sectors.