Security Weekly
Full episode and show notes

Agentic AI Has an Identity Problem – Itamar Apelblat – IDV26 #1

AI agents are already running inside enterprise environments, operating on credentials, API tokens, and cloud roles that most security teams have never inventoried. When an agent acts autonomously across production systems, the security question is no longer just what it can do but who it is and whether that identity is governed at all. Itamar Apelblat, Co-Founder and CEO of Token Security, discusses why identity is the right lens for understanding agentic AI risk and what practical steps security teams can take now. Segment Resources: https://www.token.security/product https://www.token.security/lp/ai-agent-identity-security-buyers-guide-ebook https://www.token.security/enzo https://www.tok...

This episode is sponsored by
Full Segment Notes

AI agents are already running inside enterprise environments, operating on credentials, API tokens, and cloud roles that most security teams have never inventoried. When an agent acts autonomously across production systems, the security question is no longer just what it can do but who it is and whether that identity is governed at all. Itamar Apelblat, Co-Founder and CEO of Token Security, discusses why identity is the right lens for understanding agentic AI risk and what practical steps security teams can take now.

Segment Resources:

https://www.token.security/product https://www.token.security/lp/ai-agent-identity-security-buyers-guide-ebook https://www.token.security/enzo https://www.token.security/ai-agent-calculator

This segment is sponsored by Token Security. Visit https://securityweekly.com/tokenidv to learn more about them!

Key Moments
  • 0:00 - Introduction with Token Security CEO at Identiverse 2026
  • 0:21 - Defining the Challenge: Securing AI Agents
  • 0:38 - Why AI Agents Need a Dedicated Security Program
  • 01:11 - Why Agents Differ from Machine and Human Identities
  • 01:53 - Rethinking Least Privilege for AI Agents
  • 02:12 - Goal-Based, Dynamic Access for Agents
  • 03:05 - Scope Control: Preventing Over-Privileged Production Agents
  • 03:38 - Risks of Prompt Injection and Admin-Level Access
  • 03:48 - Shadow AI: The New Shadow IT Problem
  • 04:19 - Three Types of AI Agents in Organizations
  • 05:05 - Discovering Shadow AI Across the Enterprise
  • 06:12 - Endpoint Monitoring for Local AI Agents
  • 07:07 - Applying Cloud Identity Lessons to AI Agents
  • 07:48 - Why Traditional IGA and PAM Don’t Scale for Agents
  • 08:57 - Explosion of Agent Scale and Complexity
  • 09:35 - Policy Definition and Automated Enforcement
  • 10:26 - Moving from Centralized to Decentralized Identity Control
  • 10:51 - SaaS Vendors and Embedded AI Agents
  • 11:34 - Measuring Success in Agent Governance Programs
  • 11:50 - Agent Lifecycle Management and Automation
  • 12:31 - Agent Debt and Orphaned AI Systems
  • 12:53 - Secrets Exposure in Agent-Driven Environments
  • 13:40 - Why Security History Is Repeating with AI Agents
  • 14:03 - Shifting Focus: From What AI Says to What AI Does
Guest
Co Founder & CEO at Token Security

Itamar Apelblat is the Co-Founder and CEO of Token Security, with over 15 years of technical and leadership experience in cybersecurity. A second-time entrepreneur, he previously co-founded a successful fintech startup and served as an officer and R&D group manager in Israel’s elite Unit 8200, where he led cutting-edge cybersecurity initiatives. Itamar has deep experience building enterprise-grade security solutions and works closely with CISOs to tackle complex identity and infrastructure challenges; like agents already running in their environments, often without visibility, governance, or any clear owner, and helps them build the foundation to secure them before the next incident.

Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Segments

Related Content

You can skip this ad in 5 seconds