AI agents are quickly becoming first-class identities inside the enterprise—and attackers are already treating them as a new attack surface. Unlike traditional software, modern AI agents operate as composite, delegated identities that chain IAM roles, service accounts, and connectors across platforms like AWS Bedrock and Azure OpenAI. A single agent action can cascade into authenticated activity across cloud, SaaS, and internal systems, each step inheriting privileges from the layer above.
This shift is colliding with an identity landscape that's already fragmented. Human, machine, and non-human identities sprawl across hybrid AD and cloud environments, and AI agents add a non-deterministic layer on top – one that accepts untrusted input as instructions and dynamically assumes roles based on context. Traditional IAM and PAM controls weren't built for this, and adversaries are taking advantage with prompt injection, context poisoning, delegated token abuse, and agent-driven lateral movement that blends seamlessly into normal cloud telemetry.
This Real Training for Free session takes a deep technical look at how AI agents function as identities, how they're being attacked today, and how identity-first, inline enforcement can detect and stop agent abuse in real time – across AWS, Azure, SaaS, and the systems agents reach into.
Up first, 4-time Microsoft MVP Nick Cavalancia takes my seat as he sets the stage, covering:
- The shift from deterministic software to non-deterministic AI agents—and why that breaks long-standing assumptions about identity and access
- Why AI agents represent a fundamentally new identity type, distinct from human users, service accounts, and machine identities
- How identity fragmentation and privilege sprawl are amplified once AI agents start chaining permissions across cloud and SaaS
- Where securing AI agents aligns with MITRE ATT&CK—and why adversary techniques against agents map to existing tactics security teams already track
Up next, we'll hear from Ido Halevi, Director of Product Management, and Yoad Dvir, Senior Product Marketing Manager at Silverfort, who will dive into how AI agents are being targeted and how to defend them. Topics will include:
Technical Foundations of AI Agents as Identities
- Agent architecture across models, orchestration, tools, and connectors
- How identity chaining works across IAM roles and service accounts—and where AWS and Azure differ
- Why traditional IAM and PAM fall short in agent-driven environments
Attack Techniques Against AI Agents
- Prompt injection, jailbreaks, and instruction override
- Context and knowledge base poisoning
- Credential leakage, delegated token abuse, and privilege escalation via chained identities
Detecting Risk Across Identity Chains
- Surfacing "ghost permissions" and fragmented identity paths
- Spotting connection leakage (e.g., personal accounts inside enterprise connectors)
- Mapping intended vs. actual agent behavior to catch intent drift
Identity-First, Inline Defense for AI Agents
- Building unified visibility across every agent interaction
- Auditing identity chains end-to-end across hybrid environments
- Real-time enforcement based on identity context, behavioral intent, and live risk signals
Join us to learn how to bring AI agents under the same identity control plane you use for human and machine identities—before adversaries make that decision for you.
This Real Training for Free Session will be full of real-world practical application.