Identity-First Security for AI Agents [The Cyber Hut Replay]

Missed it live? Check out the full conversation between The Cyber Hut's Simon Moffatt and Token Security's Ido Shlomo about identity-first security. AI agents are no longer prototypes or pilot projects. They are rapidly becoming integral components in software supply chains, CI/CD pipelines, and autonomous, automated systems. Each agent has credentials, makes API calls, reads and writes data, and interacts with other services, often with little oversight or governance. This talk introduces an identity-first approach to securing AI agents. We’ll walk through how every autonomous agent functions through Non-Human Identities (NHIs) and why identity is the correct control plane for managing their lifecycle, security posture, and behavior. You’ll learn how to continuously discover agents across your environment, analyze their privileges and access patterns, and detect threats in real-time. We will also cover detection techniques like signature-based tracking, SDK usage analysis, Secrets usage analysis and runtime correlation. Expect live examples, architecture patterns, and lessons learned from securing dynamic environments where traditional IAM models break down. If you’re building or securing AI-driven infrastructure, this session will give you a framework to bring identity-based control to environments where code is acting autonomously—and doing so at scale.