📣 Send us your press release
Site updates every 15 minutes
Technology

Zero Trust Security Urgently Needed for AI Agents' Speed

Enterprises must treat zero trust security architecture as an immediate requirement for AI agents rather than a long-term goal, says Ping Identity CEO Andre Durand.

16 July 2026
Zero Trust Security Urgently Needed for AI Agents' Speed

Businesses must implement zero trust security architecture as an immediate necessity for AI agents, not a long-term objective, according to Andre Durand, CEO and founder of Ping Identity.

Zero trust, a security model built on the premise that no user, device, or system should be automatically trusted, requires continuous verification before each action, diverging from traditional single checks at login. The rise of agentic artificial intelligence has dramatically compressed the risk timeline businesses face, necessitating real-time evaluation of permission decisions.

Durand highlights that the current demand for AI agents and their rapid operation underscores the urgent need for faster adoption of zero trust principles. He contrasts the speed of potential compromise: a human breach might unfold over minutes or hours, while an agent could execute thousands of actions in mere minutes. This velocity difference fundamentally alters how enterprises must approach permissions, focusing on both the breadth of access granted and the duration of that access.

In contrast to traditional identity and access management, which often grants broad permissions and extends sessions, zero trust advocates for "just enough, just in time" access. This model narrows access to what is strictly necessary and continuously revalidates it. Durand emphasizes a shift from identity management solely as a runtime control point (login status) to one centered on decision-making and continuous risk assessment. He also stresses that agents should possess unique identities, rather than impersonating human users or sharing service accounts, to mitigate risks associated with shared secrets and API keys.

Practical enforcement of zero trust policies can occur at critical points like API gateways, where agent requests can be inspected and policy rules applied in real-time based on risk and fraud signals. The objective is to move authorization from a one-time decision at login to an ongoing evaluation for every consequential action. This approach narrows the window of trust to the scope of a single action and prevents agents from escalating their own privileges or bypassing security safeguards.

Original source: venturebeat.com