Identity control plane emerges as next battleground for AI agents

As autonomous AI agents gain access to enterprise systems, a new identity challenge is emerging: understanding who an agent represents, what authority it has been delegated, and how its actions can be governed. A series of announcements from Ping Identity, Orchid Security and Palo Alto Networks illustrates how vendors are building the identity control plane for the agentic enterprise.

Ping Identity adds unified capabilities to Identity Platform

A release from Denver provider Ping Identity says “agents need trusted access to do useful work, but should not be given direct exposure to the secrets that make that access possible.”

A new unified set of capabilities across the Ping Identity Platform aims to address this.

AI-first, machine-friendly headless interfaces and skills make enterprise identity programmable through MCP, CLI, APIs, and agent-ready workflows. Agent discovery, governance and auditability bring human accountability to AI agents, providing visibility into which agents exist, what they can access, how they operate, and who is accountable for their actions. And privileged just-in-time access to enterprise resources for coding agents, AI assistants, and other desktop agents is designed to prevent secrets from being exposed to agents, reduce standing privilege, and attribute code commits to agents.

“AI agents are fundamentally changing how enterprise systems operate,” says Andre Durand, CEO of Ping Identity. “As enterprises make applications consumable by AI agents, Ping is making identity programmable, agents visible and governable, and resource access trustworthy. Identity is evolving from authentication infrastructure into operational governance infrastructure for the agentic enterprise.”

Orchid transforms agents from dark matter into trusted teammates

Orchid Security’s major extension to its Identity Control Plane introduces three new capabilities.

According to a release, Agentic Enrichment maps and enriches AI agents with their originating identities, owners, applications, permissions, and business context to understand who or what they represent, and what authority they inherit.

Agentic Observability continuously monitors AI agents across their access, authorization paths, activity, and full chain of delegation to understand what they can do, what they are doing, and whether intent aligns with expected behavior.

And Agentic Guardrails enforce application AI-readiness by eliminating Identity Dark Matter – “the unseen and unmanaged identity layer that already represents 57 percent of enterprise identity” – applying least privilege, and strengthening identity hygiene to keep agent actions within their defined bounds, context, and intent in real-time.

“AI agents are not just new identities, they are delegated identities,” says Roy Katmor, CEO of Orchid Security. “If you can’t see the delegation chain, you can’t govern the agent. By pairing every agent with its originating identity and enforcing dynamic guardrails in real time, we’re enabling enterprises to scale AI safely, turning agents into trusted teammates rather than unmanaged dark matter.”

Portkey secures AI Gateway for Palo Alto Networks’ Prisma AIRS

Palo Alto Networks’ acquisition of Portkey establishes it as the core AI Gateway for the Prisma AIRS platform, as the firm aims to bridge the trust gap created by autonomous agents. A release says an AI Gateway “acts as the central nervous system for all AI traffic,” and delivers “the essential capability to monitor, orchestrate, and govern agent interactions, helping ensure that every request is routed to the best model for the job.”

It also monitors token usage to manage costs, and provides a layer of runtime protection to help stop malicious or unintended AI behavior in real-time.

Taken together, the announcements illustrate a broader shift in enterprise identity. As AI agents move from experimental tools to active participants in business processes, identity platforms are evolving beyond authentication and access management toward continuous governance, delegated authority and operational trust. The emerging challenge is no longer simply verifying identities, but managing what autonomous systems are authorized to do on behalf of people and organizations.

Article Topics

AI agents  |  digital identity  |  identity access management (IAM)  |  identity control plane  |  identity security  |  non-human identities  |  Orchid Security  |  Palo Alto Networks  |  Ping Identity