Identity Defined Security Alliance Announces Machine and Agent Identity Working Group

By Machine and Agent Identity Working Group

News

December 17th, 2025

December 17, 2025: The Identity Defined Security Alliance is thrilled to announce the official launch of its Machine and Agent Identity Working Group. The initiative unites leading experts to tackle the challenges of securing machine and AI agent (non-human) identities in today’s digital era. With machine identities already outnumbering humans 82:1 and over 50% of businesses breached due to a compromised machine identity, security and identity teams are looking for strategy and design to build for the future.¹

The Working Group’s mission is to define strategies where identities for machines and AI agents are safely used to mitigate threats facing businesses and governments globally. Today’s machine identities are too often static and long-lived while security and development teams are challenged to be aligned. The Working Group envisions a future where machine identities are unique and short-lived. This work is only becoming more urgent as AI agents come online in large numbers.

The Working Group’s expected deliverables include:

Comprehensive glossary of key terms
In-depth threat analysis and mitigation strategies
Actionable use cases
AI agent identity framework
Maturity model with success metrics
Reference architecture

This working group stands apart by offering a program-in-a-box approach—combining strategy, business outcomes, use cases, maturity models, and architecture into an actionable framework. Join us as we set the standard for non-human identity management and empower organizations to operate securely and efficiently in a machine and AI Agent driven world.

Special Event:

Join the Working Group experts for a live webinar on January 28th to preview the latest work on Threats, Use Cases, and the Maturity Model. Join us as we set new standards for non-human identity management and provide practitioners with the tools to operate securely and efficiently in a machine and AI Agent driven world.

^{1 CyberArk 2025 State of Machine Identity Security Report}

About the Authors:

Kevin Bocek is at the forefront of CyberArk’s cutting edge machine identity security for workload identity, Kubernetes and AI. Before joining CyberArk from the acquisition of Venafi, he led Venafi’s award-winning technology ecosystem and developer community to futureproof customer success and is responsible for the company’s Machine Identity Management Development Fund, which has sponsored innovations with more than 50 developers globally.

Kevin brings more than 27 years of experience in cybersecurity with industry leaders including Venafi, RSA Security, PGP Corporation, IronKey, CipherCloud, Thales, nCipher and Xcert. He has authored several books and is often sought after for comment by the world’s leading media, such as The Wall Street Journal, The New York Times, CNN, BBC, Reuters, Süddeutsche Zeitung, and Handelsblatt, along with security press including SC Magazine, Dark Reading and Heise. Kevin holds a B.S. in chemistry from the College of William and Mary and an MBA from Wake Forest University. He is a member of The Forbes Technology Council and advisor cybersecurity startups.

Kevin is a cybersecurity strategy executive experienced in identifying market trends, threat research, analyst relations, technology ecosystems, product marketing, public relations, and sales enablement. Recognized as subject matter expert in machine identity management, threat detection, encryption, digital signatures, and key management. Additional experience in managing technical architects and professional services organizations.

David Goldschlag is the co-founder and CEO of Aembit. I’m an experienced security entrepreneur, having previously co-founded New Edge Labs (Zero Trust Network Access) and MobileSpaces (mobile security). David held prior roles as VP at Netskope (which acquired New Edge Labs), SVP Strategy & CTO at Pulse Secure (which acquired MobileSpaces), VP for Mobile at McAfee (which acquired Trust Digital), and CTO of USinternetworking. Early in his career, David worked at the NSA. At the Naval Research Laboratory, David co-invented Onion Routing, which later became Tor. I hold a Ph.D. from the University of Texas at Austin.