As enterprises accelerate cloud adoption, automation, and AI-driven workflows, traditional identity and access models are breaking down. Authorization decisions made at login, reinforced by periodic reviews and manual approvals, no longer reflect how work actually happens in modern environments. This keynote explores why static trust fails in high-velocity systems and how identity security must evolve toward continuous, runtime decision-making. It examines the growing role of non-human identities, the limits of human-in-the-loop controls, and how organizations can safely introduce autonomy without sacrificing governance or accountability.

As AI moves from "chatting" to "doing," we are witnessing the birth of a new class of identity: the Agent. Unlike traditional service accounts, agents act with human-like autonomy but machine-speed risk. This session breaks down the three critical authentication patterns for the agentic era—from user-delegated OAuth to the emerging Model Context Protocol (MCP)—and provides a blueprint for preventing "identity hijacking" in multi-agent ecosystems

As attackers increasingly focus on identity-based attacks, traditional defenses are no longer enough. This session helps attendees gain insight into how adversaries exploit misconfigurations, legacy protocols, and operational gaps to move laterally and establish persistence. The discussion then shifts to practical defense strategies, covering prevention, detection, and recovery techniques that security and IT teams can apply in real-world environments. Attendees will leave with a clear understanding of what is needed to protect their IdPs in today’s threat landscape, along with actionable steps to strengthen identity resilience within their organization.

Cloud attacks are shrinking from days to hours, supercharged by AI-driven tactics. Security teams must respond at the same machine speed — with deeper, more connected context than ever before. This session unveils the Wiz SecOps AI Agent, an engine that automatically investigates cloud threats, providing clear verdicts and in-depth explanations. Learn why autonomous investigation isn’t just an efficiency gain — it’s becoming a competitive necessity for modern cloud security.

In a borderless enterprise, identity risk often hides in plain sight: stale accounts, shadow admins, forgotten service principals, and entitlements that quietly expanded over years of exceptions. This panel tackles the hard operational reality of identity sprawl across cloud and on-prem—how it happens, why it persists, and how attackers exploit it through misconfigurations and privilege chaining. Panelists will share practical approaches to discover effective access, reduce privilege safely, and build guardrails that prevent re-sprawl without breaking the business.

In the era of agentic AI, organizations are faced with a brand new class of users that bring great opportunity but even greater security risks. As AI agents – from internally-deployed digital workers to third-party computer-using agents – proliferate, traditional approaches to oversight and accountability may no longer suffice. The challenge is not just about mitigating risk, but about creating the right conditions for AI to be adopted responsibly, transparently, and in alignment with enterprise values and goals. How do you establish a foundation of digital trust that empowers innovation while maintaining control, clarity, and confidence across the organization?

As threats have evolved so too has the approach to Modern Identity Security. A Privilege-Centric approach must be adopted and considered with this evolution. Identity and user management for all accounts within an organization must mature to meet the demands of the cloud, nonhuman identities, Agentic AI and modern attack vectors. Your PAM strategy must now manage and mitigate not only traditional privileged access (root and admin) but also attacks against identities with a path to privileged access.  These paths to privilege still remain one of the most valuable targets for cybercriminals because many organizations are defending their environments with fragmented or siloed security strategies and solutions. Security gaps and risks lie in endpoints, cloud environments, Saas Applications, third-party access and now Agentic AI and NHI which make the battleground even harder to defend.

Identity Security builds on the foundation of defense-in-depth, coupling visibility with least privilege and Zero Trust while addressing critical risks with priority and exposing less-than critical risks for awareness.  Leverage a strategy that works, improves compliance, helps meet cyber insurance mandates, enhances security posture, while giving you the visibility needed to protect your environment.

Identity Threat Detection and Response (ITDR) is becoming essential as attackers bypass endpoints and go straight for credentials, tokens, and identity control planes. This panel explores what “good ITDR” looks like beyond marketing: the telemetry that matters (authentication, token issuance, directory changes, conditional access, API calls), the detections that catch real attacks (impossible travel is not enough), and the response motions that stop blast radius quickly. We’ll also cover how to integrate ITDR with SOC operations, incident response, and cloud security teams.

In the modern enterprise, identity is no longer a "check-in" event; it is a persistent, evolving state. While traditional IAM focuses on point-in-time authentication, the threat landscape of 2026—characterized by session hijacking, adversary-in-the-middle attacks, and AI-driven impersonation—requires a transition to Continuous Identity. This model moves beyond the initial login to provide ongoing evaluation of authorization, risk, and context throughout the entire duration of a user's presence.

Join Jeff Steadman, host of the Identity at the Center podcast, and special guest for a 30-minute exploration of what it means to maintain a continuous identity fabric. This fireside chat peels back the layers of real-time security signals, shifting the focus from "who (or what) are you at 9:00 AM?" to "should you (or it) still be doing this at 2:00 PM?"

Attendees will learn:

• Identity vs. Authentication: Why Continuous Identity is about more than just re-verifying credentials—it's about the continuous evaluation of the entire identity context.
• The Shared Signals Ecosystem: How CAEP and the Shared Signals Framework allow the Identity Provider to act as a dynamic orchestrator of trust.
• The "Kill Switch" Narrative: A technical walkthrough of how a compromise detected mid-session results in immediate, cross-platform remediation.
• The Future of Human & Machine Identity: How continuous principles apply to the new world of autonomous AI agents and automated workflows.

Zero trust demands continuous verification—but users and business leaders won’t tolerate endless prompts and broken workflows. This panel examines how organizations can implement continuous authentication and risk-based access in ways that improve security and usability at the same time. Topics include phishing-resistant MFA, device and session posture, step-up authentication, adaptive policies, and designing compliance requirements. Panelists will share lessons learned on reducing helpdesk load, improving adoption, and making “secure by default” feel invisible.