1. Home
  2. /
  3. Resources
  4. /
  5. #KEYMASTER: Agentic AI Risks and The Role of Identity

#KEYMASTER: Agentic AI Risks and The Role of Identity

hero-sub-3
PKI hierarchies - 1, 2, 3 tiers ?

2025-11-11

In this episode of #KEYMASTERs, Sven Rajala, International PKI Man of Mystery, is joined by Ryan Sanders, Senior Director of Product and Customer Marketing at Keyfactor, to unpack one of today’s most discussed topics: Agentic AI.

They begin by defining the concept; while generative AI creates content in response to prompts, agentic AI takes things a step further by acting independently, making decisions, and executing tasks across systems. This shift from generating to acting introduces powerful capabilities, but also serious security implications.

Ryan points out that agentic AI agents often need direct access to enterprise systems and sensitive applications to perform useful work. That means trust and authentication become central concerns: who or what is accessing a system, and how do we verify it securely?

Watch video on YouTube

Most agentic AI projects today are still in design or pilot stages, largely because organizations do not yet fully trust these systems. Many rely on static credentials like user or service accounts, which create significant risk. Instead, Ryan and Sven discuss moving toward stronger, scalable authentication methods such as PKI (Public Key Infrastructure) and OAuth frameworks, using certificates as credentials to establish identity, issue short-lived tokens, and enable secure communication through mutual TLS (mTLS).

The discussion also explores how these agents are likely to run in containerized and service mesh environments, making it critical to apply existing best practices from DevSecOps, such as container signing, provenance attestation, and policy enforcement, to this new class of workloads.

As the technology evolves toward autonomous and multi-agent systems, the challenge will be to combine this agility with enterprise-grade trust. The session concludes by highlighting the growing ecosystem of emerging standards from OWASP, the Cloud Security Alliance, and Keyfactor’s own recent white paper on securing AI agents.

Key takeaways

  • Agentic AI represents the next evolution of AI,  from generating content to taking autonomous action.
  • The biggest barriers to adoption today are trust and secure authentication.
  • Static credentials (user/service accounts) are risky and easily exploited.
  • PKI and OAuth offer a more secure and scalable approach to authenticating AI agents.
  • Certificates are the strongest form of credentials, verifiable, rotatable, and tied to a root of trust.
  • Service meshes, container signing, and attestation will play a key role in securing agentic AI deployments.
  • Standards bodies like OWASP and the Cloud Security Alliance are developing frameworks to guide safe adoption.

Learn more

Read hour whitepaper: Securing Agentic AI with Zero Trust

Find all our #KEYMASTER videos and more on Keyfactor for Developers – Your hub for cryptography, PKI, and signing.

Related resources

PKI hierarchies - 1, 2, 3 tiers ?
DevOps
Implementing Cryptography
Post-Quantum Cryptography
Tech Update
Ejbca
Signserver
28 October, 2025

#KEYMASTER: From SBOMs to CBOMs – Why Software Producers Must Map Their Crypto Assets

In this #KEYMASTER session, Sven Rajala, International PKI Man of Mystery, an...
Read more
PKI hierarchies - 1, 2, 3 tiers ?
Implementing Cryptography
Signing
Tech Update
Ejbca
Signserver
26 August, 2025

#KEYMASTER: Stateless PQC Digital Signatures: Insights into ML-DSA & SLH-DSA

In this #KEYMASTER episode, David Hook, VP of Software Engineering for Bouncy...
Read more

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey Solutions AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Check to consent to the use of Necessary cookies
Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Check to consent to the use of Functional cookies
Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

Check to consent to the use of Cookies for statistics
For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

Check to consent to the use of Cookies for ad-tracking
To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.

Ad measurement user cookies

Check to consent to the use of Ad measurement user cookies
In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

Check to consent to the use of Personalized ads cookies
To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data
Close