Listen to the article
As AI agents proliferate across diverse platforms, organisations face growing challenges in managing authority, access, and accountability, prompting a shift from discovery to runtime control.
After three days at Identiverse 2026 in Las Vegas, one theme stood out above the rest: the industry is racing to make sense of AI agents before those agents outpace existing controls. In a commentary for SC Media, the author argued that vendors are converging on a familiar promise , discover the agent, link it to an owner and govern it , but that this first-wave approach only scratches the surface of the problem. The harder issue is that agents are no longer confined to one platform, one studio or one identity stack; they are appearing across SaaS tools, local builds, API flows and delegated credentials.
That concern reflects a wider shift in enterprise AI. TechRadar recently reported that as AI agents move from pilots into live operations, businesses are being forced to confront questions of governance, workflow design, decision rights and accountability, not just model capability. The piece noted that many leaders expect AI to reshape work, yet far fewer believe their organisations are ready to use it effectively, underscoring the gap between enthusiasm and operational maturity.
Vendors are already trying to fill that gap. Databricks has launched Genie One, which it says is designed to act as an AI co-worker across business functions and connect with more than 50 workplace tools, while also drawing on a new context layer intended to improve governance and accuracy. Other platform providers are pitching broadly similar ideas: Forge says it can inventory agents, map execution paths and enforce policy at runtime; Aizome says it focuses on agent identity, intent and auditable delegation chains; and KeyForge AI is marketing a unified governance plane for human, machine and AI-driven access. Taken together, those claims show how quickly the market is moving from simple discovery towards runtime control.
But the Identiverse discussion suggested that visibility alone will not solve the deeper issue. The SC Media commentary warned that enterprises need to understand not only where agents exist, but what authority they have, what they are allowed to touch and how that authority travels across chained actions. That mirrors broader security scepticism about agentic AI. TechRadar has reported that security leaders remain wary of vendor hype and opaque autonomy, arguing that useful systems will still need human oversight, clear guardrails and explainable outputs.
The real lesson is that AI agents are exposing long-standing weaknesses in identity governance rather than creating entirely new ones. If enterprises cannot see how identities, credentials and permissions work inside their applications, they will struggle to manage agents that act continuously and at machine speed. The emerging control plane, then, is less about a single registry and more about a full view of actors, access paths and application context before any action is allowed to proceed.
Source Reference Map
Inspired by headline at: [1]
Sources by paragraph:
Source: Fuse Wire Services
Access Our Exclusive Research
In-depth analysis and actionable data to keep you ahead of the curve.
Never Miss an Update. Get our latest research delivered straight to your inbox.