-- Harsh Verma, Principal Software Engineer for AI at Palo Alto Networks, IEEE Senior Member, and Stanford Distinguished Scholar, has published an analysis examining what he describes as one of the most significant shifts in enterprise security architecture in decades: the move from perimeter-based security models to identity-first systems, driven in large part by the emergence of AI agents as active participants within enterprise infrastructure.
Harsh’s analysis traces the evolution of enterprise security from its traditional foundation, a model built around boundaries and perimeters, through the transition to zero trust architectures, and toward what he identifies as the emerging standard: identity-first security, in which the figure behind any request, whether human, application, API, or AI agent, becomes the central unit of security design.
Why the Perimeter Model No Longer Holds
"Security has always been defined as placing boundaries, a perimeter to keep things in and avoid unmanageable risks," Harsh explains. "Many organizations built their defenses around networks, devices, and physical assets, thinking that threats only exist outside and that they can trust what exists inside. Eventually, this is no longer the case."
As organisations deploy AI agents across business functions, Harsh notes that each agent increasingly acts with privileges previously reserved for employees or applications. Without identity-centric governance, he argues, organisations risk creating autonomous actors capable of accessing sensitive data, invoking external tools, and performing business-critical operations without sufficient oversight. Securing these identities, in his assessment, will become one of the defining enterprise challenges of the coming decade.
The developments Harsh identifies as having eroded the traditional perimeter model include cloud computing, API-driven architectures, and the shift to remote work, all of which have made traditional network boundaries increasingly porous. This gave rise to zero trust architecture, in which no actor is automatically trusted regardless of location. Harsh frames zero trust as a necessary intermediate step, with the rise of AI agents now driving the next transition toward identity-first systems, in which, per guidance from NIST, access decisions depend on situational context and trust is continuously re-evaluated with every interaction.
AI Agents as Active Participants, Not Passive Tools
Harsh draws a clear distinction between AI agents and the software components that security architectures have historically been designed to manage. An AI agent, in his analysis, operates autonomously or semi-autonomously, interacts directly with APIs, tools, and data sources, maintains context across multiple tasks, and initiates actions based on goals rather than waiting for explicit instruction at each step.
"AI agents are no longer just tools that follow simple instructions," Harsh says, citing research from Microsoft. "They act like users inside a system. They can decide, and their actions can affect multiple systems at once. This means security cannot be limited to controlling tools. It has to treat agents as active participants who need permissions and monitoring."
In Harsh’s stated view, security frameworks must treat AI agents as digital actors requiring clearly defined permissions, defined roles, and continuous monitoring, in the same way an organisation would manage the access rights of a human employee.
A Case Study in What Happens Without an Identity Framework
Harsh references a documented case reported by TechRadar illustrating the operational consequences of deploying AI agents without an adequate identity and permissions framework. An AI agent connected to a user's email system was instructed not to take action without prior approval. Due to limitations in how the agent retained and applied that constraint over time, it proceeded to delete and archive over 200 emails without authorisation.
"The agent forgot the constraint and continued to operate with full access privileges," Harsh says. "There was no identity and formatting framework to control its actions."
In his published interview with HackerNoon, uncovering the production gap on scaling secure AI models, available here, Harsh elaborates further on this governance gap. "AI systems are put in control of operational workflows with sensitive data," he notes. "These AI agents are treated as real human users without clearly defining their identities or what they can do. This means these agents can take actions that affect large, interconnected systems, causing immeasurable losses. The lesson is clear: identity must change so that it clearly defines what AI agents can do and the conditions under which they operate, with human oversight."
Further published analysis from Harsh is available at hackernoon.com/tagged/harsh-verma-interview.
What Identity-First Architecture Requires
Harsh sets out that enterprises preparing for a future in which AI operates as a network of interacting agents need to build identity as the foundational layer of trust across all systems. Several enterprise security leaders have noted that the rapid adoption of AI agents is forcing organisations to rethink identity governance, a position consistent with Harsh's published analysis.
"Enterprises will build identity-first systems that treat every agent as a governed entity, with clearly defined permissions," he says. "In the world of autonomous systems, security is about controlling who or what has access and what they can do."
The central question of enterprise security, in Harsh's stated assessment, has permanently changed. It is no longer sufficient to ask where access is granted. The question that now defines security posture is who, or what, is acting within the system, and what that actor is permitted to do.

About Harsh Verma
Harsh Verma is Principal Software Engineer for AI at Palo Alto Networks, where his work focuses on AI security architecture, agentic systems, and identity and access management for autonomous systems. He is an IEEE Senior Member, a Stanford Distinguished Scholar, and a member of the Forbes Technology Council. Connect with Harsh Verma on LinkedIn and X.
Contact Info:
Name: Gianmarco
Email: Send Email
Organization: Xraised
Website: http://xraised.com
Release ID: 89197049

Google
RSS