Cisco has made a strategic move that signals where the security industry believes the next critical battleground lies: non-human identity. The company’s introduction of Duo Agentic Identity represents a fundamental shift in how enterprises need to think about authentication and authorization in an AI-driven world.
Traditional identity governance focuses on human users. Provisioning workflows assume a person joins the company, gets assigned an identity, and that identity persists until they leave. Revocation is straightforward: disable the account, and access stops. But agentic identity operates under completely different assumptions. Agents are created, modified, and destroyed dynamically. They operate at machine speed. They can spawn new agents. They inherit permissions from their creators in ways that are difficult to track.
Duo Agentic Identity recognizes these fundamental differences. Rather than forcing AI agents into human-centric identity frameworks, it treats agentic workloads as first-class citizens with their own authentication requirements, authorization models, and audit expectations. An agent provisioned to handle a specific task should hold only the permissions that task requires, should operate only during defined time windows, and should leave an audit trail that allows security teams to understand exactly what the agent did and why.
The industry momentum behind agentic identity solutions is accelerating. Companies building AI agents, orchestrating automated workflows, or deploying AI at scale recognize that the identity infrastructure designed for human users simply doesn’t fit the threat model of non-human systems. When an agent can execute API calls at machine speed, chainable actions across multiple systems, and potentially persist access if its credentials are stolen, the security model fundamentally changes.
Organizations adopting agentic identity solutions now are building security models that can scale with AI deployment. Those waiting to address agentic identity as a retrofit will face growing risks as AI agents become central to enterprise operations and security becomes increasingly difficult to maintain across systems designed for human-speed operations.
Source: Cisco Duo