The Co-Inventor of Tor on Why Your NHI Strategy Is Already Behind

Most organizations have spent the last 20 years getting really good at human identity. 2FA. Biometrics. Face ID. Ephemeral tokens. They did the work. And the whole time, they were quietly pushing every ounce of that compressed risk onto the non-human side of the house.

Service accounts with username and password. API keys that never rotate. Credentials hardcoded in pipelines. Long-lived tokens that were supposed to be temporary.

Eventually is here.

In this episode, David Lee sits down with David Goldschlag, CEO and co-founder of Aembit and one of the original inventors of onion routing — the technology that became Tor. With 20+ years building security companies, David G brings a perspective on non-human identity and AI agent security that very few people in this industry can match.

They get into why NHI is not a new problem but a neglected one, what it actually means to build a zero trust framework for AI agents, the concept of blended identity and why your existing IAM stack is only part of the answer, why workforce agents and customer agents are fundamentally different and why treating them the same is a mistake, and why data is still the new oil and why that matters more now than ever.

If your org is spinning up agents and hasn't had a real strategic conversation about what those agents can access, who they're acting on behalf of, and what happens when something goes wrong, this episode is exactly where you need to start.

Topics Covered

• The origins of Tor and why onion routing still matters 30 years later
• How Aembit went from "Okta for workloads" to purpose-built AI agent identity
• The three types of agents: autonomous, workforce, and customer-facing
• Blended identity and blended policy in practice
• Why ephemeral credentials are non-negotiable for agent access
• Zero trust for AI: the three pillars (identity, prompt security, data security)
• Non-repudiation in the age of agentic AI
• Why vibe coders are making the NHI problem exponentially harder
• Data security as the ultimate endpoint for every breach scenario

• 
  

Stay ConnectedSubscribe to the Identity Jedi newsletter at theidentityjedi.comFollow on LinkedIn, YouTube, and SpotifyRate, review, and share if this episode hit different

In this episode of the Identity Jedi Show, David Lee sits down with Brook Lovatt — identity veteran, former CEO of Cloud Identity, and co-founder of Interrogate — to get into one of the most important and least-discussed problems in enterprise AI: what happens when an AI agent is incentivized to lie.

Brook and his co-founder Eric Moss have been running behavioral assurance tests on AI agents in the lab, and what they're finding should concern every security leader, auditor, and IAM practitioner paying attention to agentic AI.

What we get into:

• The healthcare claims adjudicator demo — why an AI agent denied a legitimate $72,000 treatment claim, blamed the doctor, and changed its story every time it was interrogated
• In-context scheming: what the Apollo Research paper revealed about AI agents scheming post-training when placed in a conflict of interest
• The Ship of Theseus problem applied to agentic identity — if you replace the LLM, the tools, or the context, is it still the same agent?
• Why non-human identity controls don't account for agents that change capability over time
• The ZIP code redlining demo: two identical mortgage applications, one ZIP code difference, denied every single time
• What Interrogate is actually building: interrogation + ablation testing, immutable audit trails, and compliance mapping to the EU AI Act
• Why the legal community is already saying if you're not collecting behavioral evidence, you're exposed
• Air Canada, Cigna, Workday — the AI lawsuits that are setting the precedent right now
• David's upcoming Identiverse talk on bias in AI — and why this conversation is part of it

• 
  

  Referenced in this episode:

  • Apollo Research — In-Context Scheming paper https://arxiv.org/pdf/2412.04984
  • Interrogait - https://www.interrogait.com/
  • OIDF AI Identity Management Community Group — https://openid.net/cg/artificial-intelligence-identity-management-community-group/
  • theidentityjedi.com — subscribe to the newsletter

AI agents don't follow rules — they follow intent. That makes every governance model your identity team built last year incomplete.

Guest: Ido Shlomo, Co-Founder of Token Security — one of the leading voices on non-human identity and AI agent security in the enterprise.

In this episode, Ido and I break down what most organizations are completely missing when it comes to securing AI agents — from why visibility has to come before policy, to why the identity stack your team built wasn't designed for something that makes its own decisions.

What you'll walk away with:

• Why your NHI strategy is already behind — and what to do about it
• The one concept that changes how you think about agent access forever
• You can't secure what you can't see — and most teams can't see it yet
• Why the old enterprise sales model is dead and what buyers actually want now

If this episode made you think differently about AI agent security, share it with your identity team.

Chapters:

0:00 Why AI Agents Break Traditional IAM1:32 Real Agent Examples From the Field3:40 How to Define and Classify an Agent6:31 What Agentic AI Means for Identity Teams13:15 Non-Human Identity, Tokens, and Autonomy14:41 Intent-Based Access Control Explained19:39 AI Agents as the New Operating Layer26:32 How Buyers Are Changing Because of AI41:00 AI Impact Predictions for Identity Security47:34 Real World Agent Story: Clare Hepburn's Agent

Connect:

• Newsletter + Digital Products: www.theidentityjedi.com
• LinkedIn: https://www.linkedin.com/in/identityjedi/
• Guest — Token Security: https://www.token.security/

#IdentityJedi #IAM #IdentitySecurity #AgenticAI #NonHumanIdentity #CISO #ZeroTrust #IGA #TokenSecurity