AI Agents are Different Than Other Machine Identities
Click here to unsubscribe
Machine identities represent applications and workloads. Human identities represent people. AI agent identities are emerging as a hybrid category: machine identities that operate with delegated authority and increasing autonomy. But lumping agent identities in as just another type of machine identity is dangerous.
Agent identities are not merely another type of machine identity (e.g. API keys, certificates, SSH keys and cloud access tokens). They are our first large-scale class of autonomous identities—non-human identities that:
- Receive goals instead of explicit instructions
- Decide which tools to use
- Call APIs autonomously
- Access enterprise data
- Take actions on behalf of users
Most enterprises are experimenting with AI agents. A meaningful minority have agents operating in production today. Almost nobody has mature governance for them yet. NIST recognizes this and specifically highlights that AI agents require identity, authentication, authorization, delegation, and accountability controls because they act within enterprise systems rather than LLM chatbots that merely generate text.
Agent identities appear to be splitting into two broad categories:
- User-delegated agents, which operate on behalf of a specific user and inherit delegated authority.
- Autonomous agents, which operate on behalf of the organization under their own workload identity.
The distinction matters because the security questions are different. User-delegated agents force us to govern delegated authority, while autonomous agents force us to govern organizational authority.
In this real training for free webinar, I’ll be discussing machine identity in general and then I will zero in on agent identities. My goal is to bring the discussion down to real world examples, avoid relying on vague theory and for my examples I’ll use the Microsoft ecosystem. I’ll explore where these 2 types of agents are today in terms of production Microsoft offerings and how they work in terms of the larger security infrastructure. We will look at how authority is managed and what audit trails reveal about agent activity.
I’ll discuss how the first wave of Microsoft agents was largely user-associated—Microsoft 365 Copilot acting on behalf of individual users. The second wave is increasingly organizational:
- Copilot Studio agents
- Dynamics 365 agents
- Security Copilot agents
- Azure AI Foundry custom agents
And we'll tie all of that back to the need for a Zero Standing Privilege model.
Please join us for this real training for free session.
Click here to register
CAN'T MAKE THE LIVE EVENT? REGISTER ANYWAY TO GET THE RECORDED VERSION.
Title: AI Agents are Different Than Other Machine Identities
Date: Thursday, July 16, 2026 12:00 - 1:30 PM ET
This is real training.
Space is limited.
Reserve your Webinar seat now at:
https://www.ultimatewindowssecurity.com/webinars/register.aspx?id=3798
Need CPE credit for this live webinar or any other live webinar you've attended in the past? Just visit www.UltimateWindowsSecurity.com, click on the Webinars section, and then the link for CPE credit transcript. If your email address has changed due to a job change or any other reason, click here to update it.
Thanks as always for reading and best wishes on security,
Randy Franklin Smith

Click here to unsubscribe
Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2026 Monterey Technology Group, All rights reserved. You may forward this email in its entirety but all other rights reserved.
1162 Manus Chapel Road, Mill Springs, NC 28756
Note: We do our best to provide quality information and expert commentary but use all information at your own risk.