The Co-Inventor of Tor on Why Your NHI Strategy Is Already Behind
カートのアイテムが多すぎます
カートに追加できませんでした。
ウィッシュリストに追加できませんでした。
ほしい物リストの削除に失敗しました。
ポッドキャストのフォローに失敗しました
ポッドキャストのフォロー解除に失敗しました
-
ナレーター:
-
著者:
The Co-Inventor of Tor on Why Your NHI Strategy Is Already Behind
Most organizations have spent the last 20 years getting really good at human identity. 2FA. Biometrics. Face ID. Ephemeral tokens. They did the work. And the whole time, they were quietly pushing every ounce of that compressed risk onto the non-human side of the house.
Service accounts with username and password. API keys that never rotate. Credentials hardcoded in pipelines. Long-lived tokens that were supposed to be temporary.
Eventually is here.
In this episode, David Lee sits down with David Goldschlag, CEO and co-founder of Aembit and one of the original inventors of onion routing — the technology that became Tor. With 20+ years building security companies, David G brings a perspective on non-human identity and AI agent security that very few people in this industry can match.
They get into why NHI is not a new problem but a neglected one, what it actually means to build a zero trust framework for AI agents, the concept of blended identity and why your existing IAM stack is only part of the answer, why workforce agents and customer agents are fundamentally different and why treating them the same is a mistake, and why data is still the new oil and why that matters more now than ever.
If your org is spinning up agents and hasn't had a real strategic conversation about what those agents can access, who they're acting on behalf of, and what happens when something goes wrong, this episode is exactly where you need to start.
Topics Covered
- The origins of Tor and why onion routing still matters 30 years later
- How Aembit went from "Okta for workloads" to purpose-built AI agent identity
- The three types of agents: autonomous, workforce, and customer-facing
- Blended identity and blended policy in practice
- Why ephemeral credentials are non-negotiable for agent access
- Zero trust for AI: the three pillars (identity, prompt security, data security)
- Non-repudiation in the age of agentic AI
- Why vibe coders are making the NHI problem exponentially harder
- Data security as the ultimate endpoint for every breach scenario
Stay ConnectedSubscribe to the Identity Jedi newsletter at theidentityjedi.comFollow on LinkedIn, YouTube, and SpotifyRate, review, and share if this episode hit different