TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources СLOUD SECURITY DATA PRIVACY IDENTITY & ACCESS MANAGEMENT SECURITY THREAT INTELLIGENCE NEWS AI Agent Overload: How to Solve the Workload Identity Crisis Workloads keep getting more complicated and organizations are struggling to keep up. So what's the play? Alexander Culafi,Senior News Writer, Dark Reading March 3, 2026 4 Min Read SOURCE: ZOONAR GMBH VIA ALAMY STOCK PHOTO Authenticating workloads is becoming more and more complex, particularly given things like AI agents and the wide range of identity permissions they need. Organizations need to be thinking ahead on securing workloads in complicated modern environments, but it's not an easy task. Researchers at Zscaler hope to explore this evolution in an upcoming RSAC 2026 Conference session entitled, "What Are You, Really? Authenticating Workloads in a Zero Trust World." In computing terms, workloads cover the tasks applications and services conduct in order to do their job, and the IT resources those tasks consume. Workloads can refer to a wide range of things, from processing front-end user requests on a Web server (like managing a shopping cart), to cloud-native microservices, complex data analysis, AI training, and more. The Challenges of Tackling Workloads in 2026 Many workloads conduct their tasks quietly in the background and are considered non-human identities (NHI) because they require permission and authentication much like human IT personnel would. Related:The Tug-of-War Over Firewall Backlogs in the AI-Driven Development Era When you consider AI agents, which attempt to emulate the job a human might do, down to autonomous reasoning and decision-making (to whatever extent an agent can), the workloads get more complicated and require more stringent security controls. Also, especially in large companies, they could be using Azure, Google Cloud, and AWS to meet different needs, alongside on-premises services. Organizations need to authenticate workloads in a way that scales across the different aspects of a given environment. During their upcoming technical session, Zscaler CISO Sam Curry and chief scientist Yaroslav Rosomakho will cover multiple specific methods for authentication, such as the mutual TLS (mTLS) security protocol, workload identity tokens, and remote attestation, as well as offer specific insights into which methods scale better than others. Rosomakho tells Dark Reading that historically, workload authentication and identity were not top of mind for organizations, and that while earlier on "it was a simpler world," things have quickly grown complex. That complexity, unfortunately, doesn't match the way many organizations currently secure their non-human identities. "What we observe is that right now, there are widespread insecure practices when it comes to workload identity," the chief scientist says. "In many organizations, they simply rely on static IP addresses for identity mapping, and obviously that scales poorly. It's spoofable, and any change to infrastructure collapses your workload identity definitions. We also see plenty of organizations that rely on all sorts of static credentials, such as HTTP basic authentication." Related:Marquis v. SonicWall Lawsuit Ups the Breach Blame Game Moreover, Rosomakho says the most common way organizations identify and authenticate AI agents specifically is through static headers and keys that are never rotated. "It's a significant problem," he says, adding that tying important processes to static keys can be a recipe for major technical and financial damage against an unprepared defender. How to Authenticate Workloads in Your Environment Curry tells Dark Reading that from a defender standpoint, there are many options to solve these problems and remediate the weaknesses. At a basic level, he says organizations should be looking for secrets, taking inventory of AI agents (as well as other NHI processes and services), adopting standards, and working toward zero-trust. They should also be talking to their platform providers about also adopting workload authentication standards. "It's about testing federation and defining [a data security] policy," he explains. All of that said, the appropriate defense posture does depend on what the organization's specific needs are. For example, Kubernetes Service Accounts make it so that workloads spun up in Kubernetes get dynamic short-term identities and can authenticate themselves to the outside world safely. Related:AI Agents 'Swarm,' Security Complexity Follows Suit An organization may alternatively or additionally want to consider adopting one of the many open source standards that exist for this exact purpose, such as Secure Production Identity Framework for Everyone (SPIFFE), which according to its website, is used "for securely identifying software systems in dynamic and heterogeneous environments." At the heart of SPIFFE, as well as many of the better solutions, is creating a well-defined environment built on short-lived identities. There's also the Internet Engineering Task Force's Workload Identity in Multi-System Environments working group, or WIMSE. WIMSE focuses primarily on defining standardized solutions for tackling the many problems that come up in addressing workloads today. They have meetings, a charter, a mailing list, and relevant documents. Whether an organization wants to adopt either of these standards or another like Security Assertion Markup Language (SAML), Curry and Rosomakho argue in favor of taking steps now, as workloads show no sign of getting less complex. "It's arguable that the most interesting and most common and most valuable communications that will be happening in our economy are going to involve no humans," Curry says. "And so, it behooves us to be able to apply confidentiality, integrity, and availability in those circumstances. We can't do that without a more advanced schema for authentication and then authorization. It might be one of the most important subjects for people in the cyber world or the IT world to say, OK, what's our strategy here?" RSAC Conference MAR 23, 2026 TO MAR 26, 2026 Join thousands of your peers at RSAC™ 2026 Conference in San Francisco from March 23–26. Discover new strategies, explore bold technologies, and connect with peers who share your challenges and ambitions. Don’t just attend the Conference—be part of the community that defines what’s next. SECURE YOUR SPOT About the Author Alexander Culafi Senior News Writer, Dark Reading Alex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere. In his spare time, Alex hosts the weekly Nintendo podcast Talk Nintendo Podcast and works on personal writing projects, including two previously self-published science fiction novels. More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like СLOUD SECURITY Google Gemini Flaw Turns Calendar Invites Into Attack Vector by Elizabeth Montalbano, Contributing Writer JAN 20, 2026 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 СLOUD SECURITY Can Cybersecurity Weather the Current Economic Chaos? by Robert Lemos, Contributing Writer APR 21, 2025 СLOUD SECURITY AI Cloud Adoption Is Rife With Cyber Mistakes by Elizabeth Montalbano, Contributing Writer MAR 19, 2025 Editor's Choice VULNERABILITIES & THREATS Cisco SD-WAN Zero-Day Under Exploitation for 3 Years byRob Wright FEB 26, 2026 4 MIN READ ICS/OT SECURITY 'Richter Scale' Model Measures Magnitude of OT Cyber Incidents byKelly Jackson Higgins FEB 25, 2026 6 MIN READ THREAT INTELLIGENCE Enigma Cipher Device Still Holds Secrets for Cyber Pros byBecky Bracken FEB 23, 2026 3 MIN READ 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Building a Robust SOC in a Post-AI World THURS, MARCH 19, 2026 AT 1PM EST Retail Security: Protecting Customer Data and Payment Systems THURS, APRIL 2, 2026 AT 1PM EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need WED, APRIL 1, 2026 AT 1PM EST Securing Remote and Hybrid Work Forecast: Beyond the VPN TUES, MARCH 10, 2026 AT 1PM EST AI-Powered Threat Detection: Beyond Traditional Security Models WED, MARCH 25, 2026 AT 1PM EST More Webinars White Papers Industry Report: AI, SOC, and Modernizing Cybersecurity The Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks. Assessing Security Architectures: Zero Trus