Identity resilience has always meant protecting accounts, governing access, and recovering from breach. But the definition of “identity” just changed, and most enterprise programs haven’t caught up. AI agents are now inside your enterprise. They book meetings, process invoices, query databases, call APIs, and make autonomous decisions, all without a username or a password that your existing identity infrastructure was built to manage. They authenticate via OAuth tokens, API keys, service accounts, and MCP connections. They’re provisioned quickly, documented poorly, and governed almost not at all. And when one is compromised, the blast radius can dwarf any human account breach. This session is not theoretical. David Lee has spent the past year running AI agents in production for podcast booking, content editing, and publishing workflows, navigating firsthand the exact governance gaps enterprises are just beginning to encounter at scale. That hands-on experience, combined with 22 years inside the identity industry at SailPoint, AWS, and Saviynt, gives him a practitioner’s view of what’s actually breaking and how to fix it. Attendees will leave with a clear framework for extending their existing IGA, PAM, and Zero Trust programs to cover non-human and agentic identities, including what to inventory, how to scope entitlements, where lateral movement risk is hiding in your agent mesh, and what resilience actually looks like when half your “workforce” never logs in. Identity programs that don’t account for agents aren’t resilient. This session will help you build one that does.