In a universe where uncertainty is the only constant, trust has become both your greatest Challenge and your greatest opportunity.
Welcome to Ping Universe, where trust isn't just earned, It's engineered, where Identity isn't a barrier.
It's your gateway to resilience, Security, and growth.
This year's theme is resilient trust because in A digital landscape under siege by deep fakes, AI.
Threats and rising complexity, your ability to adapt, to evolve, Will define your future.
Discover how global leaders are redefining their identity and access management strategy With real world solutions that secure every identity, every interaction, Every innovation.
You'll learn to fortify identity, Build resilience, and thrive in uncertainty from AI-powered access control to password.
Authentication and decentralized identity.
This is your front row seat to the future of digital trust.
This is more than a conference.
This is a chance to rewrite the rules, to take back control, To turn trusts into your most powerful competitive edge.
This is Ping Universe 2025, and it starts now.
Ladies and gentlemen, please welcome to the stage André Durán.
For being here.
This is our largest universe ever.
Thank you.
All right, so this is stop 5, I think, Of a 7-city world tour, uh, and our first time We've got a remote audience, So I want to welcome all of our IG employees tuning in.
And we've got customers and partners from around the globe.
Anyway, we have a super exciting day and a half for you.
I'm excited to kick it off and, uh, and once again, thank you everyone for being here.
Uh, it's just an exciting time to be an identity right now.
It's also a super challenging time.
Uh, my prediction is that's not going to change.
We have more of everything right now to secure, and the attack surface is Growing, and it's growing in complexity, and it's, it's speeding up, Uh, and it certainly is gonna keep us all on our toes.
And so today is all about sharing what Ping is doing, our roadmap and our vision for the Future.
To keep us all safe at the end of the day.
This is our job to keep our digital economy and the trust that, that we built in our brands, the trust that we built in our products and the services and the Assets that we protect individuals; it is all about keeping that safe.
So our vision of, uh, enabling trust in every digital moment.
What does that actually mean?
Enabling trust in every digital moment, Every interaction that we do online, there is a certain amount of trust.
That that transaction is accurate, uh, that it represents, uh, The actors, if you will, that sit in between us and whatever we are attempting to do.
And now more than ever, there’s a lot of individual identities that sit between us and An outcome or result online.
And each one of those Identities, if you will, uh, is being attacked, and the trust that is embedded in society, and many times embedded in a lot of our systems now, It's being weaponized, and it's being abused.
Uh, and so trust in every digital moment now means more than ever.
Our society doesn't function.
If our digital systems aren't trustworthy.
We work awfully hard to be a trusted partner in critical infrastructure on behalf of the Services that all of you provide your employees and your customers and your partners, Um.
I wanted to highlight some of the ways in which We are working hard to continue to earn that trust.
I first wanted to, uh, stop and thank all of the Enterprises, Many of you in the room today, um, who do trust your critical infrastructure, Your identity controls to Ping.
Thank you for that.
Uh, also, uh, thank, Thankful for my team for, uh, showing up, uh, on a number of the analyst reports over the Last year.
In combination, Ping and ForgeRock over the Last couple of years showed up very well, uh, to the analysts that work on your behalf.
Evaluate independent solutions for every critical use case now for identity, Ping showed up number one last year in the Gartner Critical Capabilities.
So I'm super thankful for my team for the work that they did, Uh, with Gartner on that.
Today we protect about 8 billion accounts globally.
Now, obviously many of us have hundreds of accounts, but this does represent a good Portion of the world's economy, trillions and trillions of dollars, and assets move as a result of the integrity and trust that we enable in the identity Infrastructure that sits underneath all of our systems.
One of the things that we're doing to continue to, uh, earn that trust is we're investing Globally in our cloud infrastructure, all the markets that we serve, Uh, working with our partners, Google and Amazon, we are opening up new regions, If you will, for our single and multi-tenant services.
We've just announced two new regions, Singapore and, uh, DMA.
We have two new regions coming, Melbourne and Doha.
So expect to see the number of dots on the Globe increases, again, as we serve many Global customers internationally.
As well as US-based companies that have operations overseas.
So this is all about data residency.
In some cases, This is also about critical infrastructure and policy and regulation, Which is coming out that says critical infrastructure must be run in-country.
So just expect us to continue to do that.
We talked a little bit about, uh, trust.
I want to talk about resilient trust.
And this notion that it's hard-won and easy to lose, um.
The cost of breach isn't, you know, simply our downtime; it is a decay of trust.
And so what does it mean for us to build a resilient identity infrastructure?
Maybe more than ever in the last, I would say 6 months or so, My conversations with CIOs and CISOs pretty much begin with, Tell us what you're doing, tell us what the best practice is, Tell us what you would recommend to ensure that the authentication services that we provide Never go down.
Uh, and so that conversation has morphed into Things, for example, tell us what your plans are for multi-region Active Active.
Um, it's evolved in some extreme cases.
It was a conversation maybe a year ago, It's becoming real, companies saying.
We need multi-cloud, not just active-active, but we need multiple cloud providers in Multiple regions.
A number of companies have said, if my cloud services are unavailable, Is it possible for me to run an on-prem or self-managed version?
Uh, of the, of the critical authentication services.
So, the conversation around resilient trust.
I think, uh, resonates right now.
And there are two things that we're doing, Two inputs to this, and I wanted to organize, uh, my speech around these 21 is this notion of the Unified architecture.
What does that mean for us?
What does it mean for you?
Um, the silos that we have aren't just killers of agility.
They, they really do become enemies of security, and we've seen that in our environments where We have many systems, they're not all at the same level of either security or resilience.
And so there's a major effort from companies who are recognizing now the criticality of this To try to unify, if you will, the underlying technology, which is serving up all of these Critical Identity Services.
So unifying identity with a unified architecture is very thematic, Uh, for us.
Secondly, trust shouldn’t expire at login.
Uh, identity needs to be, it needs to be context-aware, It should be verified in real time.
And I'm gonna talk a lot about what we're doing, uh, by way of, Uh, Verified Trust.
So everything needs to be continually verified.
And so under the banner of Zero Trust, Don't trust the user, the network, or device by default; verify always or verify Continuously.
We need to take the notion of verification and essentially drive the cost down, Uh, the actual cost and the cost to user experience.
And so we're on a mission here at Ping to do exactly that, To provide high assurance with low friction.
We can't have high assurance at one moment of an identity interaction.
And then have a gap, and then low assurance, low friction at another.
So there's a lot of effort that we are going under to create high assurance for every Interaction, for every identity or node that Sits in between.
A user requesting something, or a service requesting something, and all the different actors that sit in between that.
We need to have an unbroken chain of trust, and where possible, Where we can afford it, we need to verify it.
So let me dive a little bit into the unified architecture here.
And I'll just start with, this is also very thematic, uh, In the name of simplicity, in the name of cost reduction.
I do think we are at the era in identity of platforms, essentially.
I wouldn't, I wouldn't want to be a startup today in the Identity space.
I think the value.
Of all of these identity controls, largely grown up through best of breed, In many cases siloed and mixed with custom and homegrown infrastructure, The value is now in the integration, horizontal integration across the services.
It's how do we connect all of these things, and we'll talk a lot about the things that we're Doing.
In our North Star, and our vision for the Future, in the name of simplicity, where do we have things that we are doing that are Redundant or outdated, and what is a modern approach that would allow us to move towards a Simpler, unified architecture in the future?
So it's not just about cost reduction or complexity reduction, It actually is an improvement in security.
We can't keep everything secure, So we will need to unify.
So I want to talk a little bit about our vision for the unified platform and do it in light of The four layers, and we don't often talk about this one, But for Ping it distinctly falls into these 4 layers.
And the first principle that we've had that ties to our vision of the future is that the Underlying infrastructure should be able to accommodate all identity types, Meaning the same infrastructure that secures our customers could be used with a different Configuration, because the mandates around security are a, A little bit different and User Experience, They do differ, But it should be usable by employees and by partners.
And so, one platform, all identity types, and about 25% of our customers use the same Underlying Ping technology or the Ping platform, and they create multiple instances that Services and secures these different identity types.
I actually think that this is an inevitability, and the reason is, I think there's a transformation that will occur at some point in the future.
I don't know if it's 3 years or 5 years or 10 years, but it's going to happen.
And that is that we treat our Identity systems.
As account holders for individuals.
So we are named individuals.
Moving through our digital world and interacting with IAM systems that are Segregated by account type.
You're an employee, let me set up a separate infrastructure; you're a customer, Let me set up a separate infrastructure.
Decentralized identity is going to make it possible that you as an individual don't show Up as unknown and anonymous, then have to go through a vetting process.
You will be able to show up as a trusted individual and go from low trust to high trust In milliseconds, because you will have digital proof of who you are, Who your employer is, whether or not you're a customer.
Whether or not you're a Loyalty Member, whether or not you have an Account, Whether or not you're assured insured.
That concept of decentralized identity will fundamentally make us question, Why do we have separate infrastructure to manage the same individual that is showing up As different personas?
That makes sense.
So there is an inevitable unification which will occur driven by the notion of decentralized identity and verifiable Credentials.
One more reason why we have conviction that one Platform should serve all identity types.
The next layer of UH convergence is this notion of our identity security Controls.
Being offered up by the same vendor.
And so Ping is now one of the vendors that offers multiple identity capabilities that Historically were best-of-breed companies or separate swim lanes, but are now coming together in the name of simplicity and better security, And fragments, uh, are a challenge to our security model.
So I'm gonna talk a little more about that later.
The 3rd level is this notion of convergence around fraud.
And fraud is not just now a moment in time of the transaction.
What's happened is the adversaries have realized that they need to shift left to Compromise the underlying identity controls.
In order to get access to the transactions subsequent.
So they've shifted left, and we now need to shift left.
And the signals that we need to use, the signals that we have access to, To maintain integrity in our identity infrastructure is not an afterthought now.
It needs to be woven into the fabric of how we secure our platforms.
Unfortunately, we have a growing number of signals, signals from endpoints, Signals from gateways of what we're actually using, signals from the Identity infrastructure, Signals from our behavioral and analytic systems that can determine or see intent or Not obvious behaviors or patterns that should be flagged.
And we can now run those through our authorization systems to make better decisions On Do we allow access.
So we're moving away from a moment in time Where identity.
And the roles and the permissions and the entitlements were, Call it more static.
And we're moving into a much more real-time, uh, dynamic threat landscape.
And as a result, our infrastructure needs to be designed in a manner in which it can respond in Real time.
In real time doesn't mean I was entitled to do Something.
6 months ago or a year ago, and I should still have access.
Access depends, it depends on all the real-time Signals.
So this threat protection and authorization Layer Coupled is a powerful weapon in a well-formed architecture for an identity Platform that needs to be included, not as an afterthought, but it needs to be integrated.
Lastly, this notion of identity assurance.
So Ping has been known, and we built our reputation on essentially access management from An authentication point of view.
If you can authenticate, you have a live session; you're granted tokens.
And you can access certain resources.
What's happened, as I said, is that the adversaries have shifted left, And they are now exposing weak processes, weak technology in the onboarding, Or the readmission when a user gets disconnected from their account through the Call center.
I'm gonna talk more about this.
They're exposing weaknesses.
So, identity is only as strong as its weakest link.
And right now one of the weak links is how sure are we?
That this is the individual that we are connecting their MobileIron phone as token of authentication in our Trust Framework.
And if there's any gap there, there's doubt.
And that gap represents trust, and that trust has been weaponized, And that is exactly where the adversaries are now hitting our identity systems.
So identity assurance, the ability to verify one time, Hopefully, and then re-verify through a very cost-efficient mechanism that we refer to as credentials or digital credentials or verifiable credentials.
Is now a new pattern for us that you are seeing P working on.
So we have this unified vision of all identities, one platform, Reduced complexity, handling employees, customers, and partners.
I wanted to introduce a new non-human identity type, which is Agents.
And we are gonna talk a lot about, uh, agents today.
I know all of you are being pressed to understand how agentic can be for digital workers, For frontline workers, for automation of certain things, to interface with customers that are coming in with personal agents, How are you going to secure all of this?
And we're gonna talk about how PingOne Platform is in an ideal position to do that.
So let me dive a little bit in and provide some updates into the identity security convergence Layer of access, governance, and privilege.
From an access point of view, we have been on a journey of maturity from standards-based single Sign-on to two-factor to MFA on everything, Centralizing the authentication service, And then adding strong authentication that all applications can inherit.
That has then evolved into contextual MFA or adaptive MFA where you use risk signals so that MFA is not presenting user friction everywhere.
One step beyond that is the notion of password lists.
Can we eliminate passwords?
Can we eliminate the exposure of stolen credentials, uh, Allowing a vector of attack against the MFA so it's not just.
Uh, it's not just a passwordless experience, is can we actually get to true passwordless.
There's another step here that we are introducing, which is this notion of verified Authentication.
Can we verify users' real identity in the Enrollment process when they're enrolling their phone into MFA?
We don't want any disconnect in ensuring the right individual is the one who is Authenticating to the account.
So there's a tremendous amount we are doing under the notion of verification, And we're essentially embedding it into the workflows, where authentication has been abused.
We're now adding the verification step.
From a governance point of view, uh, Ping really has now a very robust Identity-Governance-IGA Capability.
It has been built upon our Identity-Management-IDM Functionality.
And with that come a full set of controls that You have come to expect with an IGA or governance product.
Access reviews, access request workflows, certification capabilities, Uh, the campaign capabilities that go along with that, All of the reporting that is required by auditors to ensure that your access control Governance is in good shape.
And we're doing a lot around AI.
I'm gonna talk about that in a second.
In addition to that, like all of our technologies, I wanted to introduce the fact that this capability, where appropriate, where governance is required for Agentic or non-human identities, the workflows associated with the governance model of Agents, where they need to be identity managed and life cycle controlled.
Is now being, is now being added into our IGA capabilities.
We've added several new things that have, uh, been delivered that are pretty exciting, This notion of recommendations, AI recommendations.
So inline recommendations for Approvers and Certifiers, recommended access for end users to Help them discover what they need if they don't know that.
Um, IGA or governance for service accounts.
So discover rogue accounts.
Uh, and Service Accounts across the enterprise and associate those Service Accounts with humans Custodians for ownership.
So just a lot of great new capabilities being infused from our Helix AI Capabilities into our governance product.
You're gonna see that thematic throughout all Our capabilities.
So that speaks to access and governance.
But there has been a missing pillar to the convergence of identity security for Ping.
And so I am super excited to announce the acquisition.
Of Proseon.
And this is a company that we had been watching for several months and talking to about the new Patterns that we are seeing emerged around Where are the assets that we care most about or Moving to, that we need to provide an elevated level of control for.
And so Proseon is now becoming PingOne Privilege.
And this is a just-in-time, just enough, think real-time permissioning system.
It doesn't draw upon, uh, historical approaches to privilege, which was all about Secrets Management.
Of our legacy in on-prem infrastructure.
I'm not suggesting that's not important, But you have good solutions there.
This is focused on where the assets are moving to.
Into the cloud, and our DevOps engineers, what resources do they have access to?
What keys, metaphorically, have we given them to the infrastructure.
That all of our data and applications are now moving to.
Now, it's not limited to cloud resources, think Amazon, GCP, and Azure.
It will give you real-time privileged access to RDP and SSH.
Servers and databases as well.
We have some new capabilities I just saw demonstrated where the exact same concepts are Now being applied to data being accessed through MCP servers.
So developers that have access to MCP that are making requests to underlying data stores, Where the scoping of data is over-authorized through OAuth, Now all of a sudden there is a privileged approach, and an ability to audit and replay Everything that was done.
So super, super exciting.
Here's an example of one feature.
This is a discovery feature.
So if you don't know, and you don't have a complete inventory of what exactly does certain Users or certain services to have access to by way of resources, By cloud infrastructure, you can actually discover it.
It goes one step further.
It takes a look at all of the privileges, if you will, or access rights.
Runs it through its own algorithm of what it considers risky, And then can highlight remediation actions for you that you can then act upon.
Just one of the capabilities embedded in this new capability.
Now there's a new pattern that I hope you recognize with Ping, That actually plays to our historical heritage as a company.
This pattern is the notion that privilege is a universal service offered on our Multi-tenant platform PingOne.
And what I mean by universal service, is that, is that it is not bound simply to Ping as the IdP.
It can be layered on or used with any Third-party IdP and that is also consistent with every other service of PingOne.
So, if you are an Entra user, but you don't have an orchestration engine, You can layer PingOne DaVinci on top of Entra.
If you don't have Contextual or Adaptive MFA in your Microsoft ecosystem, You can add our PingOne Protect signals.
To do adaptive MFA orchestrated through DaVinci on Entra, For example, or on top of your custom or homegrown SIM system.
So each one of these services has two consumption models.
One consumption model is, you love PingOne, and you're kind of all in on PingOne.
PingOne is the IdP and you have all of these new services.
The second consumption model is the notion of universal services, And you can acquire just this capability and layer it on top of your existing IdP.
So very unique for an Identity platform provider to do this, But you shouldn't be surprised, it's very consistent with our heritage.
Ping started out 23 years ago, essentially adding standards-based federated single sign-on Sign-on to any IdP.
And we did that for the better part of 15 years before we started our own evolution as a Complete platform provider.
But Open Standards.
And vendor choice is part of our DNA.
Our goal is not to be the singular proprietary lock-in vendor for identity.
It never has been.
It's why we invest in open standards.
And my belief is, every core use case should be underpinned by an open standard.
We want to be a partner of choice that is trusted, not a vendor that duped anyone into Lock-in at any moment in time.
So this is consistent with that promise to the market.
OK, this notion of a unified identity, security, either Architecture or vision doesn't stop.
With the fact that we offer 3 independent capabilities that do access, Governance, and privilege.
It's not good enough.
Over time, all of these independent technologies are evolving.
And their evolution is starting to overlap increasingly over time.
We are moving towards real-time decisioning for access control.
Static entitlements will give way to real-time entitlement publishing.
The fact that a user might have a session.
Meaning they authenticated, and now they have a live session to kind of move about our Infrastructure doesn't mean that a new signal introduced in real time either shouldn't change The session privileges or kill it.
So, as a result of the fact that A, we want to simplify, we want to reduce cost.
We have to recognize today's limits and our existing infrastructure, Meaning many times we have to retrofit the identity controls into the reality of legacy.
I understand that, but as we move forward, we are looking to build a unified vision between These three.
And this is the Unified Vision Core I see.
Emerging.
It's the notion that's central to the Admin-UI, Think identity and access management or governance capabilities or the runtime, Think our authentication services, is underpinned centrally by these core services.
Underlying data, call it the data fabric.
On top of that, an Authorization engine or an Authorization fabric.
And to a certain extent infused with Gen AI capabilities or stitched Together using Orchestration Integration Capabilities.
So this, to me, is a North Star vision for Ping, where I've challenged our teams to think Through, how does this core underpin the future of identity security?
How do we leverage data?
How do we design policies in a Centralized, fine-grained authorization system that Increasingly over time.
Can create real-time ability to respond to threats in our environment.
Not just for the authentication, real-time side of the house, but also for the more traditional Admin-UI side of identity management and governance.
Another dimension of unified services here, uh, and investments, things that we promised, uh, a couple of years ago when we did the ForgeRock merger with Ping, Was that all of the things around Ping over time between our platforms would be unified.
And so I'm happy to report we've delivered on a lot of those promises.
Now, this is obviously ongoing, not all of these are 100%, But by and large, a unified developer portal, Unified docs, A unified Mobile app.
Um, an Integration Directory or marketplace that carries integrations across our platforms, Our SDK, our gateways, all of these things now, the teams have been unified under The premise that you ship your organization.
We understand that.
So we've unified the teams and we've given them instruction that we are looking to simplify how All of you consume our various capabilities.
So that was one dimension.
A second dimension.
Of this was unified design.
And we've delivered on a few of these, we have several more that are coming.
So the DockSite, Dev Portal, the Marketplace have all now been unified from a, From a user experience point of view.
Our new capability PingOne Privilege is put into PingOne.
So it will carry the Administration look and feel of all of our PingOne Universal Services, Our AI Assistant, our Directory, our Community and Support, All of these additional services that surround things that you interface daily are all being Unified.
Here's another promise that we made.
About a year and a half ago that we are fulfilling on and that is the notion that for Workforce use cases, think Workforce MFA, the application that we have in the App Stores.
With the Android, Google, or Apple, that the client.
That individuals would download to authenticate.
So think whether this is passkeys or biometrics, Think FO 2, or any of the other methods that we're going to unify the client, so we wouldn't Confuse users and have multiple workforce clients.
So, the ForgeRock-Authenticator has now been essentially embedded inside of PingOne and Ping ID will become the unified Client.
Now, this is super important.
Because this client is probably one of the areas where we have the most innovation Right now.
So it's very important that we bring our Innovation in line so that we could extend all of our customers into the VERI Verified Trust World.
I'll talk a little more about that later.
Another area of significant investment, probably the number one investment that we have Made this year, is everything related to customer experience and our post-sales Experience.
Every customer desires the same outcomes.
But we recognize every customer journey is different.
So our new customer engagement model, you're seeing it here, Um, who do I work with and when?
What should I expect through the post-sale?
Journey, if you will, of deployment.
What does success look like for me, and how do I connect the outcomes and the value that I Wanted to see up front before I started the journey?
How do we close the loop on that?
Just know PingOne has made tremendous investments, uh, and I believe many of you have seen the Results of that probably the last 2 or 3 months.
Expect a lot more as the months, uh, continue.
Another dimension of Unified is our walking arm in arm with our partners.
We are a Partner First company.
Moving identity is a big, complicated game.
And no matter how much Ping brings to bear, it will be insufficient ultimately to see that the Transformation of Identity that sits inside broader transformations within your Organizations can be successful without our partners.
And so we are just wholly committed to being the best identity platform company.
Walking hand in hand with our partners on behalf of your success.
And along those lines, we're making a number of investments to ensure that we show up the Same way with a unified voice in every engagement.
Ping's Well Architected Framework is an example of that.
So we are developing a well-architected framework that will become the foundation for which all engagements, new deployments, assessments in health of your existing Infrastructure that you might not have looked at for the last couple of years.
And it's been working great, but it's also been growing.
And there could be a moment in time where all of a sudden architectures for certain, Uh, you know, size of deployments worked 2 years ago.
But they're insufficient now as you kind of move forward.
So everything related to the best practices, how we assess maturity, All of that stuff is being invested in, is patterns that we will work with our partners And with you to deploy to ensure that you are always healthy.
OK, another dimension, as I said, 2nd dimension of enabling resilient trust in our Infrastructure is this notion of continuous verification.
So I wanted to highlight some of the things we're doing there, But look, I will start with a comment that I made, Uh, to the management team, and, and I think many of you probably see and feel what I'm Gonna say, but it, it certainly feels like the adversaries now have put a target.
On all the weak spots in the identity controls.
And almost industry by industry they're rolling through exploiting.
The back door, and the side door, and the things, the not-happy path stuff that we have Not focused as much on.
And every weakness in identity controls right now is going to be a door.
Of exploitation for our adversaries.
So just a tremendous amount going on here.
This notion of verified trust is the best Defense against what we're seeing.
With the scattered spider attacks right now.
I'll talk a little bit more about that.
But if you think about our fraud and assurance layer, they are designed to help you verify the Trust in the identity controls.
So this is so much more than just the basics now.
The basics were a well-formed, Centralized, standardized authentication service for all of Your products and business units, and/or a well-formed Identity Management Capability for all third parties accessing your system.
And now we are up into the tier where that was great, but it's insufficient for where we're Going.
So these trust services of the assurance and Fraud kind of really came into the focus, and this has been an area of investment for Ping For the last, you know, good, I'd say 5 to 7 years, right about now, It's starting to matter to many of our customers.
So, as I said before, the threat.
Uh, or where we kind of measured the threat of fraud is very transactionally focused.
But what's happened is the adversaries have shifted left.
They focus on weakness at every step of the identity journey.
And so we now need to take a look at what are we doing to protect every step in the journey.
Now, one of the things Ping has done is invested significantly in our PingOne Protect signals.
These signals, this capability, by the way, is our fastest growing capability in the last year.
It's kind of a no-brainer that the evolution of MFA.
Is to put MFA on everything and then make it disappear.
And that's exactly what the PingOne Protect signals do.
We've had customers eliminate 95% of the MFA prompts for their workers.
We've had other customers in the retail industry, so this is customer-facing.
Only log customers in one time a year.
The signals are running behind the scenes invisibly on every interaction.
We're checking.
The status of these signals to ensure that the Session hasn't been hijacked or the account hasn't been taken over.
When we can see intent through the behavior of the interaction with the APIs and we can Alert users, and we can run users through a different journey if the risk crosses certain Certain thresholds.
But what's happening here is that the number of Signals that we're ingesting and the decision making, the policies that go behind our Authentication policies, they're becoming more sophisticated.
And so to underpin this whole thing is this notion: where do we put it?
Decisioning in our infrastructure?
In our Centralized-UI identity infrastructure, we always called it Authentication-and-SSO and Authorization, but where was the authorization?
In terms of Central Control.
We spent 15 years cleaning up Authentication.
The next 15 years are going to be about cleaning up authorization.
And so what we're seeing now are the patterns, and we've been talking about this for several Years.
It's just been one of those technologies that is so complicated and so politically charged.
There's like, we'll avoid it at all costs until we can't avoid it anymore.
That's the authorization conversation.
The time has come.
Now, it's not gonna all happen all at once.
We're gonna find little use cases here and there that we're gonna decide, Hey, we're gonna start to Centralize that decision making to a fine-grained, Dynamic authorization system.
We have one, it's called Authorize.
It's available as a universal service in PingOne and it is available as software so you can Self-manage it.
So this notion that signals get ingested, Not just from us, but from your endpoints, your CrowdStrike, From your ZScaler, from your other SASE, from your gateways, From your API gateways, and Authorized Now is a place that you could make Policy-based decisions informed by real-time data on Do I Allow Access.
Initially, this was used in the financial sector as a way to control what data is shared In OpenBanking.
So our introduction to this came several years Ago when the UK introduced OpenBanking, and the bank said, If I capture consent to share account data with a third party, How do I control what that third party receives when they hit our APIs?
And they needed a fine-grained authorization system to do that.
Roll forward.
And now what's happening is in the financial Sector, the fraud and scams are so sophisticated and happening so fast.
That the release cycles of new websites and new mobile UIs apps is not fast enough.
So now we have companies taking all decisioning out of their channels, putting unauthorized and when they see fraud against their MobileIron or web app, They can change a policy and roll it out in 72 hours.
So I'm just giving you examples.
Roll forward now to Agentic.
An OAuth is a scoping mechanism for Agentic is too broad.
Once again, we need a place to put fine-grained decisioning into what things have access to.
Meaning what data do the agents have access to.
So super excited about that capability, the time is here.
Wanna talk a little bit about um scattered Spider right now.
And what is going on.
This is not rocket science, folks.
But it is incredibly effective.
They are hitting us in the weak spot, the soft underbelly of our organizations, The call centers REs that we've outsourced, responsible for resetting accounts.
And the verification processes that they are using are wholly insufficient.
And the notion that humans could be bribed in the call center to reset an account is an issue.
We have banks now saying the only way that verification can be trusted and secured in our Organization is if IT and security control it, and it's all self-service.
And they're probably right.
So the damage here is pretty significant if you guys are keeping Pace.
And really, my message is that we've spent a lot Of time protecting the front door, but the side doors now need to be fortified.
It's the doors of entry and the doors of re-entry.
How can I reset an account, if I need to reset an account?
So this is where our assurance capabilities, verification and credentials, Neo plays in.
How do we verify a user's real identity?
What signals and capabilities can we orchestrate to build a level of assurance that We're confident in?
What credentials can we issue to that individual that allow them to re-verify themselves at a low cost, low cost of friction, low cost monetarily.
So these two things go hand in glove.
We'd like to verify people on the way in, issue credentials, and use the credentials for high Assurance re-verification in every subsequent interaction.
Including when they call the Call Center and want to reset anything.
We're doing a lot in this space.
So I won't take you through all the Capabilities here, but I do invite you to take a look at this if you haven't, Because the time is now.
We've been talking about this for years.
But suffice it to say there's a lot of capabilities being embedded into this new Paradigm of decentralized identity and verified credentials, mobile Driver's License, Selfie mode, um, new identity data signals that we are bringing into your ability to build an Assurance level you're confident in.
All of that stuff is being embedded in PingID.
So when I said MFA is evolving and we wanted to unify our MFA capabilities between the ForgeRock Rock Authenticator and PingID, I really meant that.
And here's the reason.
The reason is PingID, meaning the app you would give to your employees, Or the SDK, the thing that you would embed in your own applications.
It's becoming a Super APP.
Not a generic super app, but a super identity app.
So embedding the wallet, so that you can issue credentials directly to PingID.
You don't have to build an application for your workforce; they just have PingID.
They're using it to authenticate today.
In the future, You could issue a digital credential.
That credential.
Could be bound to the initial verification, meaning when they go through the initial Verification of document check, and they do the selfie and the biometric compare, That biometric can be embedded in the credential.
So the credential could say, hey, we ran this User through a verification, They passed up to this assurance level.
Here's the biometric that was used at that moment; it's in the credential, And the only way you can use that credential is passing a liveness and deepfake detection test.
Now we have an unbroken chain of trust, resilient trust embedded in the onboarding, Initial onboarding, to every subsequent transaction, to include the re-verification.
The user loses their phone or does something like that.
So just tremendous number of things being embedded into the vision of Authentication.
And this really is the unification of verification, authentication, and in some ways, authorization.
They're all now being merged together around this notion of credentials.
So we have a lot of capabilities embedded in Verified.
A number of you are rolling this out.
Look, 5 years ago, especially through COVID, we went through a moment in time where it was like MFA on everything, especially when we sent all our workers home.
Roll forward to 2025.
If there's one message I want to send, it's like, verification is not optional.
Full stop.
All of you are targets.
And they're going to hit you where you're not looking.
And it's on the edges, it's on the tag, it's, it's the fragments right now that we haven't Paid as much attention to.
So this verification is super important.
We have a lot of new capabilities coming.
This notion of verified onboarding, very, very thematic.
So many of you now have experienced, someone who applies for a job is not the person who Shows up, or someone during the interview process, not the same person.
In certain industries, that statistic is as much as 15%, and some projects in certain industries, fraudulent applicants could equal 50%.
Forget it, even at 15%, this is a problem.
You cannot be hiring someone when you don't know who they are or what their intent actually Is.
So it's a wake-up call to the industry.
This is not someone else's problem; this is our problem.
And this is what Ping Identity is doing.
So this whole idea of tying verification with digital credentials.
Is a use case that we are orchestrating now with our capabilities, And we enable all of these capabilities for all of you.
This is also something that Ping is doing, internally as well.
So I've talked to a lot of companies, especially in the last 6 months, Who feel exposed here and they rightfully should feel exposed.
This is a technology, can I suggest you should not wait.
Until an incident happens.
And you rebuild your network, and you boot everyone off, and you've got one user on Network, and you need to re-onboard everybody else.
Under urgency, I advise you get this capability up and running now.
Whether you use it or not.
The ability to mass onboard is part of enabling resilience, Trust in the infrastructure.
And we shouldn't have the hubris to think that any of us are not vulnerable ultimately to some Weakness in controls that leads to an incident.
So this is part of the resilience story.
Another piece of, uh, kind of the security story, and this is just a little side intro, But just to make people aware, all of the software that Ping delivers, That is now being put into FedRAMP, so that's the US government's kind of controls, If you will, for security for SaaS, those secure containers are now being made available to all of our customers.
So any of our customers that are self-managing.
Their identity infrastructure using IG software, just know you're gonna have a version of that software.
Which is adhering to all of the secure container controls that underpin FedRAMP.
So we're just making that freely available to all of our customers.
All right, last section here.
I wanna talk about what, What's next, and I wanted to start with something that is on our mind about quantum res Resiliency, and what are we doing on that front.
So just know that we are marching towards an End of 27 timeline.
Now unless things change, things are changing awfully quick here.
But there are standards that Ping is involved in right now to ensure that our approach to This is actually going to be the right approach.
But just know that an inventory of all of the places where our SaaS and our software would be Vulnerable to a loss of secrets or security as a result of quantum has been evaluated, Inventoried, and essentially a plan.
Starting from the 2027 date backwards has been put in place.
So this will be kind of a rolling thunder set of announcements, Obviously, as we move forward.
Last section here, I want to talk about what we're doing with AI, and I want to start with what I shared last year, which was an announcement around Helix.
So Helix is the name of our generative AI capability embedded in the core of our Platform to enable AI features and automations in our own platform.
So I think if we're gonna roll out AI features, we're not gonna do it 10 different ways, We're gonna do it one way.
A highly secure way.
And so that's Helix, kind of leveraging the data embedded in our Platform to smartly enable Automations across the entire life cycle of identity.
But I wanna introduce this other concept that how is it that we are gonna secure, not agents built in our Platform, that would be inherently secured by our Platform, Meaning all the identity controls that we espouse would natively be embedded if built An agent on Helix.
What about the agents that are being developed outside of our Platform?
What are we doing about that?
And is there a uniform way in which we could Govern and secure those capabilities?
So before I get into that, I just wanted to highlight one thing that's coming out here very Shortly, this notion of an AI assistant.
This is coming out in PingOne.
I think it's eminent.
So, this is now, as you've become accustomed to, Think like a chatbot sidebar in Admin-UI capability of PingOne, And when you have a question, you just ask it.
And it's been fed with a tremendous amount of information, not just the documentation you have access to.
But it is designed to be your Admin co-pilot.
Does that make sense?
This will roll out to all of our platforms, By the way, we're just starting with PingOne, and like I said, I, I, I feel this is weeks away, but I hope I'm, I'm not speaking out of turn.
We're close.
Think Q4.
All right.
I'm gonna switch gears now and talk about Identity for AI and what we're doing on this front.
And look, this is a new world.
This is a really new world, the number of agents.
That are about to hit the infrastructure, possibly expose data to people it shouldn't Expose it to, and who knows what else Agents are thinking and doing.
Like, how are we going to rein this in, and is there a best pattern and a well-formed Architecture and a well-formed framework by which we could centralize the controls and Security posture for all of these agents?
Uh Ping is spending a lot of time here.
And there are a lot of use cases.
I think our team has come up with 5, what are called core patterns, If you will.
And different infrastructure would be used to Secure different patterns, meaning there's certain populations and certain use cases Cases where a privileged.
Approach is appropriate.
There are other scenarios where a governance Approach is probably appropriate, and in all scenarios, authenticated agents and authorized, Well scoped agents is going to apply to all of them.
But this notion that agents will be accessing our APPs and our data through MCP and A2A Services, um, humans will have personal agents that are interfacing with our infrastructure on Their behalf.
Agents obviously have to be well scoped in.
Terms of what do they have access to that they could divulge.
Agents are gonna talk to agents.
I'm gonna have a personal agent negotiating on my behalf through a commerce channel with some sort of customer agent on the other side of the equation, both sparring it out to achieve their Outcomes, if you will.
So this just looks like a whole new world.
Here's the other thing, We need to identify agents, which means we need to authenticate them, life cycle manage them, in many cases.
Oh guess what, those can now be compromised, I hate to say.
So we used to like worry about, is it a bot or Is it a human?
Connect the wheel.
Get the traffic light.
Now it's, it's an agent; we're sure of that.
Is it a good agent or a bad agent?
And we have a lot of ephemeral agents.
What's their intent?
Haven't seen them before; there's no reputation of those.
It's just a new world.
It's complicated.
One of the things we're working on in our PingOne Protect signals is not just discerning bots From humans, it's looking at the API behavior and looking at the intent behind it and Discerning, is that a good bot or a bad bot?
Is that a good agent or a bad agent?
Because all these agents are going to be built by our adversaries as well, and going to pound our systems.
What if the agent's been compromised?
What if it's a, Is a good agent, but somehow the agent's been compromised.
That whole notion that you can trust for a second is right on the money.
Like this Zero Trust world is not wrong.
Something can be good until the second it's not.
How do we recognize it the second it’s not, it’s not based upon a year of good behavior.
That's an indicator, but it's not a promise of the future.
So super important, this is our new normal.
And this is coming really, really fast.
So you're gonna hear and see a lot of what Ping is doing to make sure we're ahead of this for You.
And guess what, this whole agent world, It's always on.
It'll be bound by what people charge us at the end of the day, So thank goodness for that, but short of that, it's always on.
So the scale, Agentic Scale is gonna be a whole another ballgame for us.
So we'll break agents down into 3 rough categories, uh, For the remainder of the conference this notion of personal agents, Think you're ChatGPT or your Gemini or, you know, whatever, Whatever your personal assistant is, that's one class of agent.
There's a series of ManagedAgents.
Think frontline worker, The chatbot that sits on your website, or think digital worker, Some sort of process automation that you've done that was manual before that you can Automate with an agent that's Managed.
And so enabling trust in this agentic world with Ping infrastructure or Identity Infrastructure, it's gonna boil down to a few things, but as we simplify and break it down, And you think about where is the trust boundary, meaning, what do I see, Control and manage versus what do I not?
And there's a lot of patterns here.
This notion of personal agents hitting our APIs and our MCP servers, What are they allowed to do?
Do I recognize them?
If you extend the infrastructure out to these frontline agents, Again, think a chatbot on your website, connected to your data.
What can those chatbots see and do?
Uh, and then lastly, this notion of the digital worker.
So these are certain automations that you've built, agents for manual tasks.
And again, all of these now might be under the purview of the governance or the control of the Identity Platform authentication, authorization, governance, life cycle management, Consent management, when the agents have a Custodian.
Who's the custodian?
How do we manage that?
So, we'll break this down later in the day in more detail, But just know we are all over this on your behalf.
We view this as our mission.
Agentic, it's a new frontier, it is a new channel, it is a new world, It's coming on fast.
And if you thought cloud was a big disruptor to your infrastructure, Multiply times something to get.
The potential, both threat and opportunity, to all of our organizations.
As I tell my team, my organization, there's no 2nd place in this race, Which is a little bit unfortunate, and it's one of the reasons why we're running headfirst into The unknown here.
The potential for good and bad is so significant you can't ignore it.
So when you think of Ping, think about us developing a solution to help you secure Agentic, Agentic Channels, Personal Assistants.
Think about us as enabling this securely on your behalf.
And think about the ability to deliver identity controls now for these non-human identities we Call agents.
Let me go back one.
Let's roll a little video on what Ping is doing with Agentic.
AI agents are here, bringing incredible potential, but also real risks.
These Autonomous digital helpers handle tasks and make decisions without direct human Intervention.
So, can we extend trust to them?
At Ping Identity, we know digital trust must be earned and verified, Especially for artificial intelligence.
An AI agent should never impersonate a human, and a human should never give an agent.
Direct credentials.
That's why we're building a solution specifically for AI agents.
We help you identify and authorize only the right AI agents.
Each agent gets its own secure, traceable, and policy-based identity.
We ensure they have just the access they need, only when they need it.
With clear boundaries and expiration timers.
It's about empowering your AI while keeping you In control.
For critical tasks, human approval is essential.
Human in the loop authorization leverages built-in workflows to reduce risk, Ensure compliance, and provide trusted human oversight.
We also go beyond basic Good Bot, Bad Bot filtering.
We analyze intent and behavior to weed out legitimate AI agents from those with bad Intentions.
Ping Identity simplifies Genic AI management.
With automated setup, tailored access, and easy deactivation.
With continuous monitoring and detailed audits, we keep your AI agents functioning as intended and your organization secure.
Ping Identity empowers you to embrace the power of AI agents without constant worry and gives You the clarity and control you need, so your agents act with purpose and accountability, Not risk.
All right, a new world, a great vision.
And we are going to work with many of you, if not I hope all of you, To help secure this.
All right, so I want to come back, sorry about that.
Let me come back one slide, uh, last couple of slides, and I'm gonna wrap up.
Many of you have thought of paying as a Partner for Trusted Access or Secure Access.
And we appreciate the trust that you've given us in the journey over the course of the last couple of decades as we've co-developed and co-innovated with many of you through that Whole authentication journey.
I just invite you to think bigger now around this unified platform vision.
These are things that we've been investing in for many years.
This isn't new.
But if you thought about Ping as your trusted partner for access.
You now need to think of Ping, I would hope in a much larger context.
These are all the things that we have been doing and acquiring and innovating with many of You as we build the future together, and we're not done.
Next year, I'll probably come back.
There'll be other boxes on this, either developed or acquired, Many by the recommendations from you as you look to unify your partnership, Strategic partnership with us.
So, look, thank you for trusting us with your identity controls.
I hope this was informative.
I hope you get as excited about this as I do The Ping Team is.
Um, we certainly are very, very honored to serve all of you.
We take it super seriously.
We hope to earn your trust in the future.
Each one of these conferences is an opportunity for us to, For you to judge the say do ratio of Ping.
If we say it, We're going to do it.
We're very committed to that.
So once again, thank you all for being here, thanks to everyone who tuned in online.

The world of Identity is changing fast.
Deepfakes, AI agents, and evolving threats demand more than just authentication.
They demand verified trust.
Ping Identity is redefining what it means to secure identities from seamless onboarding in Milliseconds to frictionless verification for everyone.
Interaction and as we enter the eugenic era, Ping is building the guardrails for the future Where humans and AI agents work together securely, confidently, And without compromise.
The roadmap that's shaping the next decade of identity and access management starts with Resilient Trust, and It Starts Now.
Ladies and gentlemen, please welcome to the stage, Chief Product Officer for Ping Identity, Peter Barker.
Let me tell you good morning Everyone.
I'm judging from the buzz in the room that Folks had a good time last night in Austin, Maybe got some good food, Yeah, any, I, well, I missed out a bit.
I do love Austin.
I have a home here and, uh, I've enjoyed many of the great things down here.
Um, it's a great place, great place.
So I am here to continue the conversation about Resilient trust and.
And, uh, we heard from André yesterday that When it comes to identity, there's a lot more, more attacks, More complexity, more vendors that we have to deal with, And naturally, of course, more identities and, you know, Identity is becoming really essential, more essential than ever in securing the enterprise And also enabling the digital economy and what's coming.
Uh, but you know, really, how do we get there?
How do we take it from where we are today to The next step?
So I'm gonna talk a little bit about two specific topics that.
We really hear a lot from our customers and concerns about, But also the opportunity that it presents.
And these that I'm talking about are deep fakes and the threat of AI on identity, But importantly, also the Agentic Era and the opportunity that agents really present to all Of us, and of course, the risks that come along with that.
So I'm gonna start first with our deep fakes and.
What we're seeing around this concept and how at Ping Identity, we're helping you as customers Deal with this, this threat.
Um, I'm going to start here.
I think it's kind of ironic that the individual and the organization that's really been driving All this change in the world is also real ly concerned about the risks that come along With it.
I'm glad.
That at least he is, you know, taking that role to make sure that we're aware of that.
So, you know, the impending significant fraud risks that we're seeing.
And at Ping Identity, what we're doing to sort of address these risks around the threat of AI and deep fakes is a concept we call Verified Trust.
And I'm gonna explain what we mean about this, but the punchline is that identity verification is becoming extraordinarily important to the future of identity.
So, I'm just gonna start with a little bit of history around the innovation at Ping Identity And the journey we've been on and how these things kind of tie together.
And ultimately deliver on our vision of verified trust.
So it starts with, as a company, we started as an identity security company delivering great Products like single sign-on and MFA and Directory and Access, And we followed that with some additional products around identity fraud.
So our Protect product, our authorization product as well, Followed that with some additional products in the space of identity.
The assurance.
So if we look at PingOne Verify as example, And then some additional innovation that came after that, That is really reinforcing many of these core pillars of identity security, Identity fraud, and identity assurance, uh, the merger with ForgeRock, The great announcement, exciting announcement We made yesterday about adding just-in-time Privileged access to our portfolio as well with PingOne Privilege.
But I want you to pay a little attention to those three bars across the top because They're gonna be really become really important to the rest of this conversation.
Uh, when André did his presentation yesterday, he talked about dimensions of unification, And the first dimension of unification that he covered was around identity type unification.
So everything from your workforce identities, customer identities, Partner identities, and now.
This new NHI type, which are agents.
So that's one degree of unification that we're Seeing across the identity industry.
The next is really around the unification or convergence of access and governance and Privilege, which I would say, uh, a lot of folks have understood and recognized that these Swim lanes, traditionally siloed swim lanes are really starting to converge and bleed over Together.
But what's interesting about these is I really Consider.
These three categories to be squarely in the Swim lane of identity security.
Um, but if you'll remember from the prior slide, I talked about two other categories, too, and that brings us to.
What we'd call the third dimension of unification, which is, It's not just about identity security any longer, but also identity fraud and identity Assurance is critical to converging together along with identity security to really deal With the threats that we're seeing today.
All of these things need to work together.
Historically, customers have really thought about and deployed.
Identity security technologies, identity verification, uh, or assurance and identity fraud capabilities, maybe independently, But what we're seeing is a massive need to bring these together and integrate them across the capabilities.
They all feed into each other to provide the Protections that we need.
And that's where the concept of Verified Trust Really comes into play.
So let me double-click a little more.
Uh, what we're really talking about is going from authentication to verified trust.
And if you think about the current paradigm of trust when it comes to identity today.
It's one of implicit trust.
And what I mean by that is a user will log in or authenticate to a service.
Sometimes that authentication is, you know, weaker or stronger, But at the end of the day, the user authenticates to an account.
And by virtue of that authentication to the account, the service is trusting that the user is who they say they are.
But I think what we would all agree on today is that you can't implicitly trust any longer that Just because someone was able to successfully authenticate to an account, that it is actually who they are purporting to be.
And I think that's the gap that we now have in The paradigm of trust and identity that needs to be solved.
And so that brings us to the next evolution of trust that we see in identity, which is one of much more explicit trust, where we are establishing trust, Not just from the user to the service, but Importantly, also from the service to the user.
And this is where.
Identity verification is going to come into play A huge part and not just identity verification, but also identity fraud capabilities.
Because you want to use a combination of not just the Identity security techniques we have Today, but also those risk signals coming from, uh, the fraud category as well as strong verification of the human saying they are.
And another step that we see is user-to-user trust, because especially in the online digital world, where you might have somebody pretending to be a CFO who's asking an AP clerk to write a Big check to a vendor, and they're maybe defrauding the organization in that case, Being able to confirm that the user is who they say they are is really important also.
So this model of explicit Trust, a verified Trust basically means that it's no longer just About Authentication, but, or just about Authorization, but it's verified Authentication, Verified authorization.
And so the various use cases that we hear from customers that are, You're worried about when it comes to deploying verification into your environments.
Of course, initial onboarding is an important place to establish that the human is who They're saying they are, but also ongoing access.
How do we ensure that as people access those critical resources, they are safe Continuously verified and that you haven't somehow had the, The account compromised?
Uh, account recovery and password reset are really critical areas.
Andre talked about it yesterday.
How important it is to really fuel self-service flows for this.
Um, and we'll, we'll talk about this a little bit more later on as well, But that's a really important, critical moment in the identity journey that you just cannot Not have verification as part of Verified Peers As we talked about, and authorization as well.
So if we think about in banking, For example, signing transactions.
If you happen to be, Uh, transferring a big amount of money, and we sign that, Let's make sure that it's not just signed, that it's a valid transfer.
But also verified that it's actually the human who it is.
So there's a lot of use cases where we see the need to infuse verification in every Identity interaction.
But one of the challenges with verification, if you think about it, is it's kind of expensive.
And if you think about today's state-of-the-art when it comes to identity verification, You do things like take a photo of your ID front and back, and you take a selfie.
You might have to answer a couple of data knowledge questions as well to prove it is who You say you, who you say you are.
But the challenge with that is that can take, that process can take, You know, 30 seconds, that process can take minutes.
It would be impossible to really inject that verification process or re-verification process, You know, in a lot of different moments of the identity journey because it's just Expensive, expensive from a user experience standpoint and also just expensive financially, You know, as you pay your vendors to do these checks, it's kind of an expensive transaction.
If you compare that to Authentication, Authentication is cheap.
And at the end of the day for us to deliver on the promise of verified trust at Ping Identity, We want to make verification as cheap as authentication, both from a user experience standpoint as well as just financially, so that customers can really elevate the amount of Trust that you're delivering to your end users, uh, and do it pervasively throughout the Journey.
So that brings us to some.
Design principles that we're thinking about.
It's not just about that initial verification, but it's how do you get a continuous Verification posture or re-verification of the identity.
So we want to be able to deliver an experience where you go from low assurance to high Assurance in milliseconds, not minutes.
And that's critical as part of this.
Also, it's really important that as we're dealing with identity verification, Of course, we're dealing with some sensitive data like biometrics, For example, as part of how we verify people are who they say they are.
It's really important to us that as part of our design principles around this is having it be Privacy preserving as well.
Things like, uh, GDPR compliant, for example.
We want this to be infused in every identity interaction.
We feel so strongly that to bring true trust in every digital moment, Which is our mission that Andre shared yesterday, we have to be able to bring Verification into every step.
We need it to be frictionless.
We need the UX to be invisible.
Uh, and then we need it to be a low cost of ownership.
As I said earlier, we need this to become as cheap as authentication.
It's becoming as important as authentication.
So the way we plan to deliver verified trust is via a combination of things.
Our PingOne mobile app, which our customers typically deploy to your end-user communities In workforce identity use cases, but also importantly, our Ping SDKs, which you use to embed Identity experiences into your own applications.
And if you think about Ping Identity today or the SDKs, it's usually a lot about MFA, Multi-factor authentication.
So you're doing like a direct push number Challenge kind of thing.
But PingOne is gonna become a lot more than just a MFA app.
It's not just about authentication, but it's gonna be about trust or verification as well.
So we've already embedded.
Our identity verification, uh, capability into PingID.
We've embedded our decentralized credentials capability into Ping Identity.
We are starting to bring Protect Risk signals into the experience, and also we're working on Device.
Trust.
And if you think about really raising trust Level for the, for the Identity Experience, all of these things need to work together.
So it's going back to that third dimension of unification that I was talking about.
It's not just identity security, but it's identity fraud and identity assurance all Coming together.
And if you look at this slide, There isn't much new on this slide, and that's actually a good thing.
But what is new is that we plan to deliver this in an entirely new experience for the Users.
And as I said earlier, we want that experience.
To be seamless and invisible, but really give you a much, Much higher level of assurance.
So bringing identity verification into the Authentication experience in a way that the user feels that it's very natural and easy so that you can deploy these things at scale.
So I'm going to talk a little bit now about some roadmap on some of these key bullets that You see on this slide, starting with PingOne Verify, which is our identity verification capability.
So in Q4, we're going to be adding some Additional IP reputation, email, and phone intelligence, uh, To make sure that we get even more assurance built into the verification pro, uh, Process.
We're going to be introducing global data-based Checks into the product as well.
This will help for our customers who have End user communities that are on a more global level.
We're also going to be introducing Global Watchlist, uh, Checks as well as part of the verification process to make sure that we're not verifying or allowing somebody in who happens to be on a watch list.
On PingOne Protect, which is our fraud and our risk signal product, We're gonna be adding some, uh, great additional features as well.
One of the big ones, and I'm going to talk a lot more about this in the second half of my Presentation, is really how do we detect AI Agents?
Because this is a new kind of.
Concept coming in the front door.
Historically, as an industry, we've thought about bots as being bad, and we want to get rid of bots.
But when it comes to AI agents, AI agents can Actually be good.
So we need our Protect product to help you tell The difference between a bad and a good bot Coming in.
Uh, we're also going to be introducing more advanced signals for new account fraud and Account takeover.
We're going to be implementing some Graph-based techniques in our large data lakes to make sure that we can even see stronger signals that are indicators that new account fraud may be happening or account takeover.
And then, importantly, we want to make it simpler for our customers right out of box Configure our PingOne Protect product.
If you.
Aren't taking advantage of this product today, You really should be considering it.
It's not just a fraud or a risk product.
The other thing a lot of customers are getting big benefit from is deploying it to improve the User experience because it can also help ease the experience like reduce.
The amount of MFA challenges that you have to do.
Like at Ping Identity, for example, when I log in every day, I rarely have to authenticate or do MFA challenges because it just knows I'm in my usual Patterns.
And then when I do something unusual, Then I get challenged and step up.
So I have a much better experience.
And then on PingOne credentials, uh, we have some great, exciting things happening here.
This is our decentralized identity capability.
So we're going to be, We're working to be able to issue into third party wallets, Leveraging some Open standards there.
Um, we also want to be able to do verification from third, You know, the platform wallets that are out there today, And then.
Um, delegation is a huge area that customers have been asking about, as well as how do you take a credential that's been issued Decentralized to you and delegate it to other people for, For use.
Now I'm going to switch gears and talk a bit about the roadmap on Verified Trust itself.
So this is more the integrated experience bringing these products together.
So we are looking at introducing our verified onboarding and access use cases into the Ping ID app in Q1 coming up soon.
So when you're rolling out the PingID mobile app to your workforce community, They will be able to take advantage and you will be able to take advantage of the new Integrated experience that brings these concepts together to raise that level of trust.
Uh, we'll be introducing the account recovery and reset flows, Uh, shortly thereafter, and then we're looking at peer-to-peer in the back half of next year.
So that's a huge concept we've been talking a lot about with customers.
And as we've talked, as I've talked to many customers this week and when I was on the road In Asia, verification is just a huge concern for everybody.
And so this is our strategy and our approach to helping customers with this challenge.
I'm gonna switch gears now.
I'm gonna talk about this other part of AI.
That is a really fascinating and super fast moving area, Which is the Agentic Era and AI Agents and How It's Going to Change the World.
And as I've thought about it, uh, I don't know how each of you think about this.
I, the way I've sort of come down to, to understanding it better is, I'd like to say the UI of the Internet is changing.
And we're going from the concept of search engines like Google and others to Answer engines, but the next evolution after that would be outcome engines.
And so, if you think about the concept of search today, We've all been highly trained on how to enter the right combination of keywords to get that Magic list of links that we're all going to click through and trying to find that one Information we're searching for.
And that's the search engine world or paradigm that we're in today.
But the reality is with things like LLMs and ChatGPT and Perplexity and Anthropic and all Of these, they're really becoming answer engines, right?
We don't, for those of you using these things, I think we very quickly adapted from Typing a few key keywords into the search to fully formed questions and, and context.
Hey, I'm working on this project and.
I'm trying to figure this out, and could you just give me this answer, and voila, I get an answer.
I don't have to go through this complicated set of search, reading articles.
It just brings it all together for me.
So it's going from searching to just getting answers, which is really powerful on its own Right.
The next evolution beyond that is what I'd call An outcome engine.
It's not just about searching or getting Answers, but just go do it.
You know, if I think about the example of, I don't know, Shopping for car insurance, it used to be search for car insurance in my search engine And I would go look at some links.
Now it's like, Hey, Chat GPT, what's the best car, highest rated car insurance companies that have a good Price?
And now it's giving me answers to, you know, This final outcome-based one is just, hey, go get me some car insurance.
I want to save some money.
Uh, make sure you check with me before you pull the trigger.
That, that would be great.
But that's the, the, The, you know, why I say the UI of the Internet is changing.
Just our entire experience of the Internet is changing.
So we return to Mr.
Altman here, uh.
Recommending that we give minimum access to agents.
Probably no news to folks in this crowd.
Things like least privilege and minimum access are core principles we've been dealing with for A while, um, but I'm glad to see that, you know, he's warning against these risks.
So as we think about AI at Ping Identity.
Uh, we think about two concepts.
I think André talked about this yesterday as Well.
We think about identity for AI, and we think About AI for identity.
When it comes to identity for AI, that's leveraging the Ping platform to Secure and enable AI agents that are in your enterprise or maybe that customers are bringing To you.
Uh, so that's using our Core Identity Functionality to secure the AI agents.
It's using our platform to do that just like You would do for other types of identities like human identities.
Meanwhile, AI for identity is really about how do we at Ping Identity and you as Customers use the power of AI to improve.
Identity itself.
And that's our, our AI platform and our products that we're building is called the Helix.
It's an AI-based platform that allows our Customers, I'm sorry, our developers build rich AI features in our products to automate Identity for you.
So these are the two halves of the coin that we Look at when it comes to AI.
On the first one, if you look at this slide and you think about what are some of the core Principles that are needed to enable identity for AI, You see some very familiar words here, identify and recognize, Onboard and register, authenticate, authorize, govern.
And the reason I think these are all so familiar is because it's just another identity Type.
It happens to be a non-human identity type, An NHI, but it needs all of the same things around identity as your traditional human-based identity types as well.
Meanwhile, if I flip the coin and I look at AI for identity, We have a different set of concerns.
This is where we're looking at how we do support things like agentic workflows in our Products?
How do we do, make it really low code, No code and developer friendly.
How do we make it safe and private so that as Customers, if you're adopting AI features that Ping delivers in our products that you know That it's being, it's being treated safely, that when we sign a contract and your legal Teams are imposing clauses and terms on Ping.
To comply with in the contract around the use of AI that we can confidently say, Yes, we can comply with all of that.
So at Ping, we took a really intentional approach with Helix to centralize all of our AI Development to make sure that we're doing it consistently in our products rather than Turning a team of 700 developers free and just say, hey, Go build AI.
We took a really, really intentional approach.
Here on that.
So, I am, uh, going to spend just a moment Longer on AI for identity, and I just want to show another demo of something that's possible That's gonna infuse a few different concepts together.
And what you'll see is actually, it's a, it's a rather simple demo, But I think it's an important demo because it shows you what's possible because it's bringing Together three different concepts.
It's bringing together the concept of um.
A chat interface on the right-hand side.
And this is a bit of a preview of some of the AI development work and AI features that we're bringing into our products so that you can do Things like natural language queries and interaction with the Ping systems.
It's gonna bring together voice as well, as you'll hear in a moment.
And the other thing it's going to bring together is helping the end user navigate the Product and learn the product on the fly.
So in this demo, you’re going to hear two voices.
The first voice is the AI talking to an administrator using voice, and natural language voice to perform a relatively simple workflow, such as, uh, set a bypassing MFA for a user who happens to.
Maybe to be traveling, they've verified themselves.
They just can't get into their account, and the help desk wants to, Uh, bypass MFA.
So let's take a listen real quick.
I've successfully started the workflow to temporarily bypass MFA.
Please specify the user you'd like to select.
I would like to select John Doe.
Let's proceed to see how to allow MFA bypass for this user.
Let me know when you're ready for the next step.
I'm ready.
I'll now navigate to the Services tab and open the Authentication section where you'll see the MFA status for this user.
Please let me know when you're ready to proceed.
I'm ready to proceed.
As you can see, the user has MFA enabled.
You can see the MFA bypass option here.
Please let me know if you are ready to proceed to the next step.
OK, we can go ahead with our MFA bypass.
You can see the time duration for which the MFA bypass will be active.
I would like to remind you that disabling MFA for a user is a security risk and should only Be done in emergency situations.
This brings us to the end of this workflow.
So it's powerful there again, again, a simple example, but this is a predefined workflow that Has been set up to enable a delegated administrative task to bypass MFA.
But it also, as you can see, it was Live navigating the product.
It was interacting with the end user.
Administrator in natural language.
So it's just the power of AI is so powerful.
So just a preview of what we're working on, uh, the voice-based features are something that's Later in our roadmap, but the chat interface you see on the right, That's coming sooner, and I'll get into that here in a moment.
Before I do get into that though, I just want to take a minute longer on identity for AI.
This is about how we are going to secure, uh, AI agents, But also importantly, enable them.
Uh, yes, Sam is reminding us again.
Lots of opportunity, but lots of risk we gotta deal with.
Right?
At Ping Identity, we've been at this for a While.
I want to just point this out because I think It's important.
It's not a new concept.
NHI is not a new concept to Ping.
Uh, we've been working on it for quite some time, uh, With things around our support of IoT-based devices, things like service accounts, which are, which are NHI.
And so we have been implementing support for NHI types into our products for quite some time, So that's not new for us.
The other thing we've been doing historically is we're focusing on OpenBanking and why do I Mention OpenBanking?
Well, if you think about the concept of OpenBanking Banking, which started in the UK, has moved to other places like Europe and Australia.
South America and briefly for a moment in the United States.
It's a concept of federated trust because I, as a user, have a FinTech that I want to access my Bank.
So it's a cross-domain federated trust model.
Where I as a user, I'm delegating access to a third party to my sensitive information.
Not that different to me delegating access to an AI agent accessing back-end systems.
So this complex federated trust model that we've been working on with OpenBanking Actually really applies here.
So things like, uh, you know, PR and RA and OAuth become really important that we've been Implementing, uh, for that.
So these concepts are coming together.
Simultaneously to help us support identity for AI.
So at, at Ping, we don't see it as just providing agent identity.
We also see it being really, really important that we keep the human in the loop with user Authorization, and that's where this federated trust model comes in.
So it's really Identity for Agents and Trust for Humanity.
And I kind of intentionally use the word humanity here as opposed to humans, Just because AI poses such a significant threat to all of us.
The other thing I'd like to cover too is to talk a little bit about the, The kind of how we see AI agents.
A lot of us talk about the risk side of the Equation, and it's another NHI type that needs to be managed and secured.
But the other side is the commerce angle.
It's another channel of commerce, Uh, where if you think about things like bricks and mortar, You think about Web, you think about mobile.
AI agents are the next channel of interaction for your customers into your company.
And that has implications for things like customer relationship management.
That means you have to track these things in a different way because you no longer have the Human coming through the front door, you have a friendly agent, Hopefully friendly.
And importantly, we need to keep the human in The loop.
And as I said earlier, we have these other Concerns on the risk side that really follow the NHI types.
So our approach is not just to secure the agents, but also enable them, Enable the new Channel of Commerce.
So there are 3 types, general types of Agents that we think about.
There's the one on the left and there's 2 on the right.
The 2 on the right we think of as enterprise managed agents.
So whether it's a digital assistant helping your Customers or a fully Autonomous Worker or A digital worker, those are things that you and the enterprise manage directly.
On the other hand, you have these personal agents that customers are going to be bringing To you.
And so I want to take a moment to look at these 3 different agent types and look at the trust boundaries and how we're enabling them.
So in the personal agent case, this is where your customers bring an agent to interact With you, accessing resources in your enterprise via things like M2M-Apps or agent to Agent protocols.
And there's a trust boundary, meaning to say that's yours, The boundary of your enterprise versus the external agent and customer.
And at Ping, we help you with all the concepts involved here and the flows that are involved Here to secure these flows, the human identity, the agent registration and authorization, And the human in the loop as well.
When it comes to digital assistants, the trust boundary kind of moves because now it's your Agent serving your customers.
But again, Ping is able to help you with all of the concerns here that are involved.
And we have much more detail behind these slides that explain exactly how you can use the Ping Identity Platform to secure these flows.
And then finally, for the Autonomous IAM worker, here, the trust boundary moves again because Everything's inside your, your enterprise.
But again, Ping is able to support all of the key flows here as well.
So it's an exciting time, and I'm gonna give you a little bit of a roadmap to wrap up my Presentation here.
And again, going back to those two halves of the coin, So we are releasing Agent authentication and authorization here, Uh, this coming quarter.
So this will enable you to have a distinct identity type and AI agent to authenticate and Authorize.
We're going to be introducing AI genic life Cycle into our products as well in the first half of next year, As well as being able to detect those good versus bad bots.
All of these things work together to fully enable the opportunity around Agents.
On the other side of the coin, AI for Identity.
This is our Helix roadmap.
This is us delivering AI features to you in our products.
So I showed you that AI-assisted administration experience in that demo, Not the voice part, but the chat interface part.
Q126, we're going to be releasing that into some of our products.
We're also introducing AI into our governance, Identity-Governance-IGA capabilities to help you with things like role mining, role discovery.
And then our analytics, so you can ask questions like, hey, How many failed login attempts have I had over the last 24 hours?
And also we'll be introducing MCP servers as well because we know you as customers want Interact with our products using agents.
OK, so that's my presentation.
Um, just a couple of things I want to highlight For the rest of the day before we transition to the next, Uh, portion of the discussion is.
We have some great folks who've got some presentations later today that I'd like to call Your attention to.
Chris Price talking about verification just Being the beginning.
He's gonna deep dive on decentralized identity And how that comes in, so I encourage you to see that.
David Gusdala is going to be talking about dynamic experiences with adaptive Authentication, and then Matthew Key, Strengthening digital trust with authorization.
Also, uh, the Trust Lab, our product managers are out there.
We've got demos, we've got all our experts.
If you have burning questions or feedback, We'd really like you to come see us out at the Trust Lab.
So thank you all very much.
Really appreciate it.
We're going to move on to the next section in our presentation.
And again, thank you to all those who are tuning in digitally as well.
Hope you found that really useful.
Have a great day.

Ladies and gentlemen, to help prepare you for the future, Please welcome researcher and futurist, Heather Vescent.
Good afternoon, everyone.
Thank you, thank you.
So today I'm going to take you on a tour of the future.
We're going to look at future-proofing the age of agents.
And I want to invite you to take a journey with me into the future, But don't worry, you're not going to age a day.
I want you to imagine it's the year 2030, and you can be sitting right here where you are Right now at a conference.
And I want you to imagine that the digital technology you're using today has evolved 5 Years.
And specifically, I want you to imagine what It's like to live and work in the age of agents.
How do you check in with your team, some of whom might not even be human.
How do you talk to your family, your friends, your parents?
How do you discover music and movies?
How do you manage all the things associated with your life?
Get updates on your investments, manage your travel bookings, Share data securely with your doctor?
How does that technology solve problems you have today and make your life better?
How does it help you do your work better, to give your clients more security?
How does it add peace of mind and make you a better person?
You're doing everything in that future that you're doing today, But the technology you use has evolved.
OK, let's come back to 2025.
I'm gonna help you make that technology that we're creating for our future selves the best It can be.
Future-proofing is the process of understanding The impact a product or technology might have in the future, So that you can understand and address any potential downsides.
Future-proofing asks what benefits might this bring, what problems might it create, And what unintended consequences might emerge.
Because anyone who's ever launched technology before knows people will use your technology in Ways you never imagined, and often with surprising results, Because humans, and especially threat actors are endlessly creative.
So if you don't futureproof your product, REST assured, someone else is gonna push your Product into the future anyway.
And they won't have the power that you do to make it better.
For example, we didn't set out to make people memorize hundreds of passwords.
But we designed usernames and passwords because we wanted to have a secure relationship and Interaction with the websites we use and the apps we use.
But we optimize this technology from the technology's perspective, Not human convenience.
And that decision created tech debt, security vulnerabilities, and yes, Business opportunities.
This morning you heard Andre talk about agentic identity, and he shared some of the examples Showing the new security needs that entice identity needs.
But we're currently living in the age of identity systems built for humans, Even though agents will need their own specific identity needs.
So we will solve these new identic AI technology problems by creating new igentic AI Solutions.
But will those solutions introduce new problems?
In the future?
Is there any way we could anticipate those?
Problems now and build better identity systems for both agents and humans?
Agentic AI is one of the top visions of the future that we're all talking about right now.
But the vision we're being sold doesn't exist yet.
There's a gap between what that mature technology will be able to do when fully Developed, and what we can do with it today.
We imagined super intelligent digital employees.
But we have pilot projects with limited scale.
We use workarounds to manage data limits, and we train ourselves to create better prompts so We get the results we want.
We're doing our best today with the technology we have.
Gartner's AI Hype Cycle shows AI agents at the peak of inflated expectations, With 2 to 5 years before they hit the plateau of productivity.
So by 2030, we'll have all these kinks worked out, right?
That means we have the next 5 years to influence the trajectory of this technology.
And since it's sliding into the trough of disillusionment, that means the spotlight's gonna be off us, which will be helpful when we try to build really hard things with Ever-changing technology.
We might want these future visions to occur faster, but this is actually a great pause, because between today and the future.
Is a space where we can exert our influence.
And yes, we can influence the future.
My question for you is, how do you want to?
I love this quote by William Gibson, because it reminds us that we already see Glimpses of the future.
Futurists call these glimpses pockets of the future and the present.
They might exist in only a narrow or constrained way.
But even in those limited forms, they give us a sense of what is possible.
So I'd like to begin our journey into the future by visiting some pockets of the future In the present.
You already heard Andre talk a little bit.
About some digital assistants and co-pilots.
These are tools that use AI as a thought partner, and you probably encountered them in Your inbox, your code editor, or while using your favorite large language model.
One of my favorite examples of this comes from my friend Maria Anderson.
She's a teacher.
She started a company called Socrate to help Her be more present in her classrooms when she's teaching.
Imagine a teacher with an ambient AI assistant in the classroom.
It handles the routine tasks like tracking attendance, logging assignments, Keeping notes on who's doing a great job and who's misbehaving.
That frees my friend Maria to be present with her students and teach the material.
After the session, after the class, the agent provides a recap of the session, which is really helpful for her not to have to rely on her memory of how every class goes when She's had 5 back-to-back and is doing her recaps at the end of the day.
The first digital agent I built was a deep fake of my friend David Birch.
I trained it on his writing and his unique style.
I even asked him if he'd send me PDFs of his books so I could train it better, And he did.
Once I was happy with it, I had his deep fake Agent wrote an article about deep fakes, and he liked it so much that he now uses IT as a thought partner.
That started out as a way for me to try to use the technology in a negative, Deep fakey way, but it became really useful and helpful for him.
AI agents use tools and access data to do a specific task.
It might be scheduling a service technician or booking a restaurant.
One of my favorite examples of this is the AI bot army created by Akit Boga.
These agents, which pretend to be the scammer's target market scammer's target, Are designed to call scammers and waste their time on the phone.
That way, the scammers can't be on phone targeting real humans.
This is a brilliant countermeasure to use AI as an attack for the threat Agents.
And you can see it live on his YouTube channel.
Agentic AI cannot exist independently.
It needs infrastructure to function.
We need to be able to trust that agent, and we're using existing standards and toolkits in Order to provide, to have trust with that agent.
Mini agent technology draws on infrastructure we already have today.
This concept of Know Your Customer, Know Your Agent, using existing identity standards like Decentralized Identifiers, Verifiable Credentials, and OAuth.
And it's not just big companies building this future.
If you browse Reddit or Fiverr, you see hundreds of people offering to create custom Agents for specific use cases.
I've been a futurist for some time, and this isn't the first time I've explored AI-enabled Futures.
In preparing for today, I revised some Scenarios I wrote for IEEE about 10 years ago.
They're a little further out on the horizon, but they can give us an idea of what we might Think could be possible in the future.
When it comes to digital employees, one of the scenarios I had come up with was a team of both Human and non-human employees, and I had two non-human employees as part of the members There.
Um, one of my non-human teammates was Martine.
I envisioned her as a cloud-based Intelligence which would do data analysis.
I also had my team member Vienna, who was both a digital employee in a robotic Body equipped with environmental sensors in order to track data out in the field, and then Be able to uh do analysis and share that data with their full team.
These two team members initiated meetings, analyzed complex data streams, and conducted field research as fully-fledged colleagues with their human colleagues.
In another scenario, which was more consumer focused, I created this concept of Nicoletta, which was kind of a combination, if you can imagine like a robotic pet that did a lot of Additional sensor analysis.
It monitored vital signs, Acted like a family well-being agent, Coordinated health data sharing with doctors, Managed home environments, medicine you're taking, and even provided companionship.
And revisiting these ideas made me have some bigger questions.
If we're gonna have non-humans operate as agents, will they be able to make their own Agents?
I can imagine my smart home has its own agent that might coordinate with my solar panels, which might in turn coordinate with my utility Grid Agent, and I wonder, would this allow me to donate my excess Electricity to lower-income houses in my neighborhood?
And then what if we go further out?
Will we see non-human entrepreneurs start businesses?
Will they be able to autonomously make money that the agent is responsible for?
Will non-human investors fund these types of companies?
What rights might these non-human contributors have?
Would they be treated like humans, like corporations?
Would they pay taxes?
And if they broke the law, would they go to jail?
Some of these questions may seem far beyond 2030, so for now, Let's dial it back.
I want to take all these ideas and put them together.
And remind everyone that the future is not set in stone.
There are many possible futures, and it's possibilities constantly change as the World changes.
So I want to start with a neutral starting point of what the future of 2030 could look Like.
And we're going to be back here right at this Conference.
When you woke up, maybe you had a summary of The actions that your work Agents did for you.
But there might be a few tasks that you’ve got to sign off on to make sure that.
They're fully authorized.
In the world that André was talking about this morning, it sounds like we're gonna be managing Thousands of agent identities in addition to our human UM teams.
I can really imagine a hybrid workforce that works smoothly with the agents, um, supporting Humans and the humans giving direction to the agents when they need to do certain things or Get approval.
And the scale of the amount of work we're going To be able to do will change.
Agents are going to be doing their own thing, acting simultaneously across multiple Permissions in real time.
Permissions might be changing moment-by-moment based on context.
Back home in your personal life, your family agent might provide a recap of your home, Filtering all the messages you might be getting in, and really only flagging or sending The ones that are really important.
You might also get updates from your smart home.
What's the weather like going on?
Are you gonna get a storm?
How's your solar array going?
And maybe even some snapshots of the wildlife that are captured on your wildlife cams.
You might have a wellness Agent that's asking you to securely share data with your doctor in order to fill some prescriptions.
These are just kind of some of the ideas that I've been playing around with, But what could be our AI agent future 2030.
That's our baseline, and now, I want to take you through the future with two different Lenses.
Cory Doctorow coined the term Incidification in his 2024 Marshall McLuhan.
Lecture.
How many folks here have heard the term in shitification?
A few of you: it describes what happens to digital platforms that Slowly degrade over time.
At first, the platform serves its users, then it shifts to prioritize the business users, And then it exists to only serve itself, and then it dies.
So what could an identified future look like?
Well, competition dries up, products get worse, but users have no real choice.
Regulation is created to protect corporate giants instead of people.
Users are forced to fight back, building their own technology with hacks and workarounds, and employees might burn out.
But corporations still hold the power, the employees can't build better technology.
So let's apply this to an agentic world.
You've got businesses who don't just approve vendors, they only approve the vendors who pay For their top ranking.
Your wellness agent is constantly upselling you on treatments, Not necessarily because you need them or that they're good for you, But because someone paid for the placement for them to do that.
Your family agent has locked you into a corporate ecosystem whose security is not Staying up to speed with the needs of the world, but it's nearly impossible for you to switch.
Your AI agents flood you with noise, stress you out, and you're constantly on guard, Feeling like you have to protect yourself from what they want, They're not helping you.
An alternate view.
Of the future is through the lens of calm Design.
Amber Case says that this is a design philosophy that creates technology which Respects human attention.
It only requires the minimum focus needed and provides the information that you need in The peripheral, rather than like dragging your attention over to it.
Calm Technology is technology that works with human attention, Surfacing only when you need it.
So, what does a calm future look like?
Your business agent handles routine approvals silently, surfacing only when there's an Exception, and you need to look at it.
There's a Wellness Agent that balances your privacy with care, Monitoring in the background, alerting you to only true emergencies.
And your family agent smooths communication and logistics so that even if Someone is texting fast; it doesn't get read incorrectly, and it doesn't demand your Attention.
In a calm future, agents amplify your capacity and your humanity.
They help you be more present.
As we imagine these broad futures, since we're futureproofing, I am always going to be asking Myself what problems may emerge.
No future is perfect.
So, what I'm going to take you through some questions about potential problems that could Emerge in the future.
Will digital employees have rights?
And whether or not they have or not, who will be responsible when they make mistakes?
If we have thousands of agents for work and life, how are we going to manage them?
We're, we don't wanna make.
Password managers required to manage agents, do we?
If we're managing work, home, and health, entertainment and relationships, Like, we want to be able to manage those in an easy way that doesn't take our attention Constantly.
What new attack surfaces or vulnerabilities Might agents introduce.
And on the flip side, how might agents help us defend things better?
If we create digital employees, what are the people doing that work today going to do Tomorrow?
And what roles will you need as you develop, Launch, and service agents?
How will you source the energy required to run 100,000s of agents for you and your Customers?
What might It looks like when governments, politicians, and the military inevitably adopt these AI agents?
How can we minimize the biases we unconsciously code into our systems because they Feel natural to us?
Can we address these problems today?
Do we want to address these problems today?
How can we address these problems today?
Well, I don't wanna just leave you with a bunch of problems.
So how can we solve them?
Future-proofing means knowing and then solving tomorrow's problems today.
And I wanted to give you a practical tool you could use for your own situations.
Has anyone used, does anyone remember the childhood game Mad Libs?
Anyone?
It's where you have a page of blanks.
You have to say these words, you fill in the blanks, and then it creates a funny scenario.
Well, I kind of took this idea and I put together this kind of future-proofing mad lib Style.
So we're gonna come up with a future date.
A product or technology, the results of that product or technology.
The problem that comes from that, and then we can brainstorm some futures, Some solutions today.
So here's kind of what the formula looks like.
In the year, Future date, the products or technology becomes widely adopted.
These are the results, which will be a future problem.
And today we can address that by the solution.
So what does this look like?
Here's an example.
For skyrocketing energy demand, In the year 2032, personal AI agents will become widely adopted.
This causes skyrocketing energy demand as every home runs hundreds of agents at once.
Today we can address this by investing in sustainable energy sources, Designing agents to optimize efficiency, And ensuring our systems don’t shift burden of energy onto the end users.
I want to be really clear, when we're talking about problems and the solutions, There's no blame here.
All of the technology that we have ever created through humanity solves problems we had in the Past, and many inevitably creates problems of the future.
This is not a bad thing.
This is what we do as humans.
We, we create new things.
I think what I would like to see is us having a Little bit more of a conscious thinking around the impact of our solutions in the future, Because I'd like to see a future that has net less problems, so we can go out and solve more problems.
So when I'm talking about.
Skyrocketing energy demand, it's really just a result of using technology in a certain way, And I don't want you to be thinking, I'm saying, that's a bad thing.
I want you to be thinking that, oh, that's an impact of the technology that we're doing.
And we can think about it now and do something about it, So someone in the future doesn't have to solve that problem.
Here's another example of uh futureproofing Madlibs.
This one I, I put in specifically with security.
So I have a set of security variables for Understanding and anticipating future security threats.
Um, one of them is the attack surface.
So in this case, I just picked Attack Surface, and I decided we're going to have an expanding Attack Surface.
So you could pick a different cyber security variable and whether it's expanding or Decreasing.
Here is the sentence, in the year, The future date, the technology becomes widely adopted, the attack surface expands to include The certain attack.
This causes certain future problems, which could be for your business, your Business customers, your end Users.
And then you can start brainstorming, how can we address this problem today by HM.
So let's look at another one.
The digital employee attack surface.
So in the year 2028, digital employees are widely adopted.
This causes the attack surface to expand to include digital employees targeted for a Variety of attacks, including instruction hacking to steal credentials and overwhelming Them with malicious requests.
That's a pretty legitimate concern, right?
So why don't we start addressing that problem today?
OK, how do we do that?
Today, we can address this by testing them against adversarial prompts and designing Systems to alert a human handler when an agent is acting outside its intended role.
Now one of the things I want, I also want to point out about this, This is a thought experiment exercise for you to kind of brainstorm a starting Point, but certainly as you start thinking about things this way and say you were To follow.
The solution exploration here, You're gonna be like, Oh wait, OK, so let's start by testing them against adversarial Prompts.
You might think, oh wait, that might lead to Another potential um type of attack that you could then start thinking about.
Because what I'd really like to see us do in security is get ahead of the ball, so we're Not constantly reacting to all the threats actors that are infinitely creative and Motivated.
OK, so, uh, if you want to use this Mad Libs template yourself, you can download it from the Ping Events, Uh, app.
Here's the QR code for it, and you can open the App and UM there should be a link to the documents, and it has the template on there.
And please feel free to also give me some feedback if you found this idea interesting.
OK, I want to leave you with one final thought.
I hope you leave today understanding that you do have control over the future.
And through your actions, you can make the future better than it is today.
I cannot tell you what you should do.
I can tell you the trends and the levers that you can push up or down, But you, everyone in this room is in a position in order to influence the future in a Positive way.
Before the end of this conference, I want to challenge you.
To pick one problem of the future, you can start solving today.
It doesn't have to be a huge big problem, it can be something that you have control over, that you can move the dial in your work to make the world more secure, More calm, more safe, more relaxed.
Because the best time to solve the problems of the future is not tomorrow.
It's now Thank you.

AI agents are here, bringing incredible potential, but also real risks.
These Autonomous digital helpers handle tasks and make decisions without direct human Intervention.
So, can we extend trust to them?
At Ping Identity, we know digital trust must be earned and verified, Especially for Artificial Intelligence.
An AI agent should never impersonate humans, and a human should never give one access.
Direct credentials.
That's why we're building a solution specifically for AI agents.
We help you identify and authorize only the right AI agents.
Each agent gets its own secure, traceable, and policy-based identity.
We ensure they have just the access they need, only when they need it, With clear boundaries and expiration timers.
It's about empowering your AI while keeping you In control.
For critical tasks, human approval is essential.
Human in the loop authorization leverages built-in workflows to reduce risk, Ensure compliance, and provide trusted human oversight.
We also go beyond basic Good Bot, Bad Bot filtering.
We analyze intent and behavior to weed out legitimate AI agents from those with bad Intentions.
Ping Identity simplifies eugenic AI management.
With automated setup, tailored access, and easy deactivation, with continuous monitoring and Detailed audits, we keep your AI agents functioning as intended and your organization Secure.
Ping Identity empowers you to embrace the power of AI agents without constant worry, and gives you the clarity and control you need.
So your agents act with purpose and accountability, not risk.

Today's digital world requires that we elevate experience and security together without Compromising on either.
With customer identity and access management from Ping Identity, You can have both.
Many businesses face challenges with customer abandonment at sign-up and frustration during Login, while the business struggles with fraud and privacy compliance.
So when first impressions matter most, Ping Identity's progressive profiling reimagines the Registration process by asking for only the necessary information first and collecting Additional data over time.
Once a customer is registered, Ping Identity makes authentication easy with biometrics, Passkeys, or social logins.
Plus, your customers can gain frictionless access to multiple services or shop freely across your brand umbrella without having to create a separate profile or sign into a Different portal.
And all can rest assured that the personal Information and financial details.
Details shared during the transaction process are secured and protected by Ping Identity's Fraud prevention and risk monitoring solutions.
The Ping Identity platform uses AI-driven fraud detection that detects bots, Deep fakes and anomalies in real time to verify every digital moment.
Meanwhile, our adaptive risk-based authentication challenges those access attempts That tip the truck.
Threshold.
This reduces MFA fatigue while maximizing the customer experience for those with familiar Patterns of use.
Even better, decentralized Identity reduces risk by storing minimal personal identity Information to verify users.
And when it comes to compliance, Our consent management gives customers full control over their data and who has access to It.
Ultimately, when it comes to extraordinary Digital experiences, leading organizations and global enterprises trust Ping Identity.
So take the next step.
Connect with our team today to see how our World-class SIA solutions can transform your organization.

Honestly, we want to trust our coworkers, the voices on our calls, the faces in our meetings, but what happens when that trust can be manufactured?
In a world of deep fakes and hiring fraud, we can't rely on what we see or hear.
Digital trust must be earned and verified.
That's why Ping Identity is reimagining workforce identity around a simple principle, Verified trust, because when your people, systems, and data are constantly under attack, Identity can't be an afterthought.
It must be the foundation of your security, and the engine of your productivity.
By verifying new hires with a deepfake resistance selfie and government ID scan, You establish trust before granting access to sensitive systems.
Ping's workforce identity solutions are purpose built to secure every moment of the employee Journey from onboarding to Help Desk to access needs.
Ping makes it easy to verify identities without slowing anyone down, So your team stays productive, your system stays protected, and your business stays agile.
Ping Identity, verify trust for a more secure workforce.

Managing identities across third-party B2B relationships isn't just important, It's essential for the growth of your business.
Whether you're working with suppliers, Distributors, contractors, third parties, or business customers, Seamless and secure access is key to driving productivity, collaboration, and revenue.
Yet, the volume, complexity, and diverse access Needs of B2B Identity Partnerships often overwhelm identity systems, Leading to frustration with siloed identities, slow onboarding, and inefficient processes.
That's where Ping Identity comes in.
Ping Identity's B2B Identity solution helps you securely manage third-party access, Allowing your organization to scale quickly and efficiently.
With the Ping Identity platform's organization modeling, you can structure and organize Third-party partnerships to fit your business needs, giving you granular control over access Rights for.
Each partner or vendor.
Delegated administration empowers partners to manage their own users and permissions, While you maintain oversight and security, ensuring you can scale efficiently as your Relationship grows.
And because the Ping Identity platform Integrates seamlessly with your partners and applications; you can reduce onboarding times From months to just weeks or days.
With features like customized branding, Relationship management, and personalized login, you can deliver.
Tailored experiences that reduce fraud, build trust and boost conversions, All without compromising security.
Ping Identity protects against security risks.
Like unauthorized access or data breaches, while ensuring regulatory compliance.
All through one powerful platform.
With the Ping Identity platform, you're not just managing B2B Identity access, You're creating secure, efficient, and scalable relationships that fuel business growth.

This is our largest universe ever.
Look, this is a new world.
The number of agents about to hit the infrastructure may expose data to people It shouldn't expose it to, how are we going to rein this in?
When it comes to Identity, there's much more, more attacks, More complexity, more vendors, and you know, Identity is becoming really essential, More essential than ever.