By Enterprise security stacks were designed to stop threats arriving from outside the organization. AI agents do not arrive from outside. They are provisioned internally, granted access through existing human credential frameworks, and operate continuously inside systems that have no mechanism to distinguish their behavior from a legitimate human user. The governance gap is structural, not configurational.
In this interview on TFiR, Miska Kaipiainen, Head of Product for Lens at Mirantis, walks through why the shift to internal AI agents represents a paradigm change in threat modeling and why current identity solutions are architecturally unprepared to govern this new class of actor.
Guest: Miska Kaipiainen, Head of Product, Lens at Mirantis
Show: TFiR
Here is what every platform engineer and security team needs to know.
Technical Deep Dive
Q: Why are existing enterprise security and identity systems not sufficient for managing AI agents?
Miska Kaipiainen, Head of Product for Lens at Mirantis, explains that traditional security architecture was built to defend against threats originating outside the organization. AI agents invert that model entirely. They are provisioned inside the organization’s systems from the start, which means the perimeter-based tools designed to stop external intrusion have no mechanism to monitor or govern them.
“For a very long time we have been used to protect against threats coming from outside to inside. Now we have been basically inviting the AI agents inside our organization.” — Miska Kaipiainen, Head of Product, Lens, Mirantis
Q: What is the specific credential risk when AI agents operate inside enterprise systems?
Kaipiainen identifies the core risk as implied credential usage. AI agents typically do not hold their own identity credentials. They operate on behalf of human users, inheriting those users’ access rights, which means their actions appear indistinguishable from legitimate human activity inside existing IAM and audit systems. The credential chain was designed for humans, not for autonomous software actors executing tasks continuously.
“The AI agents are using human credentials. They are working on behalf of humans, and it’s implied credentials. That’s a very problematic case.” — Miska Kaipiainen, Head of Product, Lens, Mirantis
Q: Why can’t organizations use existing identity solutions to identify and govern AI agent behavior?
Kaipiainen states that most organizations lack any identity or governance solution capable of identifying agents as a distinct class of actor, modeling AI-specific behavioral patterns, or separating agent activity from human activity in access logs or audit trails. This is not a configuration gap in existing tools. It reflects a fundamentally new category of identity that current platforms were never designed to govern.
“Not many organizations have a system or identity solution for how to identify agents, what the AI behaviors are, and how to distinguish those from the human actors using our systems.” — Miska Kaipiainen, Head of Product, Lens, Mirantis
Q: How does the shift to AI agents inside enterprise systems represent a security paradigm change?
Kaipiainen frames this as a structural paradigm shift in threat modeling. Security posture has historically been oriented outward, defending against adversaries trying to get in. AI agents are not adversaries, but they are inside, they carry access rights, and they generate behavior that existing tools cannot interpret or flag. Organizations now need to govern threats that emerge from actors they explicitly provisioned, not attackers they are trying to block.
“It’s a completely new set of identities that needs to be governed.” — Miska Kaipiainen, Head of Product, Lens, Mirantis
Resources & Documentation
- Mirantis, enterprise Kubernetes platform and cloud-native infrastructure provider
- Lens, Kubernetes IDE and platform engineering tool by Mirantis
***
👇 Click to Read Full Raw Transcript
Swapnil Bhartiya: Now, here’s the thing. Organizations like Mirantis, they already have cloud platforms, they already have security tools in place, they already have identity systems. Why those systems are not sufficient for managing AI agents? What is fundamentally different about this specific problem when you deal with AI agents versus traditional security entity management systems?
Miska Kaipiainen: Yeah, actually that’s a funny thing, because for a very long time we have been used to protect basically all kind of threats that are coming from the outside to inside to our organization. And now kind of it’s been almost like a paradigm shift. And now we have been basically inviting the AI agents inside to our organization. And it’s not anymore kind of defending the threats that are coming from outside, but actually the threats that the AI agents themselves cause by being inside the systems already. And often these AI agents are using the human credentials. So it’s not like that the AI has a credentials, they are working on behalf of humans, and it’s kind of implied credentials. And that’s a very problematic case because not many organizations have a system or identity solution that how do we identify agents and what are the AI behaviors and how do we distinguish those from the human actors that are using our systems? And it’s a completely kind of a new kind of set of identities that needs to be governed.
