Non-human identity becomes a SASE vendor category
FierceTelecom · Diana Goovaerts · May 22, 2026 · source ↗
Diana Goovaerts at FierceTelecom reports on the way SASE vendors — Versa Networks, Cisco, Palo Alto Networks — are scrambling to bolt non-human-identity controls onto their platforms before agentic AI floods enterprise networks with workloads that look nothing like the human user classes the platforms were originally designed for. Versa’s Kevin Sheu cites a ratio of “80 to 1” non-human-to-human users today, “and my guess is that number will only go up further.” Gartner flagged in December that SASE platforms “were not built to secure” this new class; the World Economic Forum warned in October that “agentic AIs can spawn [non-human identities] in security blind spots that often receive broad, persistent access to sensitive data and systems without the safeguards typically applied to humans.”
The interesting move is at the M&A layer. Cisco is acquiring Astrix, which Futurum Group’s Fernando Montenegro describes as “wisely avoid[ing] broad, ambiguous AI security promises” and instead “focus[ing] strictly on the actual mechanisms of access: programmable tokens, API keys, and service accounts.” Palo Alto picked up Koi (agentic endpoint security) and Portkey (an AI gateway platform), pulling agentic identity into Prisma SASE. Versa is doing it organically — extending its existing zero-trust framework to the execution layer of its Verbo AI assistant first, with broader rollout to follow. The category is consolidating in real time, and the consolidation is happening on the actual primitives: tokens, keys, service accounts, MCP servers.
Worth noting that this is the network-perimeter take on a problem the standards-bodies crowd is working from a different angle. W3C verifiable credentials, DIDs for agents, the agent-identity threads moving through dispatch — those are aimed at agents themselves carrying provable identity claims wherever they go. The SASE answer is to keep the human-in-the-loop policy attached to the enterprise user, treat every agent action as something that has to check back, and let the customer configure how much delegation to allow. Sheu’s framing — “every time the AI tool or app wants to take an action, it checks with the user” — is the policy-knob solution. It does not scale to 80:1, and Sheu admits it, pointing at configurable delegation as the only way to make the math work. Whether the perimeter-side category or the decentralized-credential side ends up doing more of the load-bearing identity work for non-human actors is the open question. For now, the SASE vendors are buying the relevant companies; the standards bodies are writing the drafts.