This talk chronicles Uber's ongoing journey to secure tens of millions of workloads using SPIRE. We'll explore our pioneering adoption of pre-1.0 SPIRE, detailing the strategic work needed to scale its use across our most critical systems. You'll learn about the unique challenges we faced integrating workload identity at both the L7 and L4 layers and how this foundational work paved the way for a truly secretless architecture. Finally, we’ll discuss how the flexibility of identity and access systems is critical for evolving security needs, especially with the rise of AI agents.
In a world where applications, services or AI agents are dynamically composed from thousands of ephemeral workloads running across heterogeneous environments the old approaches to identity no longer work. This talk presents a standards-based blueprint for a scaled workload identity infrastructure that explores the emerging standards shaping workload identity across the various organizations, with a focus on WIMSE, OAuth, and SPIFFE. We’ll examine how these frameworks address identity challenges in modern workload environments to provide strong authentication, least privilege access and automated deployment, whether your securing existing infrastructure or deploying the latest AI technologies.
You are building AI agents and are thinking about your universal identity strategy as you setup secure communication between agents deployed on AWS , on-premises and other cloud environments. In this session, you will learn about orchestrating SPIFFE identities for your AI agents, SPIFFE identity federation and trust across multiple trust domains and actual implementation gotchas. This session is useful for AI agent builders that are dealing with an agent swarm across multiple cloud providers.
For most teams and projects, authentication for machine identities has historically relied on long-lived secrets. These take as many forms and are implemented in a variety of ways. One trait all these credentials share is that they have a tendency to leak. This session will break down the findings from GitGuardian's 2025 State of Secrets Sprawl report, which looks at both public data from GitHub and, for the first time ever, trends seen in private repositories, communication platforms, and other services. We will go beyond just a look at the numbers and explore the findings as calls to action, giving the enterprise a roadmap to go from an organization overwhelmed with unmanaged, sprawling secrets to one with well-governed identities.
Discover how SPIFFE can anchor identity for agentic AI, and why bridging heterogeneous environments requires rethinking non-human identity and access management.
Open source and standards give us a blueprint, but they aren’t enough on their own. Organizations struggle with skills gaps, integration complexity, and the never-ending treadmill of secrets management. It's time to re-imagine workload and non-human identity with a platform that’s fast to deploy, simple to operate, and designed to eliminate secrets sprawl entirely. Join this session to learn how to solve real-world problems for customers today while setting them up to accelerate innovation tomorrow.
In the fast-paced world of automotive technology, security and efficiency are paramount. This presentation explores Ford's journey in adopting Workload Identity Federation (WIF) to eliminate the risks and operational burdens associated with long-lived credentials. We will provide a deep dive into how we leverage WIF to establish secure, short-lived authentication for a variety of critical services. This session will demonstrate the practical applications of WIF across our ecosystem, from CI/CD automation pipelines to our runtime applications. We will highlight the significant benefits realized through this modern approach to identity. By replacing static secrets with automated, temporary credentials, we have drastically reduced the risk of operational outages and fortified our security posture against potential breaches. This transition has not only enhanced our security but also reduced the stress on our operations teams by automating credential.
