In Episode S8E8 of the Brilliance Security Magazine Podcast, host Steven Bowcut sits down with Abhay Kulkarni, Co-founder and CEO of WideField Security, for a timely discussion about why identity has become one of the most important control planes in modern cybersecurity. Drawing on his experience at Netskope, Cisco, Webex, and now WideField Security, Abhay explains why enterprises must move beyond the idea that authentication alone is sufficient. In today’s cloud, SaaS, API-driven, and agentic AI environments, security teams need to understand not only who has access, but what those identities are actually doing after access is granted.
Summary
Abhay begins by explaining that identity has become the “linchpin” of cybersecurity because it cuts across endpoint, cloud, network, SaaS, and collaboration environments. During his time at Netskope, Cisco, and Webex, he repeatedly saw that identity was the thread connecting otherwise separate areas of enterprise security. He notes that once a session token or credential is stolen, “all bets are off,” making identity central to understanding security risk in cloud-first environments.
The conversation then turns to the concept of the identity lifecycle. Abhay explains that identity risk cannot be understood through a single tool category or acronym. After analyzing hundreds of documented breaches, WideField found that identity-based incidents often resemble a “whack-a-mole” problem, with different root causes appearing across different parts of the environment. Instead of thinking only in terms of IAM, PAM, ITDR, or governance, Abhay argues that organizations should think about identity the way they think about data: at rest, in motion, and in use.
A major theme of the episode is the limitation of traditional access controls. Abhay explains that IAM and single sign-on platforms are valuable, but they often miss local identities created directly inside cloud and SaaS platforms, non-human identities, connected apps, stale credentials, and unmanaged authentication paths. He emphasizes that enterprises may believe they have 100% MFA coverage, only to discover that certain identities or authentication flows escaped those policies.
Steven and Abhay also explore the post-authentication blind spot. Abhay argues that organizations cannot stop at the moment of login. A session may begin legitimately, but later deviate from normal behavior through parallel access, token theft, bulk downloads, suspicious device enrollment, new MFA enrollment, GitHub repo cloning, or other sensitive operations. WideField’s approach is to correlate identity signals from multiple systems, establish behavioral baselines, and monitor sessions over time rather than relying on static rules alone.
The episode also covers the difference between asking “who has access to what” and asking “who is accessing what.” Abhay explains that traditional access reviews are often periodic snapshots, but cloud, SaaS, API connections, delegated grants, assumed roles, and AI agents have made identity behavior much more dynamic. In his view, organizations need to evaluate access continuously and behaviorally, especially as AI agents begin acting on behalf of users across enterprise systems.
On deployment, Abhay describes WideField as an agentless, API-connected platform designed to use the telemetry enterprises already have. Rather than requiring another endpoint agent or network proxy, WideField connects to identity, cloud, SaaS, endpoint, and other enterprise systems to provide posture assessment, threat detection, and what Abhay calls an “identity state of the union” view of the environment.
The discussion closes with a forward-looking look at AI agents and non-human identities. Abhay says the agentic AI future is already here, whether organizations are ready or not. He warns that many enterprises may already have AI agents operating in production, sometimes embedded inside tools that appear to be simple chatbots. For security leaders, the challenge is to preserve the productivity benefits of AI while reducing non-deterministic behavior, limiting excessive permissions, monitoring agent activity, and preventing sensitive operations from being performed without proper guardrails.
About our Guest
Abhay Kulkarni is the Co-founder and CEO of WideField Security, a company focused on securing the full identity lifecycle across human identities, non-human identities, and AI agents. A technologist and cybersecurity executive with more than 20 years of experience, Abhay has helped build and scale SaaS, cloud, collaboration, and security platforms.
Before founding WideField Security, Abhay served as Senior Vice President and General Manager at Cisco, where he led the Webex App business and platform. Earlier in his career, he was an early executive and Vice President of Engineering at Netskope, where he helped pioneer the Secure Access Service Edge, or SASE, market. His work has consistently centered on high-scale performance, cloud security, identity-first architecture, and helping enterprises operate securely in a distributed digital environment.
Click the image below to listen to the podcast.
Steven Bowcut is the Editor-in-Chief of Brilliance Security Magazine and host of the Brilliance Security Magazine Podcast. Through the podcast, Steven interviews cybersecurity leaders, innovators, and practitioners about the technologies, strategies, and ideas shaping the future of security.
Additional Resources
Video Explainer
Infographic
