By providing structured access to applications, APIs, and data, MCP enables prompt-driven AI agents that can retrieve information, take action, and automate end-to-end business workflows across the enterprise. This is already showing up in production through horizontal assistants and custom vertical agents like Microsoft Copilot, ServiceNow, Zendesk bots, and Salesforce Agentforce.
In May 2019, graphic design platform Canva fell victim to a major cyber security breach in which a threat actor known as Gnosticplayers hacked its database and stole the personal data of over 100 million users, including their usernames, email addresses and bcrypt-hashed passwords. In the wake of this unfortunate incident, the Sydney, Australia-based company ploughed significant investment into cyber security measures, alongside which came a new engagement with credential management service 1Password.
Buried in that tidal wave was news of something called Entra Agent ID, the main idea of which is to use Microsoft Entra to govern AI agents in the same way that Entra currently governs human users; that is, to give each agent a unique, managed identity and apply familiar Entra identity controls such as conditional access, identity governance, and identity protection. Entra is Microsoft's cloud-based identity access management (IAM) solution.
At Ping Identity, we believe in making digital experiences both secure and seamless for all users, without compromise. We call this digital freedom. And it's not just something we provide our customers. It's something that inspires our company. People don't come here to join a culture that's built on digital freedom. They come to cultivate it. Our intelligent, cloud identity platform lets people shop, work, bank, and interact wherever and however they want. Without friction. Without fear.
Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns faster, and bring a level of scale that human analysts alone can't match. But realizing that potential depends on securing the systems that make it possible. Every organization experimenting with AI in security operations is, knowingly or not, expanding its attack surface.
Identity and access management (IAM) provider Descope has announced raising $35 million in a seed funding extension that brings the total raised by the company to $88 million. The cash infusion came from existing investors Cerca Partners, Dell Technologies Capital, Lightspeed Venture Partners, Notable Capital, Triventures, and Unusual Ventures. Founded in 2022, the Los Altos, California-based startup landed a large $53 million seed funding round in 2023, aiming to disrupt the customer identity and authentication market.
Mollema has studied Entra ID security in depth and published multiple studies about weaknesses in the system, which was formerly known as Azure Active Directory. But while preparing to present at the Black Hat security conference in Las Vegas in July, Mollema discovered two vulnerabilities that he realized could be used to gain global administrator privileges-essentially god mode-and compromise every Entra ID directory, or what is known as a "tenant."
