PayPal is reimagining how access works for its workforce across infrastructure and applications using Zero Trust Architecture. However, as enterprises begin deploying autonomous AI agents and MCP servers, new identity and access governance challenges are emerging, challenges that existing frameworks were not designed to address.

In this session, Patrick Abreo, Director of Access Management and Network Security at PayPal, will share PayPal's experience implementing Zero Trust Architecture with identity, device, and network assurance for human users, while also exploring the critical challenges and gaps that must be addressed to extend these principles to non-human identities in the agentic AI era.

You will learn:

• How PayPal built an identity-first access for workforce users by combining decentralized identity for identity claiming, phishing-resistant MFA for authentication and authorization, device identity assurance using certificates, and enhanced network-level security with ZTNA.
• From real-world lessons that implemented just-in-time privileged access with zero standing privileges for humans.
• About emerging challenges related to AI, identity and access governance, credential management, least privilege access, observability, and the need for human-in-the-loop oversight.