Hello everyone. I'm Anmar Karu. I've worked in the identity and access management domain for more than 10 years. In that time, I've led programs in identity governance, privileged access, and cloud security. What I've learned from my experience is I am isn't just about passing audits, it's about building trust and enabling agility. With that being said, here is what I'm gonna cover. As part of this today's presentation, first I'll talk about the challenges in modern platforms, then how I'm gonna talk about how identities have evolved, how zero trust, automation and self-service can help. Finally, I'll share results and future trends. So you can see not just where I am today, but where it's going to be in the future. So let's start with the. Challenges. In, in the current state cloud platforms bring speed, but they also introduce new risks. All security models like VPNs and firewalls they don't work anymore. Developers won't kick access. Security teams want tight control and auditors want clear evidence. This often leads. A patchwork of tools that adds confusion instead of solving problems. So the question is, how do we keep things secure without slowing the business down? The answer is to make identity the heart of security, because as stated in Gartner's report, identity is the new security boundary Every login. Every a PA call, every device check is an access decision. Most breaches happen because of weak or unmanaged identities, strong IAM changes that. Automated access reviews remove manual work and stop audit issues. Vaulting protects admin accounts. Single sign-on makes life easier for users. That's the key difference between I am blocking progress and I am driving it to see why I am matters most or I am matters so much. Let's look at how it has changed over time. We have more through three phases. The first one being the traditional enterprise identity, where there is a centralized ad and VPNs then happen the cloud description where hundreds of microservices with their own rules. Now infrastructure as code, where access rules change as fast as the code itself. The result is a need for zero trust and a P first identity platforms. And with that shift zero trust IAM isn't optional, it's essential. Let's see what it looks like in Practice Zero Trust. I am. Let's talk about what is Zero Trust. It basically means every request is checked every single time. Some examples that I've listed as part of my presentation is contractors get temporary. Control access with MFA and just in time provisioning with an access request system. If an app is connected, access is granted right away. If not, a service is created automatically. So it's still tracked in multi-cloud environments. Identity platforms like IGA, PAM and so work together as one control plane. These use cases reduce risk. And make access predictable and controlled. Now let's look at the tools and the platform and the patterns that make them work. To deliver zero trust in practice, you need the right tools and patterns. Key results come from automated access reviews, pom pam vaulting and SSO integrations in some environments like Kubernetes. Teams use namespace isolation or automated policy validation. I focus more on I aim, but the principle is always the same and force least privilege and validate the access before it's granted. And once you have those patents in place, the next step is to make compliance continuous instead of one-off. In the past, compliance meant big review cycles and analyst spreadsheets. Now we can make it continuous by treating compliance like code, which means checklists built into workflows, automated reminders, reports that are audit auditory all the time. This doesn't just cut audit hours, it builds trust that compliance is always on. Not just checked once or twice a year, and automation like this doesn't just help with compliance. It improves everyday identity operations too. Here is what an identity automation can deliver. Zero audit flags, thanks to automated reviews, documentation improvements. And reports that are built, which would save hundreds of hours of time, identity intelligence, which would, you know generate the access recommendations for for the reviewers to make an effective access review decision before before an access is kept or revoked. With that being said, this is, we are at a phase where this is all data driven, accurate, efficient, and trusted and better. Im also makes life easier for developers because that it's clear that developers can't wait weeks for access. Self-service solves that. Think about service catalogs. Automated key management or simple web-based account creation. Developers move faster, security, stress and control, and tickets code on that Balance. Speed with safety empowers developers without compromising on the governance. Here is an industry case study that shows what it looks like in action. In healthcare, the challenge, the common challenge that we see is managing access of patient's data while staying by compliant. The solution used zero trust, automated provisioning and self-service patterns. The result provisioning time dropped from days to under 12 hours. Incidents went down and audit preparation got much faster. And whether it's healthcare, finance, or technology, the lesson is always the same. Automation plus zero trust equals faster and safer access. Now let's bring these results into one clear framework. Here is how I measure success security machines, zero audit flags. Operations means weaker testing, fewer poisoning errors. Compliance means the number of reports that were automated, which would I turn save hundreds of hours per each business cycle, and the business impact dozens of new applications that were onboarded without slowing the delivery. So I am isn't just about audits, it's about reducing errors, saving time, and enabling the faster delivery. And finally, let's look at where I am is going next. As we look ahead, in my experience, I'm noticing three big trends that stand out. The first one being the converged iam, which means identity governance platforms and privileged access platforms will no longer be separates. They'll unify into one platform giving a complete view of human and mission identities. The second one being automation first governance. Reviews. Evidence collection and policy checks will move from manual work to always on automat automation. And the third one being identity in ai. As AI becomes part of our daily operations, I a must evolve to govern both people and intelligent agents. That's where non-human identities comes into picture. Now, NHA governance is equally critical because there has been a lot of intelligent agents that have been spun up on a day-to-day basis. The end goal is, I am, that feels invisible, always working in the background, always enforcing trust and never slowing people down, and that's the real future of identity security, not as a barrier, but as an enabler. Once Gartner said, identity is a new perimeter. Perimeter and trust is a new currency. Thank you for your time today and after more than a decade in I am. I can say this with confidence, that identity is no longer just it plumbing. It's the foundation of secure and agile platforms. Thank you.