Identity Is The Battleground
Cisco, Friday, March 20th, 2026
In Part 1 of this series, we reached three conclusions: The battlefield has shifted to cloud-native, container-aware, AI-accelerated offensive tools - VoidLink being the most advanced example - specifically engineered for the Kubernetes environments; most security organizations are functionally blind to this environment; and closing that gap requires runtime security at the kernel leve
But we left one critical thread underdeveloped: identity.
We called identity 'the connective tissue' between runtime detection and operational response. Identity is becoming the control plane for security, the layer that determines whether an alert is actionable, whether a workload is authorized, and whether your organization can answer the most basic forensic question after an incident: Who did this, and what could they reach?