IAM expertise, case studies, and AI governance thinking

Abstract Agentic AI systems introduce an identity problem that traditional infrastructure was not designed to fully solve. When a software agent acts autonomously, querying APIs, invoking tools, calling services, or coordinating with other agents — the identity question is not only: “What workload is making this request?” The more important question becomes: “Which human authorised this action, through which agent, for what purpose, with what scope, and can that be proven at

Abstract In regulated environments, identity systems must meet strict audit, compliance, and governance requirements. Default operational models are often insufficient, particularly when configuration changes are not traceable or reproducible. In Keycloak deployments, achieving compliance requires shifting from manual administration to an API-driven, pipeline-controlled model. This article explores how configuration management, audit pipelines, and access controls can be desi

Primary Audience: Platform Engineers building identity infrastructure, Security architects designing authentication systems, Teams operating large-scale SaaS or financial systems. CNCF Alignment: Kubernetes, HA, Multi-RegionAbstract At scale, identity systems are defined by how sessions are managed, tokens are designed, and validation is performed. In large Keycloak deployments, these decisions directly impact performance, availability, and security. This article explores pra

Primary Audience: Platform Engineers CNCF Alignment: Kubernetes, HA, Multi-Region Abstract In regulated financial environments, identity systems must meet stringent availability and resilience requirements. While Keycloak offers flexibility and extensibility, it does not abstract the complexity of distributed system design. This article presents production-proven patterns for building highly available Keycloak deployments on Kubernetes, focusing on cache topology, multi-regio

The EU AI Act is not the only regulation your enterprise needs to think about. But it is the clearest signal that the governance gap most organisations have quietly tolerated is about to become a measurable compliance liability. This is not a policy problem. It is an architectural one. The Governance Gap Nobody Talks About Most enterprises deploying AI agents rely on the same access control infrastructure they have used for a decade. RBAC. ABAC. API gateways. Firewall rules.

Earlier this month, a security firm called CodeWall pointed an autonomous AI agent at McKinsey's internal AI platform, Lilli. No credentials. No insider knowledge. Just a domain name. Two hours later, the agent had full read and write access to the entire production database. 46.5 million chat messages. 728,000 confidential files. 57,000 user accounts. And — most critically — 95 system prompts that controlled how Lilli thought, responded, and behaved. All writable. Silently.

How One of the UK’s Largest Banks Fast-Tracked Their Ping Identity Deployment with the Midships Accelerator One of the UK’s largest banks—ranked among the top 25 globally with over 30 million customers—set out to deploy the Ping Identity platform on Google Cloud Platform (GCP). The bank required a production-grade deployment capable of meeting stringent enterprise standards across security, scalability, operational control, and multi-region resilience . Key requirements incl

Understanding Ping Product Support Status Ping Identity has formalised its product lifecycle — and for many organisations, the deadlines are approaching faster than expected. The new Support Status model finally gives clarity, but it also exposes a hidden risk: many enterprises are already running versions that are nearing End of Maintenance or End of Support. The shift to STS (Short-Term Support) and LTS (Long-Term Support) finally brings predictability to upgrade planning

Recently, one of our customers reported what looked like a Severity 4 issue. Most teams would log, schedule, and resolve it in due course. But at Midships, we saw something more significant. Our engineers recognized that, if left unchecked, this issue could escalate to a Severity 1 . Such an escalation can bring systems down or disrupt business-critical services. Instead of waiting for that to happen, we acted immediately. Acting Before the Problem Escalates We spun up our I