Badge Is Building The Trust Layer Your Agents Have Been Waiting For
This article is a continuation of the discussion I had with the Badge team at RSAC 2025 which led to a follow-up discussion at RSAC 2026 in San Francisco. That article can be found here. In this article, we examine how Badge is solving one of enterprise security’s oldest problems — establishing portable, cryptographic trust across humans, machines, and AI agents — without storing a single shared secret.
If you wander the RSA Conference show floor long enough, you start to hear the same refrains on loop. Everyone promises zero trust, AI, and “reimagined identity.” Very few can explain, in concrete cryptographic terms, how any of that actually works when you drop it into a messy enterprise that has lived through a decade of mergers, half-migrated directories, and a graveyard of stored credentials.
Then you sit down with Dan Kaufman and the Badge team, and the conversation snaps into focus.
Radiant Logic did exactly that. As Dan tells it, they came to Badge with an almost sheepish confession: their customers were pounding on the door asking for something Radiant Logic did not have.
“Radiant Logic came to us and said, verbatim, ‘Hey, we’re getting all these [customers] with all this incoming data, and we have all these logos… all these logos are coming in asking exactly for that, and we see that you’re working with other people. Why not us?’ We said, ‘We were not purposely not working with you. We didn’t know that’s what you wanted and what the opportunity was.’”
Once they compared notes, the path forward was straightforward: OEM the Badge capabilities into Radiant Logic’s identity fabric so customers can buy the value as a native capability instead of a bolt-on.
“We worked with them for a bit, integrated the product, got it all in so they can just go and sell it. And now we’re announcing that we have a partnership .”
For CISOs, that pairing is interesting because of what each side brings to the table. Radiant Logic already sits at the center of complex identity fabrics in some of the largest enterprises in the world. Badge plugs in not as yet another identity silo, but as what Dan describes as a cryptographic backbone.
Dr. Tina Srivastava, co-founder of Badge Inc. put it succinctly:
“It’s sort of starting to position Badge, at least in the market, as this kind of trusted backplane where the question is asked, ‘Is that backed by Badge?’”
If you strip away the marketing gloss, that is exactly the kind of question CISOs want their architects asking: what is the root of trust behind this identity decision, and can I reuse it everywhere, for humans, machines, and now agentic AI.
Agentic AI Needs A Badge, Too
Badge started with human identity because it is the easiest place for the industry to understand biometrics and risk-based authentication. But the team is very clear that the same cryptographic plumbing applies to AI agents.
“You wrote [last year] really clearly how Badge allows you to derive a key on the fly from any factors, whether that’s human biometric, device signals, hardware, machines. And so what we’re able to do is also have your agentic AI covered, right? So why is it called agentic AI? It’s because you’re giving it agency to act on your behalf. And so if you have a cryptographic key, now you can have delegated, scoped credentials for your agentic AI agents to act on your behalf.”
Think about what most vendors are actually selling under the banner of “AI assistants” today. At best, you get a smart macro wired to an API token that can do a handful of tasks. At worst, you get a glorified chatbot with access it should never have had in the first place.
Badge is trying to force the conversation into more adult territory. If an agent is going to act on behalf of a human, it needs what a human has in any serious security program:
- A cryptographically strong identifier tied back to a root of trust
- Delegated, scoped credentials that define what it can and cannot do
- A way for relying parties to verify the agent was actually authorized for this action
Dan paints a vivid example from healthcare that will make any privacy-minded CISO wince, mostly because it is so plausible. You are furious with your current insurer and instruct your agent to move your records and coverage somewhere else.
“It’s a perfect thing for agentic AI to do, because you’d be like, ‘Oh, please just go handle that. Move me from insurance company to insurance company.’ Okay, now what happens? Here’s the problem…”
He then lays out three gaps that will resonate with anyone who has lived through an AI proof of concept that quietly turned into a risk register entry:
- “How does the relying party know this agent is actually acting for you, not just holding a pile of your data?”
- “How do relying parties differentiate between multiple agents tied to the same person, each intended for different scopes, like medical vs shopping vs travel?”
- “Even if identity and intent are clear, how do you ensure the agent operates inside a strict scope and is not quietly spraying data to third parties?”
“If you don’t have this trust layer that’s sitting inside, it’s going to be hard. Right now it’s wild west. Everyone’s racing, it’s free, but when we get into it, you can think about a million examples.”
The punchline is simple:
“Everything that applied to the human identity, this exact same technology, it’s already built, already done, applies in this [agentic] world as well. We always say, ‘How do you prove you’re you?’ With an agent, it is exactly the same thing. How do I prove that the agent is right?”
For an industry that loves to chase shiny models and “AI-native” platforms, this is a refreshingly grounded position. Badge is not trying to be the best foundational model or the flashiest AI co-pilot.
They are dedicated to ensuring that you can trust any agent you deploy, regardless of whose model is being used.
When it comes to identity management, many vendors talk about roadmaps and phased consolidation after a merger. However, Badge focuses on real cryptography and practical solutions. In industries like healthcare, where consolidation is common, accessing disparate networks and systems can be a challenge. Radiant Logic’s identity fabric combined with Badge’s authentication capabilities provide a seamless way to authenticate across different domains without the need to synchronize directories or share passwords.
By using cryptographically derived X.509 certificates, Badge enables seamless single sign-on across untrusted domains. This eliminates the need for trust relationships between domains and avoids the duplication of directories. Instead of a lengthy and complex process, Badge and Radiant Logic allow policies to dictate access rights, generating the appropriate certificate for users to access resources without delay.
The traditional approach to M&A integration involves years of projects and migrations, causing unnecessary pain and complexity. Badge and Radiant Logic offer a more efficient solution, enabling quick and seamless access to resources without the need for duplicated directories or trust relationships.
By removing stored secrets and deriving credentials cryptographically, CISOs are realizing that old constraints no longer apply. This approach unlocks new capabilities and solves long-standing challenges in cross-domain SSO.
Badge aims to provide a platform-based solution rather than relying on professional services, avoiding the need for costly integration projects. By integrating their capabilities into core products, Badge can offer value to customers without competing with existing platforms.
In the ecosystem of identity management, partners like Radiant Logic, CyberArk, and Thales play a crucial role in providing a comprehensive solution for organizations. By integrating into core products and offering capabilities that enhance security and access control, Badge aims to help companies succeed in their M&A activities and beyond.
Partnerships with CyberArk, Thales, and Radiant Logic
One crucial aspect of the partnerships with CyberArk, Thales, and Radiant Logic is their authorization capabilities, which rely heavily on a strong cryptographic foundation, according to Kaufman.
The key realization for these partners is that Badge provides the necessary cryptographic groundwork for asserting authorization for a cryptographically verified agent. This ensures that the credentials are limited to specific actions based on the user’s preferences.
Badge takes pride in being the underlying infrastructure as long as it remains ubiquitous in its application.
When asked about the number of products Badge offers, the response is straightforward: they have just one solution.
This singular solution is a trust layer founded on robust cryptography, devoid of stored secrets, and capable of generating credentials on demand for individuals, devices, and agents.
It is a positive development when this core message resonates with the audience.
Receiving the AI award at RSAC was a significant milestone for Badge, indicating that their core message is gaining traction. The emphasis on trust as a foundational element is crucial. While the focus has been on human identity for ease of understanding, trust is universal, whether for machine or human identities, governed by the same cryptographic principles.
The Strategic Move for CISOs
For CISOs observing the rise of agentic AI on top of an already vulnerable identity framework, Badge does not claim to offer a magical “AI solved” solution. Instead, their approach is more fundamental:
- Eliminating stored secrets in favor of derived cryptographic keys
- Establishing a consistent root of trust for humans, machines, and agents
- Tackling challenging scenarios like M&A integration and cross-domain SSO effectively
- Integrating seamlessly with existing platforms without necessitating a complete overhaul
The clear directive here is to pause before embarking on another AI agent pilot or extensive directory migration and ask critical questions.
What underpins the trust in this interaction? Can the agent’s identity be unequivocally verified? Is the scope of its actions enforced through cryptographic measures rather than internal documentation?
If these questions cannot be answered definitively, exploring the solutions offered by Badge and its partners is advisable. Start by addressing critical pain points such as healthcare data access, M&A integration, or AI initiatives prompting legal concerns. Assess whether a derived-key approach can deliver more efficient and trustworthy outcomes compared to traditional directory synchronization methods.
Identity management complexities persist, and stakeholders demand expedited solutions. A reusable cryptographic trust layer is no longer a luxury but a necessity.
Badge’s strategy revolves around seamlessly embedding this trust layer within trusted tools, with the aim of facilitating the fulfillment of AI promises across the ecosystem.
Author’s Note: The author engaged in an insightful discussion with “DARPA” Dan Kaufman, Dr. Tina Srivastava, and the Badge Team at the 2026 RSAC Conference in San Francisco, held from March 23rd to 25th, 2026, for an exclusive Innovators Spotlight interview for Cyber Defense Magazine.
For further details, please visit www.badgeinc.com.
Pete Green serves as the CISO / CTO at Anvil Works, a ProCloud SaaS company, and is a co-author of “The vCISO Playbook: How Virtual CISOs Deliver Enterprise-Grade Cybersecurity to Small and Medium Businesses (SMBs)”. With a wealth of experience exceeding 25 years in IT and cybersecurity, Pete boasts a rich background in security practices.
His diverse career spans various technical and leadership roles, including LAN/WLAN Engineer, Threat Analyst, Security Project Manager, Security Architect, Cloud Security Architect, Principal Security Consultant, Director of IT, CTO, CEO, Virtual CISO, and CISO.
Pete has provided support to clients across diverse sectors such as government, financial services, healthcare, food services, manufacturing, technology, transportation, and hospitality.
He holds a Master of Computer Information Systems in Information Security from Boston University, which is recognized as a National Center of Academic Excellence in Information Assurance / Cyber Defense (CAE IA/CD) by the NSA and DHS. Additionally, he possesses a Master of Business Administration in Informatics.
Transform the following:
Original: She is a talented singer.
Transformation: A talented singer is she.
