Jie Wu
Jie is a Senior Security Engineer on the Infrastructure Security team at Shopify, where she focuses on security automation, IAM, threat detection, and compliance. Prior to joining Shopify, Jie worked on cyber defense initiatives and vulnerability management at Bank of America. Outside of work, Jie enjoys running, hiking, and tackling CTF challenges for fun.
Session
Pull up Cloud Audit Logs for any interesting event in your GCP environment. Look at the principalEmail field. Increasingly, it's not a person. It's a service account attached to a CI/CD pipeline, a workload identity assumed by an orchestrator, or a token obtained by an AI agent. The "who" is synthetic. The "why" is buried in automation logic no one can reconstruct.
Every layer of cloud security was built assuming a human is ultimately accountable. That assumption is breaking. When a shared service account is compromised, the audit log tells you what credential did it, not which of 40+ pipelines triggered it or why. Your access reviews are rubber-stamped because no one can explain what machine identities they didn't create are supposed to do. And it's getting worse: agentic workflows whose required permissions change with every prompt make least privilege a moving target and access review a formality.
This talk covers how non-human identity sprawl erodes accountability and what to build in its place: structured metadata that makes every machine identity traceable to its origin, owner, and purpose, and an intent logging layer that captures why an action was taken, not just what happened and who did it. The talk closes with the hardest question for the room: when a single agent can initiate, approve, and execute a change, what does separation of duties even mean?