An industry report on identity, trust, and security in the agentic economy Executive Summary The first half of 2026 has been the most consequential period for agent identity since autonomous AI systems entered production. Five major identity frameworks shipped at RSAC 2026. Every major cloud provider — Microsoft, Google, and Okta — now models AI agents as first-class identity principals. Card networks entered the space with payment-scoped agent verification. A formal standards effort (MCP-I) landed at the Decentralized Identity Foundation. And yet the security crisis has deepened, not receded. Multiple critical CVEs hit MCP implementations in early 2026, including CVSS 9+ vulnerabilities in AWS and Azure's own servers. A critical CVSS 9.8 exploit targeting nginx-ui's MCP integration appeared in March 2026 under active exploitation. OX Security demonstrated that MCP's STDIO transport enables remote code execution by design , a finding Anthropic declined to fix.…