Loading shared hub data…

AgenticAI Incubation Hub

Thales CSP / IAM · Agent Trust Framework · Internal Use Only


Last updated · v1.0
Thales  |  Cybersecurity

Project Overview

Thales AgenticAI Incubation · Q2 2026 snapshot

Q2 2026 Incubation Goals

🎯
Customer Commitments3 workshop commitments from strategic accounts; 1 pilot started by end of Q2
🏟️
EIC Berlin — May 12Live Agent Trust Framework demo + PlainID co-demo; strategic client briefings on-site
🏟️
Identiverse — June 2Immersive AgenticAI demos for US market; Badge Inc integration live
📐
Standards CoverageSPIFFE/SVID, CAEP, AuthZEN, OAuth 2.1 — track progress in Product & Capabilities tab
🔬
Incubation FocusAgent Trust Framework maturity + partner integrations (PlainID, Badge Inc, Thales CSP)

Key Milestones

Strategic Partners

Integration Status
🔗 PlainID
MCP discovery, agent authorization & guardrails, AuthZEN integration
In Progress (55%)
🪪 Badge Inc
Device-bound credentials, passkey/hardware-bound agent identity
In Progress (45%)
🔐 Thales HSM / CSP
Luna HSM key anchoring, CipherTrust RAG security, AI Firewall (Beta)
Advanced (68%)

🚀 Our Platform

Agent Identity Platform — product progress, release phases, and partner integrations · Source: A.D.A. v5.3

Open A.D.A. ↗

📋 Product Release Notes

Latest updates from A.D.A. — synced June 2026
JUNE 2026 A.D.A. v5.3 — Release 1 scope confirmed
Agent Registry added to Release 1 — now ships alongside Trusted Agent Access + FGA for AI Data & MCP. Three capabilities together because enterprises need all three at once: a known owner for every agent (Registry), safe delegation (Trusted Access), and right-sized data/tool access (FGA).
Trusted Agent Workforce confirmed as leading candidate for next release — actively planned alongside Release 1.
6 Strategic Horizons defined: Trusted Agent Payments (Thales PAY), Trusted Physical Agents (Thales MCS), Trusted Agent Federation, Trusted Agent Compliance, Trusted Agent Identity Wallet, Trusted External Agent Access.
Agentic Gateway + Agent Discovery added to AI Security Fabric as new enforcement components.
Domain renamed: "Access Control" → "Runtime Protection" (aligned with A.D.A. naming).
New principle: Quantum-Safe by Design added as 5th foundational principle.
APRIL 2026 Incubation Hub launched · AI Security Fabric GA
Hub goes live for incubation team. CipherTrust RAG Security confirmed GA — use as commercial beachhead. AI Firewall (Imperva) enters Beta. PlainID MCP integration at 55%. Badge Inc at 45%.
Agent Identity Platform · Thales CSP
Giving every AI agent a verifiable identity, a scoped delegation,
and an auditable record of every action taken on your behalf.
Release 1 — Shipping Agent Registry + Trusted Agent Access + FGA for AI Data & MCP
Next — Leading Candidate Trusted Agent Workforce · actively planned alongside Release 1
6 Horizons Payments · Physical · Federation · Compliance · Wallet · External Access
🪪
Identity Lifecycle
Discovery · Registry · Credential Management
🔐
Runtime Protection
IBAC · Power of Attorney · FGA for RAG & MCP
📡
Behavior Monitoring
Anomaly Detection · Automated Response
⚖️
Governance
ISPM · Audit Trails · EU AI Act Compliance

Partner Integrations

Feeding the platform · Integration progress
🔗 PlainID
FGA for AI Data & MCP · AuthZEN · PBAC
In Progress55%
Ships with Release 1 — FGA engine for MCP tool access and RAG data governance.
🪪 Badge Inc
Device-bound credentials · Hardware-anchored agent identity
In Progress45%
Passkey-anchored agent credentials — cryptographic PoA rooted in hardware.
🔒 Thales CSP
CipherTrust RAG · AI Firewall · Luna HSM anchor
Advanced68%
RAG Security GA today. AI Firewall Beta. Luna HSM for key anchoring and mTLS.
💳 Thales PAY
Trusted Agent Payments · Payment-grade trust · FAPI 2.0
Horizon H15%
Strategic horizon — payment-grade trust for agentic commerce. CIBA + FAPI 2.0 for high-value agent-initiated transactions.
🤖 Thales MCS
Trusted Physical Agents · Autonomous vehicles · Drones
Horizon H25%
Strategic horizon — hardware-rooted identity for autonomous vehicles, robots, and drones.

Full Capability Register

All capabilities across domains · edit/add below
Capability Domain Phase Maturity Owner Standards Notes

🎯 Market Position

Where Thales wins, where we must close gaps, and what to say in every customer conversation

Our Position
Thales is the only vendor combining Application Security (Imperva), Data Security (CipherTrust), and Identity Security (OneWelcome) natively at enterprise scale — and the EU-sovereign answer for regulated industries deploying agentic AI.
🛡 Our Moat
Three-pillar convergence + EU sovereignty + regulated-industry trust depth. No startup can replicate this in 2 years.
⚡ Gap to Close
Standards speed: DPoP, OBO Token Exchange, FAPI 2.0 certification. Competitors already certified. Ship Release 1 first.
🎯 Lead With
CipherTrust RAG Security is GA today — use it to open every door. ATF + MCP Gateway is the upsell. EU sovereignty closes it.

Capability Heatmap

1 = Early  ·  3 = Competitive  ·  5 = Leader
Leader (5) Strong (4) Competitive (3) Gap (2) Missing (1)
Sources: Public product pages, Gartner 2026 Market Guide for Guardian Agents, EIC 2026 session submissions. Updated May 2026.

Competitive Radar

Overall market position

Competitor Profiles & Talk Tracks

What they lead with · how we counter · when we win
Okta / Auth0
XAA · Agent-to-App Delegation · FGA
Biggest Threat
They lead with
XAA (Cross-App Access) — GA product for agent-to-app delegation with FAPI 2.0 certification, RAR for fine-grained permissions, CIBA for human-in-loop approval. Largest enterprise IAM install base. Strong standards authorship (XAA, ID-JAG in MCP spec).
Our answer
Okta does identity only. When the customer asks "what about our data in RAG pipelines?" or "what about protecting the AI application layer?" — Okta has no answer. We have CipherTrust + Imperva. Add EU sovereignty for any EMEA enterprise: Okta is US-based, US-governed cloud.
Win when: Customer is in finance, healthcare, or public sector in EU · Customer has existing CipherTrust / Imperva deployment · Customer asks about data sovereignty or EU AI Act compliance
Ping Identity / ForgeRock
Agent Gateway · WIMSE · FAPI 2.0
Strong Competitor
They lead with
Agent Gateway — MCP security gateway GA, FAPI 2.0 certified, WIMSE IETF co-author. Strong in financial services. ForgeRock enterprise install base in EMEA. Acquired by Thoma Bravo — aggressive GTM investment.
Our answer
Ping / ForgeRock = identity only. Same gap as Okta: no data security, no application security layer. In the EMEA regulated market, EU sovereignty is the closing argument — Ping/ForgeRock are US-owned. Thales is French, government-grade sovereignty.
Win when: Financial services customer needs FAPI + EU sovereignty combo · Customer already runs CipherTrust alongside IAM · Sovereignty is a legal/board requirement, not just preference
Transmit Security
AI-native CIAM · Fraud Prevention · Agentic CIAM
Niche Threat (CIAM)
They lead with
AI-native CIAM with fraud risk scoring, anomaly detection, and passwordless at consumer scale. Positioning toward "agentic CIAM" — when AI agents act for consumers. Fast-moving, well-funded startup (US-Israeli). Strong in B2C identity and fraud.
Our answer
No enterprise IAM. No data security. No AppSec. Transmit wins in consumer-facing CIAM — they are not competing for enterprise agent governance. Thales is the enterprise/regulated play. If a customer is asking about enterprise workforce IAM + agent governance, Transmit is not in the room.
Win when: Enterprise workforce IAM (not CIAM) is the requirement · Regulated industry compliance is the driver · Integration with existing Thales CSP stack matters
NHI Startups (Token, Astrix, CyberArk NHI)
Shadow AI discovery · Secrets management · NHI governance
Watch List
They lead with
Native agent/NHI discovery — finding shadow AI agents across cloud environments, rotating secrets, lifecycle governance for service accounts and API keys. Agent-native from day 1. Simpler deployment, faster to POC.
Our answer
Discovery without trust is incomplete. Finding an agent is step 1. The value is what you do after: cryptographic delegation (PoA), FGA for data access, CAEP for real-time revocation, compliance audit trail. Thales delivers the full governance layer — not just inventory. Also: Thales has regulated-industry relationships they cannot access.
Win when: Customer needs full lifecycle governance, not just discovery · Compliance / audit trail requirement is explicit · Consider partnership rather than competition for discovery layer

Standards Coverage — Full OpenID Foundation Landscape

📄 OIDF Whitepaper
Source: OIDF "Identity Management for Agentic AI" (Oct 2025) — AI Identity Management Community Group. 14 standards identified across Authentication, Authorization, Delegation, Lifecycle, and Signals categories.
StandardBodyCategoryWhat it does for AI AgentsStatusThales / ATFPlainIDAuth0 / OktaPing / ForgeRock
🔐 Foundation — Authentication & Token Security
OAuth 2.1IETFAuth Core framework for agent authorization. Mandates PKCE, removes implicit flow, tightens security for public clients (agents can't store secrets). RFC / Final FoundationNativeNativeNative
PKCEIETF RFC 7636Auth Proof Key for Code Exchange — secures agent authorization flows without relying on static secrets. Mandatory in OAuth 2.1. RFC / Final SupportedNativeNativeNative
DPoPIETF RFC 9449Auth Demonstration of Proof-of-Possession — cryptographically binds tokens to agent keys, prevents token replay attacks across agent chains. RFC / Final PlanningSupportedSupported ✓Supported ✓
mTLSIETF RFC 8705Auth Mutual TLS client authentication — sender-constrains access tokens to specific agent workloads. Thales Luna HSM is a natural hardware anchor here. RFC / Final Via Luna HSM ★PartialSupported ✓Supported ✓
FAPI 2.0OpenID FoundationAuth Financial-grade API security profile — mandates DPoP/mTLS sender-constrained tokens, strong client auth, strict consent logging. Certified by Auth0 (Q2 2025) and Ping. Critical for JPMC, BPCE, Visa. Final Spec Planning ⚠️PartialCertified Q2 '25 ✓Certified ✓
SPIFFE / SVIDCNCFWorkload ID Cryptographic workload identity for services and agents. Assigns verifiable identities (SVIDs) to agent processes regardless of where they run. Final Spec In Progress (30%)PartialPartialSupported
🔗 Delegation — On-Behalf-Of & Scoped Access
OAuth Token ExchangeIETF RFC 8693Delegation On-Behalf-Of (OBO) delegation — an agent trades a user token for a narrower, short-lived token scoped to a specific task. Auth0 and Ping both document this as a core agent auth pattern. Essential for multi-step agent chains with auditable delegation. RFC / Final Planning ⚠️NativeGA ✓Supported ✓
RARIETF RFC 9396Delegation Rich Authorization Requests — agents express fine-grained, business-language permission requests (e.g. "read invoice #123"). Replaces coarse OAuth scopes. Auth0 GA includes RAR for fine-grained agent permissions. RFC / Final Planning ⚠️In ProgressGA ✓Supported ✓
CIBAOpenID FoundationDelegation Client-Initiated Backchannel Authentication — enables out-of-band human approval for high-risk agent actions. Agent acts asynchronously, human confirms via push/poll. Auth0 shipped CIBA as GA with explicit focus on AI agent async approval flows. Final Spec PlanningPartialGA ✓ (AI focus)Supported ✓
⚖️ Authorization — Policy & Decision
AuthZENOpenID FoundationAuthZ Standardized API between Policy Enforcement Point (PEP) and Policy Decision Point (PDP). PlainID implements this natively — enables pluggable authorization for any agent. Final Spec Planning (25%)NativeIn ProgressSupported
📡 Signals — Continuous Access & Event Propagation
SSF / SETOpenID FoundationSignals Shared Signals Framework / Security Event Tokens — real-time propagation of security events across systems. Parent framework for CAEP. Final Spec PlanningPartialSupportedSupported
CAEPOpenID FoundationSignals Continuous Access Evaluation Profile — propagates revocations and risk events in near-real-time so agents lose access the moment conditions change. Built on SSF. Final Spec Planning (20%)In ProgressSupportedSupported
🌐 Federation & Lifecycle
OpenID FederationOpenID FoundationFederation Cross-domain agent identity governance — registration, discovery, and lifecycle management for agents operating across organizational boundaries. Final Spec PlanningPartialSupportedSupported
IPSIEOpenID FoundationLifecycle Interoperability Profiling for Secure Identity in the Enterprise — enterprise identity interop profile covering provisioning, session termination, and reliable lifecycle for agents. Draft TrackingTrackingIn ProgressIn Progress
SCIM 2.0 (+ Agent extensions)IETF RFC 7643/7644Lifecycle System for Cross-domain Identity Management — OIDF recommends SCIM extensions for automated agent lifecycle: provisioning, deprovisioning, attribute synchronization. Extensions: Draft PartialPartialSupportedSupported
🔬 Emerging — Proposed, Proprietary & Under Development
WIMSEIETF (Ping co-author)Workload ID Workload Identity in Multi-System Environments — IETF draft combining SPIFFE + OAuth 2.0 for authenticating and authorizing AI agents across system boundaries. Ping Identity engineers co-authored the draft (draft-klrc-aiagent-auth-00). IETF Draft TrackingTrackingCo-author ★Tracking
XAA / ID-JAGIETF draft (Okta lead)Delegation Cross App Access / Identity Assertion JWT Authorization Grant — OAuth extension enabling agents to obtain secure IdP-issued tokens for app-to-app access. Okta's XAA product ships on this; included in MCP 2025-11-25 spec as Authorization Extension. Addresses enterprise shadow-IT visibility gaps. IETF Draft TrackingCo-author ★PartialTracking
OIDC-ACommunity / OIDF watchingEmerging OpenID Connect for Agents — proposed extension to OIDC Core 1.0 defining standard claims, endpoints, and protocols specifically for LLM-based agent identity and authorization. Proposed TrackingTrackingTrackingTracking
MCP + OAuth 2.1Anthropic / OIDF alignedProtocol Model Context Protocol with OAuth 2.1 integration — leading protocol connecting AI agents to tools. Ping's Agent Gateway and Thales MCP Security Gateway are both built on this. XAA added as first Authorization Extension in Nov 2025 MCP spec. Evolving Via PlainID (55%)PartialAgent Gateway ★Partial
Source: OIDF "Identity Management for Agentic AI" (Oct 2025) · AI Identity Management Community Group · Thales coverage assessed April 2026.

📊 Competitive Positioning Matrix

Based on public announcements · May 2026
Capability Thales Okta / Auth0 Ping / ForgeRock NHI Startups
Agent / NHI Identity (ATF)Building 2026XAA — GA ✓Agent Gateway ✓Agent-native ★
OBO / Token Exchange (RFC 8693)Planning ⚠GA ✓Supported ✓Limited
FGA / Fine-Grained Authz (AuthZEN)Via PlainID (55%)PartialSupportedNone
FAPI 2.0 CertificationPlanning ⚠Certified Q2 '25 ★Certified ★No
MCP Security Gateway2026 Incubation ✓NoAgent Gateway ✓Partial
Application Security (AI Firewall)Imperva ★ UniqueNoneNoneNone
Data Security (RAG / CipherTrust)CipherTrust ★ GANoneNoneNone
CAEP / Real-time RevocationPlanning ⚠In ProgressSupportedLimited
EU SovereigntyHQ France ★US-basedUS-basedMostly US
Standards AuthorshipFollowingXAA / ID-JAG ★WIMSE IETF ★Limited
Regulated Industry TrustStrongest ★GoodGoodWeak
Leader / Unique Strong Competitive Gap ⚠ Missing ★ = differentiator

⚡ Strategic Recommendations

Track & tick off · owned by GTM & programme steering

Customer Pipeline

Strategic account engagement — workshops & pilot tracking

Account Details

AccountRegionSectorStageOwnerNext ActionPriority

Events & Demo Readiness

EIC Berlin · Identiverse Las Vegas

Team & Ownership

Roles, responsibilities, and RACI for the incubation

NameRoleFunctionResponsibilitiesEvents

RACI Overview

WorkstreamProduct MgmtIncubationPMMAccount MgmtPartners
Capability DefinitionRACIC
Partner IntegrationsCAIIR
Customer WorkshopsCRCAI
Messaging & PositioningCCA/RII
EIC / Identiverse DemosCARIR
Pilot DeliveryIRIAC
Competitive TrackingRCAII
R = Responsible · A = Accountable · C = Consulted · I = Informed

🔐 Thales AI Security Fabric

Incubation view — how our work maps to the Fabric. Full product detail on the product site.

🌐 Full Product Detail →
Mission (A.D.A.): Make AI systems not merely secure, but help customers fully leverage AI capabilities while providing visibility, auditability, and customer control. The cybersecurity landscape is changing dramatically with GenAI and Agentic AI — Thales is the EU-sovereign answer. The Fabric focuses on three domains where Thales is differentiated: data security, application security, and identity governance — structured as Visibility · Protection · Governance. The Agent Identity Platform is the identity control plane of the Fabric — it gives every AI agent a verifiable identity, a scoped delegation, and an auditable record of every action taken on your behalf.
👁 VISIBILITY
🛡 PROTECTION
⚖️ GOVERNANCE
AI RAG Security
GA ✅
CipherTrust · Protection · Sell & deploy today
AI Application Security
Beta 🧪
Imperva AI Firewall · Protection · Trials open
Data Leakage Prevention
2026 🔬
Protection · DLP for model interactions
MCP Security Gateway
2026 🔬
Protection + Governance · Agent-to-tool PEP
Agent Identity Platform
2026 🔬
Governance · Identity Lifecycle + Runtime Access
🤖 A.D.A. — Agent Identity Platform
Your source of truth for full product strategy, marketing narrative, and platform detail behind the Agent Identity Platform. A.D.A. = the "why & what". This hub = the "how far along & what's next".
Open A.D.A. ↗

Incubation ↔ Fabric Mapping

A.D.A. framing: Identity Lifecycle · Access Control · Behavior Monitoring · Governance
Incubation CapabilityFabric Module / A.D.A. DomainPillarOur Action
Trusted Agent Access (PoA)Access Control — IBAC, Power of Attorney, FGAIdentity · OneWelcomeCore access primitive: human grants cryptographically signed delegation to agent. OBO market pattern. This is Release 1.
FGA for AI Data & MCP AccessAccess Control — FGA for RAG & MCP toolsIdentity · PlainIDPlainID PBAC governs data layer — agent only retrieves what the human user is authorised to see. Ships with Trusted Agent Access in Release 1.
Agent Identity LifecycleIdentity Lifecycle — Discovery, Registry & CredentialsIdentity · OneWelcomeDiscover & classify all agents — sanctioned and shadow. Register with a human owner, provision credentials, manage from onboarding to governed decommission.
Badge Inc device-bound credentialsIdentity Lifecycle — Credential ManagementIdentity · OneWelcomeHardware-bound agent identity — passkey anchoring for agent auth. Supports cryptographic PoA.
Agent Observability & Audit TrailGovernance — ISPM, Audit Trails & ComplianceIdentity · GovernanceImmutable audit of every agent action. EU AI Act, SOC 2, HIPAA compliance. Decision provenance: prompts, retrieved context, tools invoked, approvals granted.
CipherTrust RAG SecurityAI RAG Security — Protection (GA)Data · CipherTrustGA today — anchor data security story in every customer workshop. Beachhead for the full platform.
Imperva AI FirewallAI Application Security — Protection (Beta)AppSec · ImpervaBeta — prompt injection, jailbreak, model-DoS protection. Add to EIC/Identiverse demo flow.
MCP Security GatewayProtection + Governance · PEP at agent-tool boundaryIdentity · MCP2026 incubation — enforces Trusted Agent Access at every MCP tool invocation. Key identity context to Fabric.

Global AI Security Team Contacts

Dedicated AI Security team led by Mukesh Chandak — engage for customer conversations and co-selling
NameRegionRole
Mukesh ChandakAPAC + LeadGlobal AI Security Lead
Alexander CarrizoNORAMAI Security Specialist
Jonas RoblotEMEAAI Security Specialist
AI RAG Security (CipherTrust)GA — sell & deploy today. Identify RAG use cases at strategic accounts.
🧪
AI Application Security (AI-Firewall)Beta — customer trials open. Contact product team for trial setup.
🔬
DLP for AI, MCP Gateway, Agentic IAMIncubation — this hub tracks progress. PoC / Alpha for selected customers.

📚 Internal Education & Enablement

Building internal knowledge and confidence across RSMs, SEs, PMMs, PMs, and Leadership

🎯 Goal: Every customer-facing team member (RSM, SE, PMM, PM) should be able to confidently explain the Agent Trust Framework, the AI Security Fabric, and Thales' differentiation vs. Auth0 / Transmit / Ping — before Identiverse in June 2026.
🤖 A.D.A. — Agent Identity Platform
All enablement content should align with A.D.A. — the canonical source for product strategy, platform narrative, and positioning. Before creating or updating any asset, check A.D.A. first.
Open A.D.A. ↗

Audience Readiness Tracker

Click ✏️ to edit scores · 1=Beginner → 5=Leader
AudienceSizeAgenticAI BasicsAgent Trust FrameworkAI Security FabricCompetitive StoryCustomer Workshop PitchOverall

Enablement Assets

AssetTypeAudienceStatusOwnerDueNotes

Internal Sessions & Workshops

SessionFormatAudienceDateOwnerStatusMaterials

Recommended Learning Path

For new team members & onboarding
🟦 Step 1 — Foundation
~2 hours · Self-paced
What is Agentic AI?
Why does identity matter for AI agents?
The SPIFFE/CAEP/AuthZEN standards landscape
Thales AI Security Fabric overview (Lionel's deck)
🟣 Step 2 — Our Story
~2 hours · With buddy
Agent Trust Framework walkthrough
PlainID MCP discovery demo (video)
Badge Inc device-bound identity
EU sovereignty differentiation talk track
🟩 Step 3 — Field Ready
~3 hours · Live session
Competitive battle card review (RSM, PMM)
Customer workshop pitch practice (RSM, SE)
Objection handling: "Why not Auth0/Ping?"
Live demo walkthrough with Gur / Alexander (SE)

🧩 Solution Workshops

Customer-facing workshop programme — agenda templates, collateral & tracking

🎯 Purpose: This page tracks all customer solution workshops — from preparation to outcome. It also holds ready-to-share collateral for each workshop format. The goal: 3 workshop commitments in Q2 2026.

Workshop Pipeline

All customer workshops — planned, active, completed
CustomerWorkshop TypeFormatStatusDateOwnerOutcome

Workshop Formats & Agendas

Select the right format for your customer — each includes a sharable agenda
🔍
Discovery Workshop
Half Day · 3–4 hrs
For customers at the Identified or Engaged stage. Goal: surface AI agent use cases in their environment and map to our capabilities.
Agenda
30 min — Welcome & Thales AgenticAI story (non-technical)
45 min — Customer AI journey: where are you today? (discovery questions)
30 min — Agent Trust Framework overview — what we protect & how
45 min — Live demo: PlainID MCP discovery + agent governance
30 min — Use case mapping: which Thales capabilities apply to you?
15 min — Next steps & pilot scoping
Deck: ATF Overview Demo: PlainID MCP Template: Discovery Q's
🏗️
Architecture Workshop
Full Day · 6–7 hrs
For customers at the Workshop Scheduled stage. Goal: design a target architecture for agent identity & governance in their specific environment.
Agenda
30 min — Scene-setting: findings from Discovery
60 min — Customer architecture review: current agent & NHI landscape
60 min — Deep dive: Agent Trust Framework components & integration points
30 min — Standards deep dive: SPIFFE, CAEP, AuthZEN — what matters for them
60 min — Technical demo + hands-on: PlainID MCP governance / Badge Inc
60 min — Joint architecture design (whiteboard session)
30 min — Pilot scoping: success criteria, timeline, resource commitment
30 min — Exec summary & next steps
Deck: ATF Tech Deep Dive Template: Architecture Standards cheat sheet
🎯
Executive Briefing
90 min · C-level
For CISO / CTO / CDO level. Goal: build strategic alignment and sponsorship for an agent security programme.
Agenda
15 min — The agentic AI risk landscape: why NOW matters
20 min — Where your organisation is exposed: 3 scenarios
25 min — Thales AI Security Fabric — EU-sovereign answer
15 min — Peer benchmarking: what regulated peers are doing
15 min — Proposed engagement: workshop → pilot → programme
Deck: Executive Briefing 1-pager: ATF Summary Peer benchmark data
🛒
The Agentic Pivot — Commerce & Trust Roundtable
Full Day · Roundtable Updated
For ABN AMRO, Plus, PostNL, NS — and similar B2C-facing organisations where AI agents act on behalf of millions of end-customers: booking travel, rerouting parcels, filing claims. Goal: jointly define what trustworthy agentic commerce looks like for regulated Dutch businesses, with Thales validating its Agent Security Fabric narrative through the session.
Participant profiles: Head of Digital / Customer Experience · Chief Risk Officer · Head of Payments · CISO — not supply chain leads
Morning — Landscape & The Anxiety
30 min — Opening: "Your customer now has an agent acting on their behalf — are you equipped to handle that?" (business framing, not protocol deep-dive)
30 min — The anatomy of an agentic transaction: step-by-step, B2C lens — The Autonomous Commuter (NS) / The Invisible Delivery (PostNL)
30 min — Protocol landscape as background context: UCP/Google, ACP/OpenAI+Stripe, AP2+Visa Trusted Agent, x402/Bedrock — reference layer only
30 min — Why Thales? Co-creation framing: bringing forward-thinking Dutch companies to jointly shape trustworthy agentic commerce + validate our Agent Security Fabric
Afternoon — Use Cases, Gap Analysis & Unresolved Tensions
60 min — Mixed-group use case mapping: which of your customer journeys are agents entering first?
60 min — Gap analysis — put these tensions directly to the room:
    "If your customer's agent places an order and then disputes it, who do you call?"
    "If an agent gets hijacked and drains a travel budget — is that NS's problem, ABN AMRO's, or the agent developer's?"
    "How do you revoke an agent's access to your platform in real time — do you have that capability today?"
30 min — Synthesis: shared language + shared roadmap — what must be true for agentic commerce to be trusted?
30 min — Next steps: pilot scope, Design Centre involvement (lightweight format), follow-up call with Jordi + Wouter
⚠️ Facilitator note (Maarten): If we go in asking customers to explain how agentic commerce works, we lose credibility. We must arrive as the party that understands the problem and is working towards solutions together with them. Involve Design Centre but keep format lightweight — target 3 weeks prep, not 6.
Deck: The Agentic Pivot Demo: Agent revocation (CAEP) Template: B2C use case map Reg: PSD2 / DORA / eIDAS Target: ABN AMRO · Plus · PostNL · NS
🧪
Pilot Kick-off Workshop
Full Day · Scoping
For customers moving to Pilot Started. Goal: define pilot scope, success criteria, technical environment, and governance.
Agenda
30 min — Pilot objectives & success criteria alignment
60 min — Technical environment review & integration planning
60 min — Agent Trust Framework deployment plan
45 min — Data, access, and sovereignty requirements (legal & compliance)
30 min — Governance: decision rights, escalation path, review cadence
30 min — Timeline, milestones & joint team commitments
Template: Pilot Charter Checklist: Tech readiness Template: Success metrics

Customer-Shareable Collateral

Approved for external use — track status & owner below
AssetFormatAudienceStatusOwnerNotes

Discovery Question Bank

Use these in Discovery and Architecture workshops to surface use cases
🤖 AI & Agent Landscape
🔐 Identity & Security