Enterprise AI is moving faster than the digital trust systems built to govern it.
As autonomous agents, synthetic content and machine identities spread across critical systems, organizations face a new digital trust challenge: proving what is real, authorized and secure before trust breaks down.
At today’s DigiCert Trust Summit, DigiCert Inc. positioned its DigiCert ONE platform as a foundation for that next phase, tying AI governance, public key infrastructure (PKI) modernization, DNS resilience, content provenance and quantum readiness into a broader push for cryptographic proof at enterprise scale.
“Artificial intelligence is rapidly transforming how organizations operate and expanding the enterprise attack surface area just as fast,” said John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio. “From synthetic content to unverified models and autonomous agents acting across critical systems, proving what can be trusted is more important than ever.”
That framing carried through the Summit as DigiCert executives and enterprise security leaders connected AI trust, certificate lifecycle management, DNS resilience, content provenance, agent identity and quantum readiness into a single modernization story. Amit Sinha, chief executive officer of DigiCert, opened the Summit by positioning the company’s DigiCert ONE platform as a foundation for securing machines, software, devices, messages, AI content and autonomous agents.
“We’re helping organizations navigate today’s threats and prepare for a quantum-safe future,” Sinha said. “AI is reshaping everything, and in almost every customer conversation, one question comes up: How do we trust AI?”
During an exclusive DigiCert Trust Summit broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio, DigiCert executives and cybersecurity practitioners examined how enterprises can establish verifiable trust across AI agents, digital content, machine identities, certificate lifecycles and post-quantum cryptography. (* Disclosure below.)
DigiCert’s AI trust strategy focuses on content, models and agents
For Sinha, the first challenge is content authenticity. Generative AI has made it easier to produce synthetic media, deepfakes and misinformation, creating what he described as a “world of zero-trust media.” DigiCert is working with leaders, including Microsoft Corp., Google LLC and Adobe Inc., on the Coalition for Content Provenance and Authenticity standard, known as C2PA, to help attach verifiable credentials to digital content.
“Using proven cryptography, we can now attach verifiable credentials to content,” Sinha said. “So, you don’t just see it, you can verify where it came from and whether it’s been altered.”
The second challenge is model trust. As AI models become part of software supply chains, organizations need to know where they came from, how they were trained and whether they meet security and compliance requirements. DigiCert’s platform approach includes validated AI models with a bill of materials covering source, training data and attestations.
The third and fastest-growing challenge is agent trust, according to Sinha. AI agents are beginning to act across enterprise systems, which raises questions around authorization, lifecycle management and auditability.
“Trust starts with identity, durable, verifiable, immutable,” Sinha said. “We wouldn’t allow an employee to operate without a verified identity within an organization. AI agents should be no different.”
DigiCert is extending PKI to provide identity, authorization and lifecycle management for AI agents, including inventory and audit logs. The broader point is that AI governance cannot be separated from the identity systems, cryptographic controls and lifecycle automation that already underpin enterprise security.
Digital trust modernization shifts toward PKI, DNS and AI governance
Expanding on that platform message, Deepika Chauhan, chief product officer of DigiCert, described DigiCert ONE as a way to move from foundational trust models toward resilient and provable trust. The platform brings together PKI, DNS, certificate lifecycle management and emerging AI trust capabilities across machines, software, devices, content, messages and agents.
“You just heard Amit talk about how the world of digital trust is changing faster than most organizations can keep up with, and the decision of what to trust is being made by systems, by machines, by AI that’s moving faster than any of us can audit,” Chauhan said. “So, this isn’t just a future risk for you; this is here and now.”
DNS and PKI form the foundation of digital trust because they help verify both location and identity, Chauhan explained. DNS tells systems where to find a website, application or service, while PKI uses cryptography to confirm that the entity being reached is legitimate.
“PKI and DNS are not just the features of security stack,” Chauhan said. “They are the core foundation on which your entire digital trust resides.”
That foundation is under pressure as enterprises shift toward hybrid and multicloud architectures, deploy containers and cloud workloads at scale and introduce AI agents that make calls to external systems. The result is a larger digital trust surface and more operational complexity, especially as certificate lifetimes shorten.
A major theme across the Summit was the coming shift to 47-day certificate lifecycles by 2029. Certificate lifetimes are moving from 398 days to 200 days and eventually to 47 days, while domain validation is dropping to 10 days, Sinha pointed out. For enterprises, that means more certificates, more validations and far greater operational load.
“Without automation, this leads to higher costs, more outages and greater risk,” Sinha said. “This is why PKI modernization is urgent and why automation is no longer optional.”
AI adoption raises security and governance pressure
In a keynote conversation with Rob Owens, head of equity research at Piper Sandler Companies, Sinha explored how AI is changing the architecture of secure systems.
AI differs from previous technology shifts because of its rapid adoption and disruptive potential, Owens explained, pointing to gen AI’s faster uptake compared with earlier eras such as the internet and PCs. That acceleration is creating new application opportunities while raising questions around disintermediation.
“AI’s really been thrust upon us, given the adoption rate, but we think it’ll play out in similar fashion in terms of tons of new application opportunities, obviously much easier from a development standpoint,” Owens said.
The security implications, however, are still outpacing many enterprise IT controls. Organizations often move faster than their governance models can support, Owens explained, comparing the situation to cars reaching high speeds long before seat belts became legally mandated.
“We always put security in the backseat,” Owens said. “So, are they prepared to handle it? No, I don’t think so.”
Owens identified runtime, identity and data as three major areas where security spending and controls will need to develop around AI. His comments aligned with DigiCert’s broader message that identity will be one of the central problems in the agentic AI era.
AI agents push governance toward cryptographic identity
AI governance is becoming a practical challenge as organizations look to protect models, manage autonomous agents and ensure content authenticity without slowing down the business, according to Brian Trzupek, senior vice president of product at DigiCert, during the Summit.
“Do AI agents keep you up at night?” Trzupek asked. “I think every organization in this room is already running AI. The question is whether you know what AI, where and on whose authority.”
Shadow AI creates a visibility and governance problem as employees and teams adopt tools to get work done faster, while policies often lag behind, Trzupek explained. That creates risk for data exposure, credential misuse and unclear accountability when autonomous systems take action.
DigiCert’s AI Trust Manager approach is built around three layers: DNS enforcement at the network edge, agent identity through passports and policy, and secure execution through confidential computing. DNS can act as a macro-level control point because agents must resolve domains to access tools or services. Agent passports can bind identity, policy, lineage and ownership into a cryptographically signed object. Confidential computing can help protect models, agents and sensitive data during execution, Trzupek explained.
“We’re not reinventing the world; we’re leveraging it,” he said.
That theme matters because enterprises do not want entirely new governance silos for AI. DigiCert’s position is that existing digital trust concepts can be extended into AI environments, including SPIFFE-based workload identities, short-lived credentials, DNS policy controls and attestations for trusted execution environments.
UPS case study shows 47-day readiness in practice
The Summit closed with a practical discussion between Chauhan and Kavita Rehan, director of information security at United Parcel Service Inc., on preparing for 47-day certificate lifecycles and modernizing PKI operations at enterprise scale.
Budget pressure, a changing vendor relationship and the need to consolidate PKI infrastructure made the transition more than a vendor renewal or certificate management issue for UPS, Rehan explained. Instead, it became an opportunity to rethink the company’s architecture and move toward a more unified approach.
“As we evaluated every option, we realized that this was bigger than just a renewal discussion,” Rehan said. “It was an opportunity to rethink architecture, simplify operations and move forward towards a unified approach.”
Automation became central to that effort because manual processes cannot scale in a world of shorter certificate lifecycles. UPS already used tools such as Ansible and Terraform, so the question became how to align certificate management with modern infrastructure operations.
“Automation wasn’t optional,” Rehan said. “It was the foundation to make this change.”
UPS also found that not every use case required a public certificate. Moving appropriate workloads to private certificates reduced cost and operational burden while creating a cleaner PKI model.
“One of the biggest lessons for us was that not everything needed a public certificate,” Rehan said. “Historically, people request a public certificate because that was the path of least resistance, not always because it was the right choice.”
For other enterprises, Rehan advised choosing a vendor partner rather than just a supplier, setting expectations clearly, over-communicating and breaking work into smaller streams with clear ownership. UPS is also looking ahead to crypto agility and quantum readiness as certificate lifecycle management becomes more important across applications, devices, infrastructure and non-human identities.
“The goal isn’t just to solve today’s problem, but to make sure our trust architecture can evolve with whatever comes next,” Rehan said.
A broader trust reset
Across the Summit, DigiCert’s message was that AI, certificate lifecycle shortening and post-quantum cryptography are not separate problems. They are converging into a broader trust infrastructure reset. Enterprises need to know what is real, which systems and agents are authorized, where certificates live, whether models and content can be verified, and how cryptographic systems will adapt as standards change.
“This is not just about certificates,” Sinha said. “It’s about building trust in a rapidly changing digital world.”
That may be the central takeaway from DigiCert’s event: As AI moves deeper into enterprise workflows, digital trust becomes less of a static security assumption and more of a dynamic operating requirement. The organizations that can automate, verify and govern that trust at scale will be better positioned for the next phase of AI-driven business.
Find out more about SiliconANGLE’s and theCUBE’s coverage of the DigiCert Trust Summit.
(* Disclosure: TheCUBE is a paid media partner for the DigiCert Trust Summit Virtual 2026 event. Neither DigiCert, the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Image: SiliconANGLE/ChatGPT
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
