Passwordless Security in the Age of AI: A Conversation with Slavik Markovich, CEO of Descope

Cybersecurity is once again at a critical crossroads—this time, driven by the explosive growth of AI technologies. During a recent visit to Descope’s Palo Alto office, I sat down with CEO Slavik Markovich, a veteran in the cybersecurity space whose past ventures, Demisto (acquired by Palo Alto Networks) and Sentrigo (acquired by McAfee), shaped much of the modern security landscape. Our conversation centered around how AI is radically reshaping digital identity.

Slavik and his team—collaborators for nearly three decades—launched Descope with a bold mission: eliminate passwords altogether. “Passwords are the worst of both worlds,” he noted, “hard for humans to remember and easy for computers to crack.” As AI supercharges phishing and other attack vectors, traditional passwords only grow more inadequate.

Instead, Slavik advocates for passkeys—phishing-resistant, cryptographic keys stored locally and authenticated via biometrics, without ever exposing the biometric data. It's a fundamentally more secure and seamless approach to authentication.

Descope’s innovation doesn’t stop there. As AI evolves into “agentic” form—digital agents acting on behalf of users—the company is tackling a new security frontier. These agents don’t fit neatly into existing models of user authentication or machine-to-machine trust. “The industry is shifting toward agentic AI,” Slavik explained, “and that’s expanding the scale and complexity of identity management.”

One surprisingly common challenge they’re solving is the "confused agent problem," where digital agents unintentionally act with higher privileges than intended. Descope positions itself as the intermediary—managing progressive authorization, mediating between users, agents, and applications, and ensuring secure, compliant interactions.

For CISOs and enterprise leaders, this shift presents both urgency and opportunity. AI is no longer an emerging edge case—it’s embedded in tools and workflows across organizations. Security teams must act swiftly to secure agent-driven interactions and identity touchpoints or risk falling behind.

At Clarity, where I focus on AI-powered threats like deepfakes and next-gen phishing, I see firsthand how vital identity management has become. It’s no longer just a login issue—it’s the first and most critical line of defense. Security solutions must be both robust and frictionless, balancing user experience with airtight protection.

Slavik also shared a personal insight that stood out to me: “We prioritize having fun. We’ve built multiple companies together because we genuinely enjoy the journey.” That mindset resonates. The best cybersecurity innovations come from passionate teams that love solving hard problems, not just building defenses.

The identity revolution is already underway. Organizations that embrace passwordless, agent-aware authentication now will dramatically improve both their security and user experience. Those that delay will face rising vulnerabilities and growing user frustration.

Our industry isn’t just evolving—it’s undergoing a full-scale transformation. Proactively embracing agentic AI, passkeys, and adaptive identity strategies is not just smart—it’s essential. Those who lead will define the future of digital trust. Those who don’t may find themselves struggling to catch up in a threat landscape redefined by AI.