As AI coding assistants and autonomous agents gain deeper access to source control, CI/CD pipelines, and production systems, code itself is becoming an identity—an untracked actor capable of exfiltration, impersonation, or privilege escalation. Drawing from work with AI-forward enterprises, this session explores how to govern these agentic identities across their full lifecycle using policy-as-code, just-in-time, and human-in-the-loop frameworks.