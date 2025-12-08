Veza has launched AI Agent Security, a purpose-built product to help organizations secure and govern AI agents at enterprise scale. As businesses accelerate AI adoption, Veza is defining a new foundation for AI SPM by giving security and governance teams the visibility and control they need to protect data and enforce trust across human-AI interactions.

Built on the power of Veza’s Access Graph, AI Agent Security introduces unified visibility into AI agents across leading platforms. Security teams can now answer critical questions such as:

What AI agents exist in our environment?

What data and systems do those agents access?

Which humans can control or act through AI agents?

“We’re in the foundational stages of seeing the transformation that agentic AI is driving in the enterprise through functions like security operations, software development, and customer support,” says Phil Venables, cybersecurity leader, partner at Ballistic Ventures, and former CISO, Google Cloud. “Every security leader should be taking action to better secure and govern AI agents in their organizations, because this will be a critical part of unlocking the business value of Agentic AI. Veza’s extension of their Access Graph and product capabilities of AI Agent Security is a powerful new offering to use as a key pillar for an agentic AI security program.”

A new risk profile for the AI era

The productivity gains and potential with AI tools hold both security benefits and risks for the enterprise across the known attack surface. However, the rise of AI agents introduces an entirely new class of security risks, like prompt injection attacks, in which outsiders can manipulate agents into revealing confidential data or executing unauthorized actions.

This type of attack depends on the AI agents having access to read data input by an attacker, commonly by sending emails, calendar invites, or website sales forms. Never before has simple “read” access to public information created this level of risk. These emerging threats demand a new approach.

Veza accelerates AI deployments and value creation for enterprises with trust and security

AI Agent Security enables enterprises to move faster with their AI initiatives by strengthening identity security.

According to Gartner, “Through 2028, over 50% of AI initiatives will halt, becoming unmanageable, because of unresolved agentic identity challenges.”

With visibility and data-driven insights into the scale and scope of AI agents, Veza enables enterprises to eliminate uncertainty and ensure governance and control of their AI environments. Veza helps enterprises to:

Eliminate AI blindspots: You can’t govern what you can’t see. AI Agent Security discovers and classifies agent identities across the enterprise and provides a single platform to visualize how the AI agents are connected with data resources and LLM models, aligning with OWASP’s LLMSecOps requirements for monitoring and governance.

You can’t govern what you can’t see. AI Agent Security discovers and classifies agent identities across the enterprise and provides a single platform to visualize how the AI agents are connected with data resources and LLM models, aligning with OWASP’s LLMSecOps requirements for monitoring and governance. Enforce the principle of least privilege (PoLP): AI agents are autonomous, and it’s critical to limit their access to critical data. AI Agent Security lays out the full blast radius of agents, highlighting what sensitive data and system resources they can access, enabling enterprises to remove excessive permissions and significantly reduce the impact of a breach.

AI agents are autonomous, and it’s critical to limit their access to critical data. AI Agent Security lays out the full blast radius of agents, highlighting what sensitive data and system resources they can access, enabling enterprises to remove excessive permissions and significantly reduce the impact of a breach. Establish AI governance: In multi-platform environments, it’s difficult to keep track of agents and who is responsible for them. Veza AI Agent Security provides the complete agents-to-human identity mapping, allowing enterprises to confidently govern which users and groups can deploy, manage, and interact with AI agents, ensuring human accountability and eliminating shadow AI activities.

In multi-platform environments, it’s difficult to keep track of agents and who is responsible for them. Veza AI Agent Security provides the complete agents-to-human identity mapping, allowing enterprises to confidently govern which users and groups can deploy, manage, and interact with AI agents, ensuring human accountability and eliminating shadow AI activities. Ensure continuous compliance: In line with OWASP recommendations on user/machine access audits, Veza provides instant answers to what the agents have access to, enabling auditors and enterprises to meet their SOX, NIST, and other regulatory requirements.

Unified visibility, governance, and control

As AI is woven into core business processes, organizations need a single control plane for identity and access across humans, machines, and AI. Veza AI Agent Security provides that foundation. Through deep integrations with major AI and identity ecosystems, the product enables organizations to:

Discover AI agents and MCP servers in their environment across top agentic platforms

in their environment across top agentic platforms Assign human ownership to AI agents , enabling clear lines of responsibility for ongoing security and compliance

, enabling clear lines of responsibility for ongoing security and compliance Visualize, manage, govern, and control access to AI agent services and resources across OpenAI, Azure AI, and Azure OpenAI

For Microsoft, Salesforce, and AWS agents, organizations can additionally:

Visualize AI access paths between AI agents, humans, and data systems using Veza’s Access Graph, exposing risky relationships and excessive permissions.

between AI agents, humans, and data systems using Veza’s Access Graph, exposing risky relationships and excessive permissions. Continuously assess AI agent security posture , including which underlying model is being used, which humans have access to which agents, expired secrets, and agents erroneously provided with privileged access.

, including which underlying model is being used, which humans have access to which agents, expired secrets, and agents erroneously provided with privileged access. Enforce AI agent access governance with least-privilege policies and access reviews integrated into Veza’s existing identity governance and administration (IGA) product and workflows.

“It’s the wild west with agentic AI right now,” said Tarun Thakur, CEO of Veza. “CISOs and CIOs are racing to deploy AI, but few have visibility or control over what these agents can actually do. Veza AI Agent Security brings order to that chaos by unifying discovery, governance, and control for AI systems. In the end, all roads lead to identity: understanding who or what has access, and why.”

Defining the discipline of AI SPM on a unified identity security platform

Veza AI Agent Security helps establish AI SPM as a new standard for enterprise AI protection by extending access governance and security assessment into the world of agentic AI. By combining identity, configuration, and access intelligence, Veza enables CISOs to operationalize security visibility, governance, and compliance for AI, humans, and Non-Human Identities (NHIs) in a single, unified platform.