Cayosoft adds AI identity visibility and incident response for hybrid environments

Cayosoft has announced updates to its Cayosoft Guardian platform. Cayosoft Guardian will now bring AI agent identities into existing identity threat detection and response (ITDR) workflows, giving security teams visibility, reporting, alerting, and automated rollback, without adding another dashboard.

Cayosoft also launched a new Identity Forensics & Incident Response (IFIR) service, a purpose-built incident response offering designed specifically for Microsoft hybrid identity environments to address the growing operational and security risks created by complex environments and the rapid rise of non-human identities.

“We’re living in the age of AI, where the number of non-human identities has rapidly increased to supplement human identities. This major shift in the identity landscape means our customers need a reliable platform that can monitor, manage and recover identities instantly,” said Bob Bobel, CEO of Cayosoft. “By adding support for AI identities in the Guardian platform, and by launching our new incident response services powered by Guardian, we’re re-affirming our commitment to innovation to meet and exceed our customers’ identity resilience needs.”

Cayosoft Guardian 7.2 adds monitoring & detections for AI identities

Non-human identities (NHIs) already outnumber human users in modern Microsoft ecosystems. The introduction of AI agents expands the identity attack surface even further through autonomous behavior, indirect permission assignment, and complex attribution.

Many operate outside standard governance and monitoring practices, accumulating long-lived credentials, excessive permissions and unclear ownership that create security and compliance blind spots. Identity threat detection and response must therefore treat non-human identities as a core capability.

With Cayosoft Guardian 7.2, expanded Change Monitoring for Microsoft Entra Agent ID entities helps security teams maintain visibility and control as agentic AI adoption accelerates, bringing agent-related changes into the same monitoring and investigation workflows used for users, groups and applications.

“As we deploy Microsoft agents, it’s critical that agent identities are governed just like any other identity,” said Hussein Alalawi, Senior Information Security Engineer of Auto Club Group. “With Cayosoft, we can see when agent identities are created, how permissions change, and exactly what actions they take—and we can roll those changes back if automation goes wrong. That’s what gives us confidence to run agentic AI at scale.”

Cayosoft launches new identity-first incident response service

Powered by the Cayosoft Guardian Platform and delivered by Cayosoft’s identity security and incident response specialists, the Cayosoft Identity Forensics & Incident Response (IFIR) service delivers rapid detection, deep forensic reconstruction, and authoritative recovery across hybrid identity environments. Designed specifically for hybrid AD and Entra ID environments, Cayosoft provides expert-led dedicated identity investigation capabilities, immutable auditing and guaranteed recovery in minutes.

Cayosoft’s IFIR capabilities include:

• Baseline evaluation of your Microsoft identity security, monthly check-ins to review remediation and prioritization, and yearly disaster recovery testing
• Real-time identity threat detection and alerting, including tracking attacker activity across hybrid AD and Entra ID
• Identifying patient zero and privilege escalation paths
• Reconstructing attack timelines using Guardian forensic replay
• Automated, authoritative rollback and remediation
• Guaranteed AD recovery in minutes via patented instant standby technology, restoring known-good identity baselines
• Applying controls to prevent ransomware reinfection
• Reducing incident recurrence through expert-led identity hardening