We are excited to announce the launch of CyberArk’s new solution for securing AI agents, which will be generally available at the end of December 2025. CyberArk Secure AI Agents will extend CyberArk’s Identity Security Platform (ISP), which is a leading solution for securing human and machine identities. The solution helps enable organizations to gain visibility into their AI agents and manage and secure their access to databases by applying identity security controls, such as zero standing privileges.
As organizations look to achieve the efficiency and cost benefits of agentic AI, they are also concerned with security implications. New research from CyberArk shows that 76% of organizations will have AI agents in production within three years , and more than one-third of CISOs rank agentic AI as their top concern. This research validates the need for a solution that ensures AI agents are secured from the start.
Security challenges of AI identities: a new identity class
While AI agents can be considered machines by definition, they show characteristics of human identity in their ability to reason, make decisions, and be goal oriented. But when you consider their scale and their ability to operate 24/7, they are more similar to machines.
AI agents also inherit the threats associated with both humans and machines. Just like humans, agents can be victims of compromised credentials, excessive privileges, or session hijacking. And like machines, they can inherit risks that come with stolen keys, and secrets leakage.
To secure AI agents effectively, enterprise security leaders increasingly recognize they need an approach that combines powerful controls for securing human and machine identities. Traditional authentication using OAuth tokens and consent flows worked when AI agents performed specific tasks on behalf of someone, but unfortunately that only covers a small amount of use cases. As autonomous AI agents and multi-agent systems become more pervasive, their more complex use cases will function similarly to cloud native workloads and rely on machine identity authentication methods like secrets, API keys and certificates.
Secure AI Agents capabilities
Secure AI Agents is designed as a comprehensive solution that addresses key areas required for agentic AI security. These capabilities follow the lifecycle of an AI agent. It starts with discovering agents and understanding their context, followed by securing agents, and managing their lifecycle and compliance. Let’s dive into each capability.
Discovery and context
Before you can secure your AI agents, you first have to understand your environment: what agents are running, who owns them, and what are their potential risks?
The Secure AI Agents solution detects AI agents running across SaaS, cloud, and developer environments including AWS Bedrock and Microsoft Copilot Studio. You can get a clear view of your agents in the discovery dashboard with statuses like “Discovered,” “Active,” and “Pending connection.” Each agent is enriched with context, such as ownership, purpose description, status and permissions, helping you understand who owns each agent, what it does, and what it can access.
Secure access
Once you have a view of the agents in your environments, you need to ensure they are secure. AI agents are privileged identities by definition, with access to sensitive resources. Based on our experience and best practices in securing access for human and machine identities, we know that privilege controls need to be applied to an agent before it interacts with any SaaS apps, databases, human users, or other resources.
We built our AI Agent Gateway as an enforcement point between AI agents and the tools they use. The gateway provides agents with secure access to resources that are connected through the Model Context Protocol (MCP) server. It leverages the identity security controls provided by the ISP, including zero standing privileges and least privilege access, to enable security teams to reduce standing access for AI agents.
Our goal is to ensure secure AI agent access, so permissions are granted to AI agents only for the specific task, least privileged based on the scope and intent of the task, and revoked automatically, helping to ensure the agent has zero standing privileges.
Lifecycle management and compliance
Security leaders need the ability to govern the lifecycle of AI agents and ensure auditability and compliance, especially for regulated industries. Secure AI Agents logs the agent actions and communications: for example, with an AI assistant, security teams can examine what actions were performed by what agent and on behalf of which human user. You can also see on what resources the action was taken, and the specific queries the AI agent ran on the database—both being areas the associated human user may not be aware of.
These capabilities help enable organizations to secure and manage the end-to-end lifecycle of AI agents. With the new Secure AI Agents solution, enterprises can leverage the power and privilege controls of the ISP for both human and machine identities, as well as the unique capabilities of agent identities. While designed to securely manage AI agents at scale, the solution also provides a powerful starting point for security teams and developers that want to start the process of securing AI agents in their organization. Agentic AI isn’t going anywhere, and the time to start thinking about security is now.
We are eager for you to see the solution in action. First, you can take a look at our short demo video below. For a deeper dive, please watch our virtual event “Securing the New Frontier of Agentic AI.” We can’t wait to share more about our Secure AI Agents solution as we continue to develop it and expand CyberArk’s vision of securing the full spectrum of identities.
Inbal Zilberman is a staff product manager and Leah Bachmann is a senior product marketing manager at CyberArk.
Third-party logos are the property of their respective owners and are used here for identification only. No affiliation or endorsement is implied.
Product Roadmap Disclaimer: This information is for informational purposes only, and represents CyberArk’s current view of its innovation direction. It is not a commitment or an obligation to deliver any product or functionality. The development, release, and timing, if any, of any future innovation or product remains at our sole discretion and may be subject to applicable fees.
