BeyondTrust Advances Unified Privileged Identity Solution for AI Agent Security
In a significant move for cybersecurity, BeyondTrust has unveiled enhanced capabilities within its Pathfinder Platform, marking the industry’s first unified approach to securing AI agent coworkers. This development is crucial as organizations increasingly rely on AI agents that operate alongside human users and manage autonomous workloads across cloud and SaaS environments. The announcement is supported by new research from BeyondTrust Phantom Labs, revealing that a majority of enterprises are unknowingly running shadow AI agents with privileged access that remain invisible to security teams.
The Rise of AI Agents in Enterprise Environments
AI agents have transitioned from experimental tools to essential production workloads. They are actively initiating API calls, deploying code, and accessing sensitive data, often within minutes of deployment on low-code platforms. Alarmingly, many of these agents possess privileges that can rival or exceed those of human administrators. In numerous enterprise settings, machine and AI identities now outnumber human identities, significantly widening the privileged-identity attack surface.
Despite this rapid growth, many organizations lack visibility into the number of AI agents operating within their environments, their access levels, and the potential consequences of a compromised agent. This scenario underscores the urgent need for a comprehensive strategy to secure AI, human, and machine identities across diverse environments.
A Unified Approach to Agentic AI Security
Marc Maiffret, Chief Technology Officer at BeyondTrust, emphasized the interconnected nature of agentic identities within the broader non-human identity landscape. He stated that organizations cannot effectively secure these identities in isolation. Instead, they require a platform capable of overseeing and securing the entire spectrum of identities, which is precisely what the Pathfinder Platform aims to deliver.
The Pathfinder Platform addresses the dual challenges posed by agentic AI, providing robust defenses for both AI coworkers and local agents on endpoints, as well as for autonomous AI workloads operating across cloud infrastructures and SaaS platforms.
Key Features of the Pathfinder Platform
-
Endpoint Privilege Enforcement for AI Coworkers: BeyondTrust’s Endpoint Privilege Management (EPM) enforces least privilege and application control for AI clients on endpoints, such as Claude and ChatGPT. This ensures that AI tools can only perform actions permitted by policy, a critical enforcement capability that sets BeyondTrust apart from other vendors.
-
AI Agent Discovery and Risk Analysis: The Identity Security Insights feature offers comprehensive discovery, classification, and posture auditing for agentic AI. It includes connector coverage for major enterprise AI platforms like OpenAI, Google Vertex AI, Salesforce Agentforce, ServiceNow AI agents, and AWS Bedrock. Organizations benefit from automatic discovery, privilege path mapping, risk scoring, and shadow AI detection across their deployments.
-
Secrets Management for Autonomous Agents: BeyondTrust’s Password Safe provides vaulting, rotation, and just-in-time access for the secrets and API keys that drive agentic workloads. When combined with Insights, organizations achieve end-to-end visibility from agent discovery to credential management, effectively mitigating the risks associated with static credential exposure.
Managing Non-Human Identity Growth
Telemetry data from BeyondTrust’s Identity Security Insights indicates a rapid acceleration in the growth of AI agents across enterprise environments. Over the past year, organizations utilizing the Pathfinder Platform have reported a staggering 466.7% increase in enterprise AI agents. Many of these agents are deployed through low-code platforms and automation frameworks that span endpoints, cloud infrastructures, and SaaS applications.
Maiffret highlighted the critical questions security teams must address: not whether AI agents exist, but what they can access, what secrets they utilize, and the implications of a potential compromise. The blast radius of a single AI agent can extend across identity providers, cloud infrastructures, SaaS platforms, and on-premises directories. The Pathfinder Platform maps these cross-domain privilege paths, providing visibility into how a compromised agent could escalate access throughout the entire environment.
Free AI Security Posture Assessment
BeyondTrust has introduced the Identity Security Risk Assessment (ISRA), offering organizations immediate visibility into AI agent risks as part of a comprehensive identity security posture analysis. This assessment connects across enterprise identity and AI agent infrastructures in under an hour, delivering findings within 24 hours. The results include discovery and inventory of all AI agents, shadow AI detection, cross-domain privilege path analysis, and risk scoring aligned with MITRE ATT&CK, along with prescriptive remediation guidance.
Organizations can sign up for the free Identity Security Risk Assessment at BeyondTrust.
The advancements in the Pathfinder Platform reflect a growing recognition of the complexities associated with managing AI agents and the critical need for organizations to secure their privileged identities effectively.
Source: www.intelligentciso.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
