AI Security: Secure Employee Access & Streamline Identity Workflows

March 23, 2026 Rachel Kim – Technology Editor Technology

Organizations are increasingly focused on securing access within artificial intelligence environments, with SailPoint Technologies introducing Agent Identity Security to address emerging risks. The new offering aims to provide visibility, ownership and governance over AI agents, their users, and the tools they access.

The move comes as enterprises rapidly adopt AI agents, often referred to as “digital workers,” with some, like BNY Mellon, already deploying over 130, according to recent reports. This acceleration is prompting a re-evaluation of identity and access management (IAM) strategies, as AI agents operate autonomously and handle sensitive information.

Security experts warn that ungoverned AI agents create vulnerabilities. Without proper controls, these agents can reveal credentials, leading to data leaks, and may be over-permissioned or unknown to the organization. A recent global survey highlighted the security and compliance risks associated with these ungoverned systems.

SailPoint’s Agent Identity Security aggregates AI agents from various cloud platforms, including Amazon Web Services, Microsoft Azure, and Google Cloud Platform, as well as Salesforce. The system supports multiple owners for shared accountability and allows for review and revocation of agent access. The solution is designed to eliminate risks from “Shadow AI”—instances where employees use unmonitored AI tools—by providing visibility and guiding users toward secure alternatives.

The need for enhanced AI agent security is underscored by recent threat reports. CrowdStrike observed that 82% of detections involved malware-free intrusions that moved through authorized pathways, while Palo Alto Networks Unit 42 found compromised identity to be a key factor in nearly 90% of their investigations. This shift highlights the importance of securing the identity layer, as attackers increasingly exploit authorized access.

Securing AI agents differs from traditional identity models due to their autonomous operation, persistent context, and dynamic decision-making capabilities. Organizations now manage a significant number of machine identities—at least 45 per human user—and AI agents are rapidly increasing this number. Frameworks like the NIST AI Risk Management Framework and the OWASP Agentic Security Initiative are providing guidance for trustworthy AI development and deployment, emphasizing governance, risk assessment, and mitigation strategies.

SilverFort notes that AI Agent Security isn’t a standalone product, but rather intersects with human identities, non-human identities, service accounts, and cloud infrastructure. The company emphasizes the need for innovative technologies to manage the escalating risk associated with poorly managed agent credentials and over-privileged identities.

The industry is responding with solutions focused on policy-based access, behavioral monitoring, and Zero Trust governance. However, the rapid pace of AI agent adoption continues to present challenges for enterprises seeking to maintain a secure and compliant environment.