CyberArk releases identity security solution for AI agent privilege management

Platform extends access controls to autonomous AI agents across enterprise environments with discovery, authentication, and monitoring capabilities

Matt Cohen, CEO of CyberArk

CyberArk, an identity security provider traded on NASDAQ under ticker CYBR, has released the CyberArk Secure AI Agents Solution, extending its Identity Security Platform to address privilege management for AI agent identities. The solution is now generally available.

Organizations are deploying AI agents to automate tasks and operational processes. These autonomous systems function as a distinct identity class that requires access permissions to execute functions. AI agents present risks including operational errors, unauthorized usage, and potential compromise by external actors. These risks increase when agents operate with elevated system privileges.

The CyberArk Secure AI Agents Solution applies privilege controls to AI agent identities, limiting access to required permissions during necessary timeframes. The approach restricts unauthorized access and supports scaled deployment of AI-driven systems.

"As organisations embrace AI agents, both builders and defenders must understand how identity-centric risks evolve when agents require elevated privileges," said Matt Cohen, CEO of CyberArk. "Without strong discovery, robust privilege controls and comprehensive life cycle management, organisations risk losing visibility and opening the door to catastrophic agentic attacks. CyberArk uniquely secures the full spectrum of identities – humans, machines and AI agents – by applying the right level of privilege controls, enabling innovation while maintaining security and compliance."

Research conducted by CyberArk among chief information security officers indicates AI agent adoption is projected to reach 76% of organizations within three years, while fewer than 10% of organizations have implemented security and privilege controls for AI agents.

The report, titled "Securing Agentic AI: Identity as the Emerging Foundation for Defense," found that nearly 40% of financial institutions and software companies have deployed AI agents in production environments. Fewer than one in ten organizations have implemented security controls including risk registries and dynamic authorization at scale. Two-thirds of CISOs in financial services and software sectors identify AI agents among their three primary cybersecurity concerns, with over one-third ranking it as their top concern. Survey respondents expect AI agent security requirements to increase cybersecurity spending in the coming year.

AI agents operate with autonomy and access to systems containing sensitive data, frequently requiring privileged permissions to perform designated functions. Without oversight mechanisms, these privileges can be misused or compromised, creating business and regulatory compliance consequences.

The CyberArk Identity Security Platform provides privilege controls across human, machine, and AI agent identities. The Secure AI Agents Solution extends existing capabilities to autonomous AI agents, applying just-in-time access provisioning, least privilege principles, and continuous session monitoring previously implemented for other identity types. This approach applies consistent governance, security, and monitoring across all identity categories.

The CyberArk Secure AI Agents Solution includes agent discovery that detects AI agents across software-as-a-service platforms, cloud environments, and development systems, generating profiles containing ownership information, assigned roles, and access permissions. The solution enforces authentication requirements and least-privilege access with elimination of standing privileges and activity auditing for AI agents. Real-time monitoring detects anomalies and unauthorized access attempts, triggering automated alerts and response procedures. Lifecycle management governs AI agents from creation through decommissioning, addressing regulatory compliance requirements and audit preparation.

The solution addresses operational challenges organizations face when deploying AI agents at scale. Discovery capabilities provide visibility into AI agent populations across distributed environments, addressing the problem of shadow AI deployments that occur outside formal IT governance. Authentication and access controls prevent AI agents from operating with excessive permissions that create attack surfaces. Continuous monitoring detects aberrant behavior patterns that may indicate compromised agents or configuration errors. Lifecycle management ensures AI agents are properly provisioned, maintained, and decommissioned according to organizational policies and regulatory frameworks.

CyberArk positions the solution within its broader identity security platform that manages access for multiple identity types. The unified architecture applies consistent security policies and controls whether managing human user accounts, service accounts for applications, machine identities for automated systems, or AI agents. This consolidated approach addresses the complexity organizations encounter when securing heterogeneous identity populations using disparate tools and policies.

The general availability release follows development and testing phases. CyberArk has not disclosed pricing models or deployment timelines for customer implementations. The solution integrates with existing CyberArk platform components rather than functioning as standalone software.