AI Agents Force a Rethink of Enterprise Identity Governance
Enterprise identity governance is being rewritten for a world where software, not just people, logs in and takes action. Autonomous AI agents now draft code, move data and trigger workflows at machine speed, often with opaque ownership and poorly defined privileges. Surveys cited by both Palo Alto Networks and SailPoint show that most organizations already run AI agents in production, yet many cannot reliably distinguish human activity from non-human behavior or explain what an agent is allowed to do. Traditional identity and access management was built around relatively static human users and long-lived applications, not ephemeral, delegated agents that can spin up, act and disappear in seconds. This gap is turning AI agent identity management and AI agent access control into urgent priorities, as CISOs look for ways to give agents governed identities, traceable actions and policy-driven access, without slowing down innovation.
Palo Alto Networks’ Idira Unifies Human, Machine and Agentic Access
Palo Alto Networks’ new Idira platform illustrates how quickly vendors are converging human and non-human identity controls. Idira is positioned as a unified identity-security control layer that sits at the center of the company’s model for human, machine and agentic identities. It ingests capabilities from CyberArk, Koi and Portkey to form a single policy fabric. CyberArk contributes privileged-access management, governing when users or AI agents can receive elevated permissions and when those rights must be revoked. Koi extends visibility into less traditional AI-related assets, such as plugins, scripts and endpoint artifacts that historically fell outside enterprise identity governance. Portkey adds AI-agent governance, monitoring and routing agentic activity across enterprise systems. With Palo Alto reporting that 91% of surveyed organizations already run autonomous agents in production, Idira aims to make granting, right-sizing and revoking agent access as routine and auditable as access changes for employees.
SailPoint’s Agentic Fabric Brings AI Agents Under Classic IAM Discipline
SailPoint is pushing in a similar direction with Agentic Fabric, a new layer for its Identity Security Cloud designed to fold AI agents and other non-human identities into existing enterprise identity governance. SailPoint characterizes AI agents as fast-acting systems that often lack clear ownership or consistent controls, a combination that makes shadow AI particularly dangerous. Agentic Fabric’s goal is to inventory AI agents, map them to human owners, govern their access and apply real-time authorization and protection, treating agents like any other identity alongside employees, contractors and service accounts. The company is pairing this with a Discovery Tool trial that can surface hidden agents and applications already operating in customer environments. Drawing on industry research from the Cloud Security Alliance and Gartner, SailPoint frames agentic AI security as a natural extension of identity governance, but one that must account for autonomy, ephemerality and delegation patterns beyond conventional IAM designs.
Okta and AWS Target Lifecycle Governance for Distributed Agent Ecosystems
Okta’s latest moves highlight how multi-platform AI deployments are reshaping AI agent identity management. The company has extended Okta for AI Agents to support additional agent ecosystems, any identity provider and access to any enterprise resource, positioning itself as a neutral identity backbone for the agentic enterprise. A centerpiece is its integration with Amazon Bedrock AgentCore from AWS, which provides identity lifecycle management for agent customers building on the cloud provider’s generative AI service. Okta says security and IT leaders need to understand where their agents live, what they can connect to and what they can do, even as agents span Salesforce Agentforce, ServiceNow, Google Vertex AI and more. Internal data cited by Okta suggests that 90% of enterprise agents are over-permissioned and most touch sensitive information, underscoring the need for consistent, vendor-agnostic AI agent access control and continuous governance across fragmented environments.
The Next Battleground: Policy, Ownership and Scale for Agentic AI Security
Taken together, Idira, Agentic Fabric and Okta for AI Agents show identity vendors racing to define the control plane for agentic AI security. The battle is shifting from simple user provisioning to questions of ownership, delegation and accountability: which human sponsors an agent, which data can it see, and how are its actions traced and revoked? Industry research cited by SailPoint and Okta points to explosive growth, with tens or even hundreds of thousands of agents expected per large enterprise. At that scale, manual, ad hoc controls break down. The emerging consensus is that AI agents must be treated as first-class identities, complete with lifecycle management, least-privilege policies and real-time monitoring. Enterprises that align their identity strategies around this model can harness agentic automation while containing risk, while those that delay may find their environments dominated by invisible, over-permissioned software actors.