AI Agent Governance Becomes a Prerequisite for Scale
AI agent governance is the set of controls, monitoring practices, and policies that manage how autonomous software agents access systems, make decisions, and act on behalf of an organization in production environments. As enterprises move from pilots to widespread AI agent deployment, this governance layer is turning into a hard requirement, not a best practice. Most organizations now run multiple agents that draft code, trigger workflows, and interact with critical data. Those same agents often rely on inherited human credentials or ad hoc API keys, leaving security teams blind to who—or what—is doing what inside their systems. The result is a growing tension: business leaders want faster automation, while CISOs warn that existing identity access management and monitoring tools were built for humans, not autonomous software that can operate continuously and at machine speed.
Willow Targets the Fastest-Growing, Least Governed Attack Surface
Willow is positioning itself as an agentic access governance layer for this new environment. The startup emerged from stealth with USD 7 million (approx. RM32.2 million) in seed funding to give enterprises visibility and granular control over how AI agents connect to internal systems and SaaS tools. According to Willow, 79% of companies have introduced AI agents, 73% are running multi-agent systems, and 65% have reported agent-related incidents in the past 12 months. Willow plugs into popular systems used by Claude, ChatGPT, Cursor, Gemini, and Codex, exposing more than 1,000 pre-built connectors already deployed across over 5,000 employees at its design partner. Its value proposition is clear: list every agent in use, see which systems each can reach, monitor risky or unauthorized integrations, and apply scoped permissions so agents can perform tasks without gaining unchecked access to everything an end user can touch.
Opal Security Extends Identity Governance to Agents and Services
Where Willow focuses on agent entry points and connectors, Opal Security is widening the scope of identity governance to cover humans, services, and AI agents in one access graph. The company raised USD 23 million (approx. RM105.8 million) to grow its AI-native access governance platform and expand its leadership team. Opal already supports customers such as Databricks, Notion, Cloudflare, and Scale AI, and Databricks alone runs 86,000 just-in-time access requests through the platform. Opal treats agents as first-class identities, applying the same reviews, ownership models, and policy-as-code controls that it uses for employees and service accounts. Instead of broad, standing privileges, the platform encourages short-lived, task-based access and revokes permissions as soon as they are no longer needed. This approach aims to contain the "blast radius" when an AI agent misbehaves or when a workflow goes wrong, while still allowing teams to automate more of their operational work.
Coralogix Bets USD 200M on Autonomous Agent Monitoring
While Willow and Opal focus on identity access management and governance, Coralogix is scaling the observability side of autonomous agent security. The company secured USD 200 million (approx. RM920 million) in a Series F round, valuing it at USD 1.6 billion (approx. RM7.36 billion). The funding will accelerate AI product development, security offerings, and expansion as customers use Coralogix to monitor AI-driven systems. More than half of its enterprise customers already use either Coralogix’s own AI agent, Olly, or their own models via command-line interfaces to investigate incidents. CEO Ariel Assaraf describes this shift as eroding the traditional dashboard: instead of staring at charts, engineers ask an AI to explain anomalies, trace failures, and suggest fixes. For AI agents that might trigger thousands of actions per minute, this kind of enterprise AI monitoring is critical to understand behavior in production and detect failures before they cascade.
Security Infrastructure Becomes the Gatekeeper for Agentic AI
Taken together, Willow, Opal Security, and Coralogix show how security infrastructure is becoming the gating factor for enterprise AI agent deployment. Identity governance platforms now need to handle human users, non-human service identities, and agentic AI systems as a single fabric, while monitoring layers must track not only logs and metrics but also the behavior of autonomous workflows. Without this stack, enterprises face an “all or nothing” choice: lock AI down and lose productivity gains, or allow agents broad access and hope there are no costly incidents. The emerging pattern is more nuanced. AI agents get scoped, just-in-time access through platforms like Opal, operate through controlled connectors managed by Willow, and are watched in production by tools such as Coralogix. As that architecture matures, security teams move from blocking AI projects to defining the guardrails that make scaled adoption acceptable.
