CyberArk releases identity security solution for AI agents

CyberArk announced the CyberArk Secure AI Agents Solution, which will allow organizations to implement identity-first security for agentic AI using the CyberArk Identity Security Platform.

The solution will help organizations mitigate new and unique identity-centric risks as AI agents autonomously communicate with other agents, access sensitive information, escalate privileges, interact with critical infrastructure, and modify their behaviors to accomplish complex tasks.

According to Gartner, “By 2028, 25% of enterprise breaches will be traced back to AI agent abuse, from both external and malicious internal actors.”This new, growing attack surface is tied to the emergence of a new, complex class of digital identities: AI agents that act like humans in their autonomy, but like machines in their ability to scale exponentially. Managing and securing the privileged access, lifecycles, and orchestration of agents goes beyond prompt security to become an identity security challenge that demands a defense-in-depth approach.

“When millions of autonomous, adaptable, and interactive AI agents gain privileged access to resources and services, organizations must not find themselves in a situation where security has lagged innovation. Relying solely on basic identity and access management controls will leave organizations vulnerable to breaches they won’t see coming,” said Matt Cohen, CEO at CyberArk,

“Agents must be secured on day one by combining the principles of human identity security with the scalability and automation of machine identity security. With CyberArk, organizations can plan for an identity-first model to secure the future of agentic AI, unlocking innovation while maintaining control, trust and resilience,” added Cohen.

The CyberArk Secure AI Agents Solution will leverage the breadth of intelligent privilege controls offered by the CyberArk Identity Security Platform built to secure the full spectrum of identities across every environment to treat each agent as a privileged, autonomous identity subject to continuous discovery, oversight, and adaptive control. By offering these capabilities natively, the solution will match the pace of innovation inherent to the agentic workforce. The Secure AI Agents Solution will enable:

• Discovery and context to provide observability into known and shadow agents across SaaS applications, off-the-shelf and custom agents, and agentic infrastructure.
• Privilege control: secure access management, enforcing least privilege and managing credentials – such as secrets and certificates – for agents with privileged access.
• Privilege control: threat detection & response for real-time behavioral monitoring to detect drift and prevent misuse.
• Automated lifecycle management tohelp eliminate stale or excessive access, securely onboarding and offboarding the entire agentic population as needed.
• Governance to ensure AI Agents operate in compliance with organizational and regulatory requirements.

In parallel, CyberArk has launched a new open-source security toolset for developers building AI agent environments. Available on the CyberArk GitHub account, the CyberArk Labs AI Agent Tool Set is designed to assist developers in creating AI agents by providing a view of how they communicate and highlighting potential risks that might require attention. It also includes just-in-time credential provisioning to enhance security and streamline development.

Complementing the capabilities of the new solution is CyberArk CORA AI, the platform’s embedded AI engine. CORA AI helps secure agentic AI and also uses AI to improve security across the board. It analyzes user and agent behavior, detects emerging threats, recommends automated response actions, and enables administrators to interact with the platform using natural language commands, simplifying operations and accelerating response.