Generative AI brought with it its share of security concerns, from data exposure and jailbreaking to arming bad actors with tools to accelerate and enhance their attacks. And the new era of AI agents only ups the ante.
“Jailbreaking becomes far more serious when AI systems move from generating responses to taking action,”
Duncan Greatwood, CEO of
Xage Security, told MSSP Alert. “In a consumer chatbot scenario, a jailbreak may result in inappropriate outputs. In an agentic AI environment, however, a manipulated agent may have the ability to access critical data or systems, trigger workflows, or execute commands. That dramatically increases the potential impact.”
Given that, cybersecurity vendors are rolling out new
tools and
platforms aimed at building strong security around agents, often using agents as key parts of the solution.
Xage this week added new capabilities to its Zero Trust for Artificial Intelligence platform that aim to provide deep visibility into AI agents' interactions and greater control as they run their autonomous tasks across distributed and hybrid environments.
The company introduced two new components – Xage Agent Sentry and Xage Resource Gateway – that together let organizations see exactly what agents are, stop unauthorized access, and keep detailed logs for governance and audits. Agent Sentry monitors everything that goes into and out of an agent, while Resource Gateway protects critical resources by determining how AI systems interact with them.
Agentic AI security challenges
Such controls are needed for agents, which Greatwood said bring with them new security challenges given their ability to not just respond to prompts but also take autonomous actions.
“They can modify configurations, trigger workflows, interact with systems and applications, and execute changes at machine speed,” he said. “Security teams now have to govern autonomous non-human identities operating across cloud, edge, operations, and data centers. That creates new concerns around trust, authorization, accountability, and containment, especially as organizations begin giving AI agents the ability to direct operational systems and processes.”
The new functions in Xage AI platform ensure that in this zero-trust environment, AI agents are treated as first-class identities – continuously authenticated, authorized, and governed.
They also track the chains of interactions that are common in AI to ensure the right entitlements are used at each step throughout the operation. With this, organizations can establish trusted agent identities, enforce least-privileged access, and stop privilege escalation by users or agents. Actions are validated against policy, and visibility is maintained.
The shadow AI worry
It also helps put the brakes on shadow AI or rogue agents operating outside of governance and security controls, so organizations can identify agents, systems they can access, and actions they’re allowed to take.
Xage’s platform “goes far beyond prompt guardrails,” the CEO said. “It closely watches actual agent actions – not just the prompt, not just the response, but the actual action being taken by the agent behind the scenes – and will block actions that the agent is not authorized to take.”
MSSPs at the AI storm's center
As organizations increasingly rely on MSSPs to operationalize their AI security capabilities across IT and cloud environments, the service providers will need such tools for everything from identity management, policy enforcement, monitoring, and breach containment.
“That creates a significant opportunity for MSSPs to become strategic for AI security, governance, and resilience,” Greatwood said. “As AI agents become operational participants inside enterprise environments, MSSPs will increasingly help organizations manage agent identities, monitor for anomalous behavior, define policy and validate compliance, and contain potential misuse or compromise.”
MSSPs that can help organizations implement visibility, governance, and controls in operationally sound ways and at scale will be well-positioned as long-time partners for clients as AI adoption and innovation expand.
AI agent adoption expanding
That will be important as enterprise adoption of agentic AI continues to grow. According to global consultancy
Capgemini, adoption of agents is accelerating, but corporate maturity is still low. According to a survey, 2% of organizations surveyed said they have deployed agents at scale and 12% at partial scale, with 23% saying they’ve launched pilots. Another 61% are exploring deployment, and 15% of business processes will likely reach semi- or full autonomy by next year.
According to
Microsoft, more than
80% of Fortune 500 companies use AI active agents, but even with such adoption, risks like shadow AI remain. In a report, Microsoft found that 29% of employees have used unsanctioned AI agents for tasks at work.
“Like human employees, an agent with too much access – or the wrong instructions – can become a vulnerability. When leaders lack observability in their AI ecosystem, risk accumulates silently,” Microsoft executives wrote.
That’s a point Xage is making, Greatwood said.
“Just as zero trust evolved to secure users, devices, and workloads, the next phase is applying those same principles to autonomous AI agents,” the CEO said. “Xage is helping organizations operationalize that transition in a way that aligns security, governance, resilience, and control.”
