More than 95% of organizations are planning to adopt and use AI agents in the next 12 months. The surge means that there will be a flood of digital identities with access, privileges and independence in enterprise systems. Every one of these identities exposes the enterprise to catastrophic risks if not controlled, secured and audited. Recent research found hundreds of secrets and access tokens published in publicly available AI extension packages. Investigations have also exposed how easy it is to poison ChatGPT connectors with malicious prompts that retrieve API keys and secrets.
"AI Agent identity security is a top cybersecurity concern," said former-NSA Director Admiral Mike Rogers, "AI Agents have an inherent design flaw in that they are aware of their own identities and credentials. When combined with their growing authorization to vast amounts of data across many workload environments, we get a constantly expanding attack surface."
Traditional tools built for static, human-centric environments can't keep up. Securing this new layer of autonomous access demands an identity model built for AI: dynamic, verifiable, and completely secretless. The Akeyless AI Agent Security solution includes multiple components to help enterprises safely adopt and securely use AI Agents.
AI Agent Security: A New "Secretless" Identity Model
AI agents that rely on static credentials expose enterprises to credential leaks, data breaches, and uncontrolled access. Akeyless SecretlessAI™, released recently, eliminates these risks by replacing embedded secrets with just-in-time, identity-based authentication that ensures secure, ephemeral access every time. Today, building on this foundation, Akeyless announced a slate of new capabilities to give enterprises a comprehensive AI Agent Security framework.
Akeyless AI Agent Identity Provider
Unverified AI agents operating across multiple clouds and on-prem environments can compromise data integrity, accountability, and trust. Akeyless AI Agent Identity Provider (IdP) empowers AI Agents to securely communicate with any resource in any environment using short-lived identities for authentication. Akeyless AI Agent IdP provides verifiable, federated digital identities for AI agents while enabling seamless authentication, authorization, and traceability everywhere they operate. Integrations with AWS, GCP, and Azure IAM framework as well as OpenAI, Google Gemini, Anthropic Claude, and Grok replace static API keys with dynamic credentials, while IDE plugins for VS Code, Cursor, and GitHub Copilot bring the same protections into developer workflows.
Akeyless AI Agent Privileged Access
Unmonitored AI agents with excessive privileges can take unauthorized actions and create hidden security gaps. Akeyless AI Agent Privileged Access Management (PAM) brings Zero Trust and least-privilege controls to autonomous operations, continuously monitoring and governing every action, and allowing users to shut down rogue agent misuse before it happens.
Akeyless AI Insights
Akeyless also introduced AI Insights™, an intelligent assistant that helps teams manage identity security with natural-language queries, instant reports, and automated risk detection. Working across AI agents, machines, and human access, AI Insights delivers real-time visibility into how identities are used and ensures efficient remediation of vulnerabilities that emerge.
"We are just scratching the surface of AI Agent adoption. There is no question about the fact that if unaddressed, AI Agents will be the leading cause of enterprise breaches" said Oded Hareven, CEO of Akeyless. "With the new AI Agent Identity security model and capabilities we announced today, enterprises can scale AI agents safely, without exposing their secrets, and operate with the agility modern environments demand."
Identity Security for Machines, AI Agents & Humans in a Single Platform
With the addition of AI Agent Security and AI Insights, Akeyless forges a comprehensive Identity Security Platform that secures AI agents, machines, and human access through a shared, zero-knowledge foundation. The platform provides Secrets Management, Certificate Lifecycle Management & PKI, Workload Identity Federation, AI Agent Security, Multi-Vault Governance, and privileged access under a common infrastructure and centralized control plane. Built on patented Distributed Fragments Cryptography™ (DFC™) and protected with quantum-safe encryption, the platform gives enterprises consistent control, visibility, and future-ready protection while reducing complexity and cost.
Identity Security - Unleashed for the AI Era
Akeyless will showcase its Identity Security Platform at Identity Security - Unleashed for the AI Era, a limited web series beginning November 6, 2025. The series will feature product demonstrations and discussions with industry leaders on securing non-human identities and unifying protection to move faster and with greater confidence in the AI era. Register here.
About Akeyless
Trusted by Global 2000 enterprises and industry leaders, Akeyless is redefining identity security for the AI era. The company's Identity Security Platform delivers comprehensive protection for machines, AI agents, and human identities through a single, cloud-native solution. Backed by leading cybersecurity investors including JVP, Team8, NGP Capital, and Deutsche Bank, Akeyless enables organizations to eliminate standing privileges and static credentials while simplifying identity management across all environments. For more information, visit www.akeyless.io.
Photo - https://mma.prnewswire.com/media/2808463/Akeyless.jpg
SOURCE Akeyless
Share this article