Keeper Security has extended agentic AI governance to its Endpoint Privilege Manager, letting organisations discover and govern AI agents.

Keeper Security has announced agentic AI governance for Keeper Endpoint Privilege Manager which launched earlier this year. The update extends policy enforcement to AI agents, positioning Keeper as a governance layer for both human and non-human identities across employee workstations and enterprise endpoints, and covers agent actions regardless of whether they run via Model Context Protocol, a direct API, or a local tool.

The release addresses a governance gap that has not kept pace with agent adoption. Gartner projects that the average global Fortune 500 enterprise will run more than 150,000 AI agents by 2028, up from fewer than 15 in 2025. IBM’s 2025 Cost of a Data Breach report found that 63% of organisations lack AI governance policies entirely, and 97% of those that suffered an AI-related breach lacked proper AI access controls.

Keeper frames this as an architectural problem: competing solutions govern only at the MCP layer, leaving non-MCP agent actions outside security policy.

Keeper Endpoint Privilege Manager instead enforces governance from the same installed endpoint agent that mediates human privilege requests, observing actions such as spawning child processes, writing to the filesystem, invoking a local shell, elevating OS privileges, or accessing sensitive files.

Governance runs on three new policy types — Agentic AI Policy, Agentic Access Policy, and Agentic Privilege Elevation Policy — layered onto existing Endpoint Privilege Manager controls plus a new approval control routing agentic actions to human reviewers. Known agents like GitHub Copilot, Cursor, Claude Code, and Amazon Q are recognised via a signed identity catalogue, while unknown agents are flagged through a proprietary zero-to-100 AI likelihood score, with a monitor-first lifecycle and unified audit trail supporting NIST AI Risk Management Framework compliance.

Darren Guccione, CEO and Co-founder of Keeper Security, said: “AI agents are not assistants; they are principals. Every agent running on an endpoint has an identity, requests access and takes actions on behalf of your organisation. If you are not governing them with the same rigour you apply to your human workforce, you have blind spots that adversaries will find before you do.”

Craig Lurey, CTO and Co-founder of Keeper Security, said: “AI agents operate with an alarming level of autonomy, creating an urgent security gap that organisations are scrambling to close. This update stops the emerging threat of autonomous AI in its tracks, allowing enterprises to adopt cutting-edge AI agents without opening the floodgates to catastrophic risk.”

Stay updated on crypto and AI by following our socials

Leave a Reply

Your email address will not be published. Required fields are marked *

Instagram