Veza has announced a major expansion of its identity security platform with the introduction of Veza Access Agents, purpose-built AI agents designed to automate identity and access governance across modern enterprises. The company also introduced new enhancements to its AI Agent Security capabilities, giving organizations deeper visibility and control over third-party AI agents, large language models (LLMs), and AI-powered applications operating within enterprise environments.
As enterprises accelerate the adoption of agentic AI technologies, managing identity-based access across humans, machines, and AI agents has become increasingly complex. With this launch, Veza aims to simplify identity governance and security operations by enabling organizations to monitor and control permissions at scale through automation and intelligent reasoning.
“Identity is a foundational element in security, especially in the era of autonomous AI. We are on the cusp of having trillions of AI agents. And we believe that identity Security for AI Agents is an unsolved problem,” said Tarun Thakur, Co-Founder and CEO of Veza. “Veza’s Access Graph harnesses the power of identity and permissions data across enterprise systems, to help organizations understand who and what can access what data. This enables enterprises to visualize, govern, and manage access across humans, non-human identities, and AI agents to data. With the introduction of Veza Access Agents, we are shifting the burden of access security and access governance tasks from a manual effort to intelligent, automated reasoning – this lays the foundation to enforce deterministic policies for agents at machine speed towards our vision of Veza as the Enterprise Agent Identity Control Plane.”
Automating Identity Governance with Veza Access Agents
The newly introduced Veza Access Agents are built on the company’s Access Graph technology, which maps relationships between identities, permissions, and enterprise systems. By combining this data model with AI-powered automation, Veza enables identity and access management (IAM) teams to query, analyze, and govern permissions more efficiently.
The solution runs on enterprise-grade infrastructure powered by AWS Bedrock, allowing the platform to dynamically select the most suitable AI models for various tasks while maintaining compliance and accuracy.
The initial set of Access Agents currently available in early access includes:
- Prompt Agent: A conversational interface that allows teams to use natural language queries to investigate identity risks and access relationships across systems.
- Access Search Agent: A tool that simplifies permission analysis by enabling users to visualize entitlement relationships across human and machine identities.
- Access Review Agent: A capability that prioritizes high-risk access review tasks and helps reduce reviewer fatigue by applying AI-assisted reasoning to decision workflows.
Also Read: Brinqa Unveils AI Agents to Transform Continuous Exposure Management for Enterprise Security
Expanding AI Agent Security for Enterprise Environments
In addition to launching Access Agents, Veza has expanded its AI Agent Security functionality to help organizations secure external AI agents and supporting infrastructure. These updates are designed to address emerging identity security risks introduced by semi-autonomous AI systems.
According to research cited by the company from Gartner, more than half of enterprise AI initiatives could stall by 2028 due to unresolved challenges related to agentic identity governance.
To address this challenge, Veza’s updated platform introduces several new capabilities, including:
- Expanded Tool Discovery: The platform now identifies granular tools and actions that AI agents can execute within connected applications, providing deeper insight into how agents interact with enterprise systems.
- Suggested Owner Agent: This feature automatically maps AI agents and service accounts to human owners to establish accountability and reduce the risks associated with shadow AI.
- AI Blast Radius Visualization: Using the Access Graph, organizations can quantify the potential impact of each AI agent, including the sensitive data and system resources it can access.
- AI Security Posture Management (AISPM): Continuous monitoring detects misconfigurations and excessive privileges across AI infrastructure while aligning risk analysis with the NIST AI Risk Management Framework.
- AI Agent Security Dashboard: Built-in dashboards help enterprises monitor agent sprawl, dormant identities, and permission drift while enabling automated remediation workflows through integrations with IT platforms such as ServiceNow or Jira.
Built for Enterprise Compliance and AI Governance
The updated platform is designed to meet enterprise compliance and security requirements while supporting both SaaS and dedicated tenant deployments. By leveraging AWS Bedrock and hybrid deployment options, Veza ensures organizations can deploy AI governance capabilities while maintaining full visibility into authorization and access activities across their environments.
Additionally, Veza Access Agents provide administrators with transparency by documenting the tools and APIs used to generate responses or security insights, enabling teams to maintain auditable records of AI-driven decision processes.
