Veza, a leader in identity security, has introduced AI Agent Security, the first purpose-built platform for AI Security Posture Management (AI SPM), designed to help enterprises secure and govern AI agents at scale. Announced at the Gartner Identity & Access Management Summit 2025, the new product provides unified visibility, governance, and access control over both human and AI identities across the organization. Built on Veza’s Access Graph™, AI Agent Security offers a centralized view of AI agents across major platforms, enabling security teams to answer critical questions about agent behavior, data access, and risk exposure. This is especially vital as agentic AI becomes embedded in core business functions like security operations, software development, and customer support. The rise of AI agents brings new security challenges. Unlike traditional systems, these agents can be exploited through prompt injection attacks, where malicious inputs trick them into revealing sensitive data or performing unauthorized actions. These risks are heightened because even simple read access to public data—such as emails, calendar invites, or web forms—can be weaponized, creating a new class of threats. AI Agent Security helps organizations address these risks by delivering full visibility into AI agent identities, their connections to data and large language models, and their access rights. It supports the OWASP LLMSecOps framework by enabling continuous monitoring and governance of AI systems. Key capabilities include eliminating AI blind spots by discovering and classifying agents across the enterprise, enforcing the principle of least privilege by mapping the full scope of agent access, establishing clear governance through agent-to-human identity mapping, and ensuring compliance with regulations like SOX and NIST by providing real-time access audit trails. The platform integrates with major ecosystems including Microsoft, Salesforce, and AWS, allowing organizations to manage agent access, permissions, and accountability in complex, multi-platform environments. It also helps prevent shadow AI by tracking who deploys and manages agents, ensuring human oversight and reducing risk. “CISOs and CIOs are racing to deploy AI, but few have visibility or control over what these agents can actually do,” said Tarun Thakur, CEO and co-founder of Veza. “AI Agent Security brings order to the chaos by unifying discovery, governance, and control. In the end, all roads lead to identity—understanding who or what has access, and why.” By extending identity security to include AI agents, Veza is helping define AI SPM as a foundational discipline. The platform combines identity, configuration, and access intelligence to give security leaders a single, unified view of access across humans, machines, and non-human identities. AI Agent Security is now available to customers. For more information, visit Veza’s product page. The company, headquartered in Los Gatos, California, is backed by top investors including Accel, Bain Capital, Google Ventures, and NEA, and is recognized by GigaOm for its leadership in identity security.