AI Security - Entro Launches Governance for AI Agents
Basically, Entro Security created a tool to help companies control AI access better.
Entro Security has launched a new governance tool for AI agents. This solution helps organizations manage AI access effectively, addressing security challenges. With AGA, security teams can regain control and visibility over AI activities.
What Happened
Entro Security has unveiled a new feature called Agentic Governance & Administration (AGA), aimed at helping organizations manage AI agents and their access across various enterprise systems. As the use of AI assistants and agent platforms becomes more prevalent, the need for effective governance has never been more critical. AGA seeks to address this by returning to fundamental principles such as inventory, ownership, least privilege, auditability, and enforcement.
CEO Itzik Alvas emphasized that enterprise AI adoption often begins without a formal strategy. Instead, it starts with simple connections, like integrating a tool with a large language model (LLM) or authenticating an agent against platforms like SharePoint or Salesforce. This rapid spread of AI tools often leaves security teams scrambling to answer critical questions about who is connecting to what systems and with what permissions.
Who's Affected
Organizations that are accelerating their adoption of AI technologies will find AGA particularly beneficial. As AI agents become commonplace, security and identity teams face challenges in tracking and managing these agents effectively. With AGA, these teams can regain clarity and control over AI access, ensuring that they are aware of what agents are operating within their systems and the permissions they hold.
The introduction of AGA is timely, as many companies are integrating AI into their workflows without fully understanding the implications for security and governance. This tool aims to bridge that gap, providing a structured approach to managing AI access and ensuring compliance with security protocols.
What Data Was Exposed
While the article does not specify any data exposure incidents, it highlights the risks associated with Shadow AI—the unmonitored use of AI tools that can operate outside traditional security frameworks. AGA addresses this by providing visibility into the AI agents that are in use, including their access paths and the identities that power them. This structured oversight helps organizations identify potential vulnerabilities before they can be exploited.
AGA builds a comprehensive profile of AI agents by analyzing three layers: sources, targets, and identities. This approach allows organizations to keep track of where AI agents are running, what they can access, and which identities are involved in those interactions.
What You Should Do
Organizations should consider implementing AGA to enhance their AI governance strategies. This tool not only helps in discovering existing AI agents but also in monitoring their activities and enforcing policies around their use. By leveraging AGA, security teams can ensure that AI access is managed effectively and that any unauthorized activities are promptly addressed.
In addition, organizations should conduct regular audits of their AI systems to ensure compliance with security policies. This proactive approach will help mitigate risks associated with AI-driven access and maintain a secure environment as AI technologies continue to evolve.
Help Net Security