Keeper Security has extended its zero-trust governance framework to autonomous AI agents, updating Keeper Endpoint Privilege Manager to treat AI agents running on employee workstations the same way it treats human users — with identity verification, access policies and a full audit trail.
The update, announced on 13 July, targets a growing blind spot as enterprises deploy AI agents faster than their security tooling can track them. Keeper Security said the feature governs every action an agent takes on an endpoint, regardless of whether it operates through Model Context Protocol (MCP), a direct API, a local tool, or any other path — a broader scope than governance tools that monitor only MCP traffic.
Governance gap widening as agent adoption accelerates
Gartner projects that the average global Fortune 500 enterprise will run more than 150,000 AI agents by 2028, up from fewer than 15 in 2025. Yet IBM’s 2025 Cost of a Data Breach report found that 63 per cent of organisations have no AI governance policy at all, and among those that suffered an AI-related breach, 97 per cent lacked proper AI access controls.
“AI agents are not assistants; they are principals,” said Darren Guccione, CEO and co-founder of Keeper Security. “Every agent running on an endpoint has an identity, requests access and takes actions on behalf of your organisation.”
Detecting agents that already run on the network
Keeper Endpoint Privilege Manager identifies both known and unknown AI agents on managed endpoints. Recognised tools — including GitHub Copilot, Cursor, Claude Code and Amazon Q — are matched against a signed catalogue of agent identities. Unrecognised applications are scored zero to 100 by a proprietary detection algorithm; anything crossing a configurable threshold automatically falls under agentic AI policy, without requiring a signature update or manual classification.
Governance runs on three new policy types layered onto Keeper’s existing endpoint controls: an Agentic AI Policy governing who can run agents, an Agentic Access Policy governing what agents may touch, and an Agentic Privilege Elevation Policy governing how agents request administrative rights. A monitor-first mode lets organisations observe agent behaviour before switching on enforcement.
Built for compliance as well as containment
“AI agents operate with an alarming level of autonomy, creating an urgent security gap that organisations are scrambling to close,” said Craig Lurey, CTO and co-founder of Keeper Security. “This update stops the emerging threat of autonomous AI in its tracks.”
The unified audit trail is designed to help security and compliance teams map agent behaviour to regulatory obligations, including requirements under the US National Institute of Standards and Technology’s AI Risk Management Framework. The release also adds an AI agent visibility dashboard, a workload view, dedicated agentic AI groupings, and automatic agent updates with version control.
Agentic AI governance is available now with Keeper Endpoint Privilege Manager, standalone or as part of the KeeperPAM platform. Existing customers can request activation through their Keeper customer success team.



Share your thoughts