Surfacing shadow AI agents, MCP servers, and NHIs through multi-layered discovery, with enforced control over agent access and actions.

SAN FRANCISCO, March 23, 2026 /PRNewswire/ -- Astrix Security today announced a major expansion of its AI agent security platform at RSA Conference 2026, covering every layer where AI agents operate in the enterprise: from managed AI platforms to shadow deployments running on managed devices, detecting both agent existence and unauthorized access to enterprise resources, and enforcing policy over what agents are allowed to do.

AI governance programs are not built for the speed at which agents are being deployed. Like third-party risk committees that never kept pace with shadow SaaS adoption, governance processes operate on review cycles measured in weeks while agents are deployed in minutes. By the time a review is completed, an agent may already be running in production with access to critical systems, no security review on record, and no mechanism to enforce what it's permitted to do. Visibility without control leaves the risk in place.

Comprehensive AI Agent Discovery

Astrix's four-method discovery architecture is built to surface every AI agent (sanctioned and shadow alike), MCP server, and non-human identity (NHI) across the enterprise stack, with the context needed to act on the risk each one carries.

Astrix discovery works across four distinct methods:

• Method 1 — AI Platform Integrations. Astrix connects directly to AI platforms across the enterprise, surfacing every registered agent and MCP server. Covered platforms span every major category of agentic infrastructure: enterprise AI assistants and copilots, cloud-native AI services, developer agent frameworks, and agentic automation platforms, including Microsoft Copilot, Amazon Bedrock, Google Vertex, OpenAI, and Salesforce Agentforce.
• Method 2 — NHI Fingerprinting. Agents that were never registered in any AI platform still leave traces. Every agent authenticates using an NHI: an OAuth app, service account, API key, or PAT. Astrix monitors the NHI layer across cloud infrastructure, identity providers, SaaS platforms, and DevOps tools, detecting agents from the credentials they use, including those with admin-privileged access to critical resources. The identity layer is the definitive record of what an agent can reach and the most reliable place to shut down unauthorized access.
• Method 3 — Sensor Telemetry. Astrix reads from endpoint detection and responses (EDRs) including CrowdStrike, SentinelOne, and Microsoft Defender, network sensors including FortiGate, browser extensions, and others, reaching agents and MCP servers that never touch a platform integration, including locally-running agents inside IDEs like Cursor. No additional deployment required.
• Method 4 — Bring Your Own Service (BYOS). For proprietary, homegrown, or non-standard services, BYOS extends discovery beyond the catalog. No agent or service falls outside the inventory.

All four of these data sources feed into the Astrix Platform, mapping every discovered AI agent and MCP server to the NHIs it operates under, the credentials it holds, the resources it can reach, and the human owner accountable for it. Risk is scored automatically and remediation is prioritized by access scope and blast radius.

Discovery does not stop at inventory. Astrix continuously monitors agent behavior at runtime, detecting anomalous access patterns, unauthorized actions, and credential misuse as they happen, so security teams are not responding to breaches after the fact, but catching the signals that precede them.

Agent Control Plane (ACP): From Visibility to Enforcement

Knowing what agents exist is not enough. Astrix has also extended its Agent Control Plane (ACP) with Agent Policies, a real-time policy engine that gives security teams direct control over what AI agents are permitted to do. Teams can now define "allow, flag, and block" rules scoped by user, department, agent platform, and resource type. Policies are evaluated before an action executes. A default shadow AI policy ensures unrecognized agent activity is always flagged.

This moves enterprises from discovery to enforcement: from knowing agents exist to controlling what they can do. Combined with Astrix's four-method discovery architecture, Agent Policies fills the final gap from finding every agent across the enterprise to governing what each one is permitted to do.

"Shadow AI agents are not a theoretical problem. Before security knows an agent exists, it already has access to sensitive data and production operations with no owner on record," said Idan Gour, President and Co-Founder, Astrix Security. "Agents don't just read anymore. They write, delete, and execute across systems. Discovery tells you what's there and what it can reach. Policy enforcement tells you what it's allowed to do. That full arc, from finding every agent to controlling every action, is what a real agent control plane looks like. That's what we're building."

A complete agent inventory and real-time policy controls are also the foundation for enterprise AI productivity. Without knowing what agents they have and governing what those agents can do, enterprises can't decide which ones to trust, which to scale, or how to turn isolated AI deployments into something the whole organization can build on.

Astrix is demonstrating the full AI agent discovery and security capabilities, and all of its product innovations at RSA 2026, Booth #4225. Teams can also attend the Hands-On MCP Security Workshop on March 24–25 or the Executive Connections Breakfast on March 24. Register or book a demo at astrix.security.

About Astrix Security
Astrix secures the full lifecycle of AI agents and the Non-Human Identities (NHIs) that power them, extending traditional IAM to govern the modern AI attack surface. While agents and other NHIs outnumber humans 100:1, they remain under the radar, creating the biggest blindspot in our identity perimeter. Astrix provides a unified solution for the continuous discovery of all AI agents and NHIs, secure and remediate excessive privileges, real-time threats, and adoption of new agents responsibly with 'secure by design' guardrails like Agentic just-in-time access. Enabling our customers to responsibly adopt and accelerate productivity. Trusted by leading enterprises including Workday, NetApp, Priceline, Figma, Hubspot, Workato and many more.

Contact:
Kayla Armstrong
kayla@beyondtrendingpr.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/astrix-security-delivers-the-most-comprehensive-ai-agent-discovery-and-enhances-security-with-agent-policy-enforcement-302719653.html

SOURCE Astrix Security