Zscaler unveils tools to secure autonomous AI agents

Zscaler has introduced new security products for agentic artificial intelligence, extending its Zero Trust Exchange platform.

The update includes AI Broker, designed to secure communications between AI agents, models and tools, and Endpoint AI Security, aimed at threats on employee devices from browsers, extensions, plugins and local AI tools.

Zscaler also expanded its AI Protect offering with new functions for AI asset management, controls over AI interactions, and testing for security risks across development and deployment.

The moves come as companies shift from testing AI tools to deploying autonomous agents more widely in day-to-day operations. That change is raising security questions about how those agents access data, interact with applications and communicate across organisations.

Traditional security tools were built around human users and predictable access patterns, according to Zscaler. Autonomous agents create a different challenge because they can act on behalf of users or independently, create short-lived identities, launch sub-agents and tasks, and use permissions at machine speed.

New controls

AI Broker includes an Agent Registry intended to give organisations visibility into what each agent is allowed to access and to apply detailed access controls across enterprise AI agents. It also secures agentic communications through MCP and A2A brokers, Zscaler said.

Endpoint AI Security focuses on activity on employee devices, reaching into browser, extension and plugin layers that many existing endpoint security tools do not closely monitor, according to the company.

Zscaler also introduced AI Access Graph, which maps links between identities, applications and data sources across an organisation. The technology comes from its acquisition of Symmetry Systems and is being integrated with Zero Trust Exchange.

The graph is designed to show which agents, users and identities are communicating with which models, applications and data sources. That visibility can help organisations enforce policies, reduce unnecessary access and track data lineage in real time, Zscaler said.

Broader expansion

Within AI Protect, Zscaler detailed changes across three areas. In AI asset management, it added tools to discover embedded AI in software-as-a-service and internet traffic, identify AI agents and MCP servers in public cloud environments, scan codebases for agentic risks, and extend visibility to AI activity on endpoints.

For secure access to AI, the company expanded controls for AI interactions with prompt extraction across more than 250 generative AI applications. It also added full conversational views, support for Anthropic and OpenAI compliance APIs, and guardrails for multi-turn conversations.

In secure AI infrastructure and applications, Zscaler added AI red teaming for MCP servers, a standalone prompt hardening service, and compliance heat maps intended to strengthen governance.

Jay Chaudhry, Chairman and Chief Executive Officer of Zscaler, outlined the company's view of the market shift.

"Traditional security was never designed for millions of autonomous agents that act and reach sensitive data at machine speed," said Chaudhry.

"We pioneered Zero Trust Exchange to secure users, branches and cloud workloads, and now we are innovating to extend Zero Trust security to AI agents. Now enterprises are not held back from rolling out agents everywhere," said Chaudhry.

The launch reflects a wider push by cybersecurity suppliers to adapt products to AI use inside large organisations. As businesses embed AI into software development, workplace tools and internal workflows, security teams are being asked to monitor not only human access but also software agents acting independently.

That is especially relevant for governance and compliance teams that need to understand where data goes, which systems an agent can reach, and whether those interactions match company policy. The challenge grows when AI tools are spread across cloud services, endpoints and third-party applications.

John Israel, Global CISO at KPMG, pointed to the need for visibility into data movement and agent interactions.

"Managing data security is no longer just about building high walls; it is about scaling visibility and treating data as a highly active, strategic asset," said Israel.

"As businesses scale their use of AI agents to optimize operations, having a unified, zero-trust framework to trace data lineage and govern agent-to-agent interactions is paramount to maintaining trust, compliance and competitive advantage," said Israel.

Zscaler said its platform operates across more than 160 data centres globally and is used by large businesses, critical infrastructure organisations and government agencies.