Identity, authorization, and least-privilege access for AI agents — per-task permissions, just-in-time access, and policy-as-code.
6 solutions listed • part of the Guardion AI Security Index
Policy-as-code platform that now includes specialized authorization for AI agents and tool calls.
Okta secures AI agents as first-class identities: Auth for GenAI (via Auth0) provides Token Vault, async human-in-the-loop authorization, and fine-grained RAG access, while Okta for AI Agents manages agent lifecycle. Its Cross App Access (XAA) protocol extends OAuth/OIDC so identity providers govern agent-to-app connections, with 25+ adopters including Anthropic, Atlassian, and Slack.
A protocol-aware reverse proxy that parses 15+ wire protocols — Postgres, MongoDB, Snowflake, SSH, Kubernetes, S3, and MCP — and enforces least-privilege policies inline at query level. In 2026 it positions as AI-native PAM, proxying agent access to data stores with PII masking and tool-call blocking. Backed by Thrive Capital and Y Combinator; AARM Core conformant.
Agent security and AI governance platform (formerly Javelin) that issues verified agent identities, authorizes every action inline, and maps decisions to EU AI Act, NIST AI RMF, OWASP, and MITRE ATLAS. Its DeepContext multi-turn guardrail model and 150+ runtime detectors target agentic attack patterns; ZeroID identity core is open source (SPIFFE/OIDC). AARM Core conformant.
Modern PAM solution that provides just-in-time access management for AI agents and humans.
Deterministic identity and access stack for AI agents, enabling per-task permission boxes.