Description

SailPoint has launched Agent Identity Security, enabling you to discover, secure, and govern AI agents with the same rigor as human identities. SailPoint unifies AI agents and human identities in one control plane, ensures AI agents are owned and reviewed, and that no human can gain more access through them.

Problem

Today’s workforce is a blend of AI agents and human employees. Most organizations lack a strategy to define roles, responsibilities, and governance for digital workers. Unlike humans, AI agents rarely have standardized onboarding, access controls, or compliance oversight. Without clear processes to grant, monitor, and audit their access, enterprises risk misalignment, over-permissioning, and regulatory exposure. As AI agents become first-class members of the workforce, this gap becomes critical to close.

Solution

Agent Identity Security delivers comprehensive governance and security outcomes for AI agents—enabling organizations to aggregate, create, assign, certify, and govern identities within a single platform.

AI agent aggregation & identity creation Directly connect to AWS, Azure, Google Cloud Platform (GCP), and other environments to onboard AI agents into Agent Identity Security. Each agent is registered with a unique identity enriched with full business and access context, enabling rapid governance and security from day one.

Ownership & succession planning Assign one or multiple human owners to every agent to ensure accountability. Establish structured succession planning so oversight continues seamlessly, even as roles change.

Certification & review Easily review AI agents’ access on a recurring basis and revoke inappropriate permissions as needed to reduce risk.

Tool governance Govern AI agents’ service accounts from creation through retirement, ensuring consistent policies across their entire lifecycle.

Audit & traceability Maintain a full access history and certification trail for every AI agent. Simplify investigations, support compliance requirements, and reduce risk by enabling transparent accountability across agent actions.

Who is affected?

Business and Business+ customers who are interested in licensing Agent Identity Security as an add-on capability.

Action Required

For additional setup details, please refer to our Getting Started Guide for AIS.

Important Dates

Additional Resources

• Managing Identities - SailPoint Identity Services
• SailPoint Customer Agreements Definitions and Additional Terms
• AI agents: The new attack surface - Exclusive report | SailPoint
• Infographic: Top 9 AI agent security challenges | SailPoint
• Webinar: Future-proof identity security: Unified and AI-driven by design

We want customer input on the Agent Identity Security!

Customers can meet with SailPoint’s Product Management team to learn about AIS and share their use cases! Use this Calendly link to schedule with us. During the meeting, you can expect:

• An overview of Agent Identity Security and its roadmap.
• An opportunity to advocate for your organization’s agent governance use cases.
• Kirby Fitch will ask lots of questions to inform roadmap prioritization and product requirements.

Hi Kirby, thanks for the update! We cannot reach the link for this guide, looks like its on internal SailPoint Confluence.

This is just another type of Machine Identity, like Application, right?

Hi Patrick,

Yes, AI Agents are a type of Machine Identity. Agents have unique properties like agentic tools and collaborative agents that you’ll hear about in upcoming releases. Stay tuned!

Hi Leonardo, we removed the link for now. We’re working to get it published somewhere you’re able to get to it.

CC @Sesche2

Hi @kirby_fitch Can this manage the lifecycle of an AI agent? i.e. disable/enable/delete an AI agent that is aggregated from an external source
OR
Are the operations read only on agent sources including AWS Bedrock AgentCore, Azure AI Foundry, and Google Cloud Project Vertex AI?