Entro Security has launched a governance product designed to help businesses track and control how artificial intelligence agents connect to corporate systems as companies struggle to understand what tools are being used, what data can be accessed, and what identities are behind them.
This product, Agentic Governance & Administration (AGA), is aimed at security and identity teams managing the increasing use of AI assistants, agent platforms, and locally run agents across enterprise environments.
This addresses issues that arise as organizations rapidly adopt AI tools. Access often begins with a simple connection made by a developer, employee, or business team, but monitoring those links can be delayed. As a result, security teams must determine which applications and systems AI agents can access, what privileges they have, and whether those privileges are still appropriate.
AGA applies established identity governance principles to AI-related access such as inventory, ownership, least privilege access, auditability, and enforcement. Entro argues that traditional identity governance tools are not fully compatible with AI agents. This is because the entity is often a service, local agent, or software process that uses a token, service account, API key, or secret, rather than a human user.
3 layers
The system combines three data sets: the source from which the agent is identified, the corporate target the agent contacts, and the ID used to access the agent to build what Entro calls an AI agent profile.
These sources include endpoint telemetry, agent development platforms, cloud environments where non-human identities are used, and MCP servers. Targets are enterprise applications, assets, and systems that agents interact with. Identities include human and non-human accounts and secrets used to authenticate access.
By integrating these elements, Entro aims to provide customers with a single view of how AI agents operate across their organizations, rather than treating endpoint activity, cloud behavior, and identity management as separate issues.
This is important because many AI deployments rely on non-human identities, such as service accounts, secrets, and machine credentials, rather than employee logins. In these cases, risks may rely less on a single user session and more on extensive OAuth permissions, integrations, data synchronization, and automated workflows.
Shadow AI
Some of the products are designed to reveal what Entro calls shadow AI. This includes unauthorized use of AI Software-as-a-Service products and large-scale language modeling tools, as well as locally running agents, workstation-based AI clients, agents created in the cloud, and agent-building platforms.
AGA integrates with endpoint detection and response tools to identify AI clients and local runtimes on employee devices. It also connects with agent foundries and cloud service providers such as AWS Bedrock and Copilot Studio to find agents and the non-human identities they depend on, such as OAuth applications, IAM roles, and service accounts.
The second part focuses on monitoring and enforcement. Entro said the product gives customers visibility into MCP activity, the tools agents call, and the services they connect to while running. It also provides policy controls over the behavior of authorized MCP targets and AI clients, as well as an audit trail of allowed and blocked activities, and controls aimed at reducing the exposure of sensitive data and secrets.
This approach reflects a broader shift in enterprise security, where detection alone is no longer sufficient. Security teams want to know not only that an AI tool exists, but whether it works within policy, whether access can be restricted, and whether activity can be reviewed after the fact.
Itzik Alvas, co-founder and CEO of Entro Security, said companies often try to answer fundamental questions only after AI adoption is widespread across departments.
“Enterprise AI adoption rarely starts with a strategy deck; it starts with connections,” said Itzik Alvas, co-founder and CEO of Entro Security. “A developer connects a tool to LLM, a team installs an AI app on SaaS, or someone authenticates an agent to SharePoint, GitHub, Salesforce, or an internal API. This works and is popular quickly, but security teams get questions they can’t answer fast enough.
“Who connected what, to what systems, with what privileges, and using what identity? As AI access becomes the default, our AGA helps teams regain clarity and control.”
This announcement highlights how identity management vendors are adapting to the proliferation of autonomous and semi-autonomous AI systems within large organizations. Traditional identity governance and management products were primarily designed around human users and established application access patterns. In contrast, AI agents can be deployed quickly, run continuously, and change their behavior and reach as teams add integrations to automate tasks.
For security teams, this creates governance challenges that span endpoint security, cloud visibility, and identity management. Entro’s new product aims to bring these elements together as organizations look to put guardrails around the use of AI without blocking its adoption entirely.
AGA is now available as part of the Entro platform. Entro positions it as a way for security and identity teams to map AI connections, verify permissions, and enforce policies as the use of AI expands across enterprise systems.
