Permiso Security, the unified identity security platform, today announced AI agent runtime security capabilities that give security teams the ability to discover every agent in their environment, managed or shadow, and maintain continuous visibility into agent runs, events, tool calls, and data access across agents, sub-agents, MCP servers, and the underlying infrastructure those agents operate on. Autodesk, a Fortune 500 design and engineering software company, is deploying the capabilities to secure AI agents operating across its products, global workforce, and cloud infrastructure.
“Autodesk is investing significantly in AI across our workforce, infrastructure, and products. Permiso Security was already our security platform for Identities, so the natural next step was to partner with them for Agentic AI Identities. Permiso gave us the ability to discover agents across our environment, maintain a full registry, attribute actions to an initiating identity, and monitor all events, runs, and tool calls touching our systems. This is non-negotiable when you’re securing enterprise AI at scale. In the agentic era, visibility and threat detection are what allows us to move fast.”
– Sebastian Goodwin, Chief Trust Officer, Autodesk
Agents are making autonomous decisions, calling external tools and MCP servers, spawning sub-agents, and interacting with downstream data stores and systems at machine speed, often without human oversight. Most security teams cannot answer fundamental questions about their agent environment: how many agents are running, what identities they are using, what tools they are calling, or what data they are accessing.
Most of the market is solving for posture: where agents are, how they authenticate, what permissions they hold. Posture matters. But posture is a snapshot. Agents operate in real time, making context-dependent decisions across tools, data stores, and downstream systems in milliseconds. The security question that actually keeps security professionals up at night is not what an agent is allowed to do, it is what it is doing right now, and whether you can stop it.
Traditional identity providers lose visibility the moment an agent authenticates, and NHI security vendors are treating agents like static machine identities when agents actually behave more like humans in their credential usage, logging in as the users who deployed them and making context-dependent decisions in real time.
“The market is full of vendors claiming they can prevent AI agent security incidents. As someone who has spent decades in the security industry, I can tell you that’s not possible. You are putting a deterministic capability on a non-deterministic brain. Agents will do things they were not supposed to do. The question is whether you have visibility into every run, every tool call, and every piece of data an agent touches to detect when it happens, and the controls to contain it. That is what we built.”
– Jason Martin, Co-Founder and Co-CEO, Permiso Security
How it Works: Permiso’s AI Agent Runtime Security
Purpose-built for the specific challenges agents create: non-deterministic behavior, dynamic tool usage, inherited credential chains, and runtime activity that traditional security tools were never designed to monitor. The platform delivers agent runtime identity attribution and agent behavioral anomaly detection across the full agent lifecycle, from the moment an agent is born in a code repository through deployment, runtime operation, and containment. The six core capabilities include:
- Agent and session discovery that inventories every AI agent, sub-agent, builder, model, and user across cloud, SaaS, IdPs, and code environments, including agents running in Lambdas, containers, and VMs that traditional identity tools cannot see.
- Identity attribution at runtime that ties every run, event, tool call, and MCP invocation to a specific human, non-human, or AI identity, visualized through Permiso’s agent graph and preserved as a complete audit trail.
- Tool, data, and infrastructure observability captures what tools an agent called, what MCP servers it connected to, what data it accessed, and what downstream systems it reached.
- Runtime detection of over-privileged access, unused permissions, anomalous tool usage, policy violations, and high blast radius behavior, surfaced in the same alert module security teams already use for human and non-human identity threats.
- Behavioral skill sandboxing of new and existing agent skills.
- Identity-first controls including least privilege recommendations based on actual agent behavior, approval gates for high-risk actions, and kill switches that operate at machine speed.
These capabilities are informed by years of AI-specific threat research from Permiso’s P0 Labs team, including the discovery of LLMjacking attack techniques, cross-prompt injection vulnerabilities in enterprise AI copilots, and analysis of malicious AI agent skills across public marketplaces.
“Every enterprise we talk to is deploying AI agents. Almost none of them can tell us how many agents are running, what identities those agents are using, or what MCP servers they are calling. We are not asking customers to buy a new product. We are extending the platform they already trust to cover the fastest-growing and least-governed identity class in the enterprise.”
– Paul Nguyen, Co-Founder and Co-CEO, Permiso Security
Availability
Permiso’s AI agent runtime security capabilities are available today for existing and new customers. The platform connects through agentless, API-based architecture with no infrastructure changes required. To learn more about the full capabilities, read the product blog or request a demo at permiso.io
About Permiso Security
Permiso Security is an identity security platform that discovers, protects, and defends against human, non-human, and AI identity threats across cloud and on-premise environments. The platform unifies and classifies identities across cloud and on-premise environments, assessing exposure risk strengthening security posture before threats materialize. When threats do emerge, Permiso identifies suspicious and malicious identity behavior across all environments for human, non-human, and AI identities; surfacing high-fidelity detections that SIEMs, IGA, and NHI solutions miss natively. Permiso’s Universal Identity Graph correlates identity behavior across IdPs, cloud accounts, on-premise environments, and infrastructure to uncover identity relationships, power risk scoring, and surface high-fidelity threats that SIEMs, IGA, and NHI/AI solutions miss natively. Permiso is the 2026 SC Award winner for Best Threat Detection Technology. Learn more at permiso.io.
View source version on businesswire.com: https://www.businesswire.com/news/home/20260514198195/en/
Media gallery
