Operant AI targets ‘shadow’ AI agents with real-time security platform

As AI agents fan out across enterprise apps, APIs, and data stores, they’re creating a security blind spot: autonomous systems with access to sensitive data that move faster than security teams can track. Operant AI‘s new Agent Protector platform aims to close that gap with real-time zero-trust controls built specifically for agentic workloads.

Agent Protector is a real-time security platform that monitors, governs, and enforces zero-trust controls for AI agents. Positioned as a security stack for the “agentic AI” era, Agent Protector provides continuous discovery of both managed and unmanaged agents, inline behavioral threat detection, and least-privilege enforcement on agents and their identities. It can do this across cloud platforms, SaaS environments, and development toolchains. Operant pitches the product as a way for security teams to regain visibility and control as task-specific agents fan out across applications, APIs, and data stores.

Operant AI isn’t new to AI security. It already sells AI Gatekeeper and MCP Gateway. These focus on discovery, detection, and defense for AI applications and MCP environments. They include inline redaction of sensitive data and a “private mode” that preserves privacy while still enabling AI use. The company claims  its tools defend against prompt injection, data exfiltration, tool poisoning, rogue agents, zero-click attacks, and zero-day vulnerabilities across the “agentic ecosystem.”​

Agents in the enterprise

The launch comes as analysts expect AI agents to move quickly into the enterprise. Gartner predicts that by late 2026, about 40% of enterprise applications will integrate task-specific AI agents. Mind you, Gartner also predicts 40% of agents will fail. For all the excitement they engender, AI agents are a high-risk, high-reward game.

Nowhere is this truer than with AI agent security. Simon Willison, the co-creator of the Django Web framework, warns that many have a lethal trifecta of capabilities: access to your private data, exposure to untrusted content, and the ability to communicate externally in ways that could be used to steal your data. On top of that, Operant AI CEO and co-founder Vrajesh Bhavsar observes, “AI agents are proliferating across enterprises faster than security teams can track them.”

We knew this issue was coming. Now, it’s here. 

“From cloud-based agents to SaaS environments and custom implementations, organizations are facing an explosion of autonomous systems with access to sensitive data and critical tools,” continues Bhavsar. “Agent Protector gives security teams real-time visibility and inline control they need to safely enable AI innovation.”

Suhel Khan, head of cybersecurity at subscription billing platform Chargebee, framed the shift as a fundamental challenge to perimeter-centric security: “Agentic AI is forcing financial services to redraw trust boundaries. Perimeter-first security breaks down when autonomous agents can traverse apps, APIs, and data stores without a human in the loop.” 

How Agent Protector protects you from rogue agents

What Agent Protector brings to the table is a single platform that combines shadow agent discovery, secure development enclaves, cloud-native observability, inline behavioral threat detection, and zero trust enforcement, all aimed specifically at AI agents.

Its key capabilities include:

• Real-time rogue agent intent detection: Agent Protector analyzes agent supply chains, assigns trust scores and reputations, tracks tool call sequences, and looks for patterns associated with privilege escalation, persistence, and data exfiltration, blocking anomalous activity before it executes. It also claims to detect and prevent over-permissioned or over-scoped agent behavior that could enable lateral movement, as well as “zero-click” attacks such as attempts to escape designated security boundaries without user interaction.
• Discovery of shadow agents and identities: The platform inventories agents across cloud and SaaS environments, development tools, and previously unseen Model Context Protocol (MCP) servers, tools, and dependencies, then builds catalogs of user and service account “agentic identities” to give security teams a system-wide map of agent activity.
• Secure enclaves for in-house agents: For organizations building custom agents, Agent Protector offers a low-code security framework that integrates with popular agent platforms, including LangGraph, CrewAI, n8n, and the ChatGPT Agents SDK. It automatically discovers agents, tools, models, context usage, and memory patterns, and adds runtime security scanning and embeddable security primitives to make agents “secure by design.”
• Cloud-native observability: The product traces interactions from prompts to tools to memory stores, generating execution timelines and tool-activity graphs to reveal correlations and dependencies across an organization’s agent ecosystem. All observability data is processed in real time to support rapid threat detection and response.
• Zero trust enforcement for agents: Agent Protector applies dynamic, least-permission policies to each agent and identity, continuously reauthorizing access based on intent, behavior, and context, rather than static allow/deny rules. It adds inline prompt guardrails, data loss prevention, and protections against agent memory and context poisoning through sandboxing and immediate blocking, along with intelligent rate-limiting to halt potentially rogue agents.

Agent Protector is available today, and Operant is directing interested organizations to request demos via its website. Will it help to secure agents? Well, there’s only one way to find out–by trying it out.

Let’s hope it works. If it doesn’t,  someone must come up with an answer, and they need to do it soon. The potential for AI agents to cause major security disasters is too great for us to simply trust that they can’t be used against us. Here’s hoping Agent Protector can deliver the goods. 

The post Operant AI targets ‘shadow’ AI agents with real-time security platform appeared first on The New Stack.