{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreicannk7ucluz44pr2ubhbxfgmb5kwxdec6sfwpm5whlntmaen34ue",
"uri": "at://did:plc:qzjwstutqk2cy7df7jbzd2hx/app.bsky.feed.post/3mnun4o5qt6o2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreigl6bbsec6odfg4jr3iri65d7sgfh7hwtcdoauoualdcafvt2qxfi"
},
"mimeType": "image/jpeg",
"size": 11947566
},
"path": "/article/4182976/zscaler-launches-zero-trust-platform-for-agentic-ai.html",
"publishedAt": "2026-06-09T15:25:16.000Z",
"site": "https://www.networkworld.com",
"tags": [
"Artificial Intelligence, Network Security, Security",
"Jay Chaudhry",
"announcement",
"Christina Powers",
"report from the Dell’Oro Group",
"Mauricio Sanchez",
"Michela Menting"
],
"textContent": "Zscaler announced what it calls the first complete zero trust platform for agentic AI, aimed at securing how AI agents access data and talk to one another.\n\n“Traditional security was never designed for millions of autonomous agents that act and reach sensitive data at machine speed,” said Jay Chaudhry, Zscaler’s chairman and CEO, in the Tuesday announcement.\n\nThe company will be extending its Zscaler Zero Trust Exchange platform to cover AI agents, including how they connect, how they access data, and how they run on devices.\n\nAccording to Christina Powers, partner and cybersecurity consulting leader at management consulting firm West Monroe Partners, zero trust for agentic systems means treating every AI agent, tool, and action as untrusted until it is explicitly verified and authorized.\n\n“As organizations give agents greater autonomy to access systems and make decisions, zero trust becomes essential because of the risk of unauthorized actions being executed at scale,” she says.\n\nTo this end, the new Zscaler AI Broker will secure MCP [Model Context Protocol] and A2A [Agent to Agent] communications. MCP and A2A are the top open standards for how AI agents connect to data and to each other, respectively.\n\nSecond, Zscaler Endpoint AI Security will help find and stop AI-related threats on employee devices. It covers browsers, plugins, extensions, and local AI tools — which traditional endpoint security tools can miss.\n\nIn addition to these two new security tools, Zscaler is announcing the Zscaler AI Access Graph, which maps how identities, applications, and data sources connect across the enterprise. This new tool is powered by Zscaler’s recent acquisition of Symmetry Systems.\n\n“The integration of this technology with Zscaler’s Zero Trust Exchange enables organizations to understand and then enforce policies, reduce unnecessary access and risk, and track data lineage in real-time across every channel,” the company said in its announcement.\n\nFinally, Zscaler is expanding Zscaler AI Protect, which was launched in January 2026. The platform will now include AI asset management, which will identify AI agents and MCP servers, discover embedded AI in SaaS and internet traffic, scan agentic code bases for risks, and provide visibility to AI activity on endpoints.\n\nThe platform will also have expanded controls for AI interactions, with prompt extraction, across more than 250 genAI apps. It includes full conversational views, support for Anthropic and OpenAI compliance APIs, and intent-based guardrails for multi-turn conversations.\n\nZscaler is also introducing AI red teaming for MCP servers, a standalone prompt hardening service, and compliance heat maps to strengthen AI governance.\n\nZscaler is entering an agentic AI security market that barely existed a year ago.\n\nAccording to a report from the Dell’Oro Group, the AI systems security market is projected to grow from “essentially zero” to $8 billion by 2030 — and there are already nearly 60 vendors active in the space, offering everything from model and component security, to AI validation and red teaming, AI security posture management, runtime guardrails, and agent security.\n\nZero trust is just one component of the AI security puzzle, says Dell’Oro Group analyst Mauricio Sanchez.\n\nAt its heart, zero trust for agentic AI extends beyond users and devices to the agents themselves. “An AI agent should not inherit broad access simply because a user launched it or because it runs within a trusted application,” Sanchez says. “It needs its own identity, its own permissions, a clear scope of action, and continuous monitoring of its activities.”\n\nEnterprises need to know who authorized the agent, what it’s allowed to do, what systems it can access — and whether it can be stopped quickly if it starts to misbehave. “This is important because agentic systems can act at machine speed,” he says. “They can call APIs, move data, trigger workflows, create content, and interact with other systems.”\n\nThe idea is to protect agents from both adversaries and accidental misconfigurations, says Michela Menting, vice president and analyst at ABI Research.\n\n“I would say this is particularly important as threat actors moving laterally within an organization tend to use other internal assets to escalate privileges and reach corporate crown jewels,” she says. “Agentic systems and agents are a powerful new asset that can be exploited quite easily without such controls, and could lead to catastrophic outcomes.”\n\nAccording to Eric Syphard, senior vice president of AI at Booz Allen Hamilton, the first step to deploying zero trust for AI agents is to create guardrails that limit what the agents can do. “Second,” he says, “is to utilize additional agents to observe and evaluate compliance.”\n\nWith humans in loop, of course, as the final check.",
"title": "Zscaler launches zero trust platform for agentic AI"
}