Palo Alto Networks has launched Idira, a new identity security platform aimed at securing human users, machine identities, and AI agents amid the rising adoption of autonomous AI systems amongst enterprises. The company is positioning Idira as a next-generation identity security platform that goes beyond traditional privileged access management (PAM) systems by applying dynamic privilege controls across every type of identity inside an enterprise. “For most of the last two decades, identity security was built on a comfortable assumption: One can maintain a firm divide between a small number of powerful administrators and a much larger number of ordinary users; that is enough to secure the organization. That assumption no longer holds,” Peretz Regev, chief product & technology officer at Palo Alto, said in a blog post . The launch follows Palo Alto’s acquisition and integration of CyberArk, which forms a key foundation of the platform. Palo Alto’s bet on AI-era identity security “The fundamental problem today is scale,” said Rohan Vaidya, AVP Sales India and SAARC. “Most organisations are already running AI agents — and those agents authenticate, call APIs, access sensitive data, and can escalate their own privileges to complete a task. No legacy IAM or PAM platform was designed to see any of that, let alone control it.” With Idira, Palo Alto attempts to address these risks by treating every identity in the organization as privileged. “What Idira does differently is operate as a single control plane across all three identity types; human, machine, and agentic. On the discovery side, it continuously scans SaaS, cloud, and developer environments to surface every active agent and machine identity, enriching each one with context: who owns it, what it can access, and what permissions are actually in use. That alone closes a blind spot most security teams don’t even know they have,” Vaidya said. Analysts say Idira is attempting to address gaps that traditional identity-management platforms such as Auth0 and SailPoint were not originally designed to handle, particularly around governing autonomous AI agents in real time. “Auth0 excels at consumer identity and enterprise single sign-on, but its core architecture is not natively designed to govern the dynamic, autonomous nature of generative AI agents. SailPoint, on the other hand, provides excellent AI-driven insights for human access governance, such as role discovery and certification recommendations, but it primarily focuses on lifecycle management and compliance rather than runtime security for autonomous actors,” explained Amit Jaju, senior managing director at Ankura Consulting. Jaju added that what genuinely sets Idira apart is that instead of granting an agent static access tokens (which Auth0 or SailPoint might manage), Idira dynamically elevates privileges exactly when an agent needs to execute a task and instantly revokes them afterward. CISOs navigate AI risks For enterprises, the launch reflects a broader industry shift toward identity-centric cybersecurity models as organizations deploy generative AI tools, autonomous agents, and cloud-native applications at scale. Analysts say the growing number of non-human identities is creating operational and security challenges because many existing identity systems were originally built to manage employees and IT administrators rather than AI agents and automated services. “A self-contained AI agent can engage with systems, initiate processes, and make decisions without any form of human validation. This presents a much bigger threat surface. Current technologies that help manage this issue address only some aspects of the problem, many having been built without the intent of handling machine speed, highly dynamic environments,” said Devroop Dhar, co-founder and CEO at Primus Partners. As identity, cloud security, artificial intelligence governance, and SOC workflows continue to converge, organizations will find themselves becoming more and more reliant on one particular ecosystem, Dhar said. The advantage here is ease of operation, a consolidated view, and greater integration. The downside is less flexibility over time. Breaking away from the system at a later date may prove challenging since identity management procedures and other processes will be woven deeply into business operations. In the coming years, CISOs will favour ecosystems that support open architectures, Dhar noted. Analysts also caution that none of the platforms eliminates the need for multilayered security. Organizations will need to maintain good identity hygiene practices, implement least privilege, utilize MFA , rotate credentials, and conduct constant monitoring. “Another aspect to address relates to agent governance. There must be a clear understanding of what assets can be accessed by agents, under what circumstances human intervention is required, and how agent activities are monitored,” said Dhar. Enterprises must invest in prompt filtering systems to prevent prompt injection attacks, which currently stand as the largest vulnerability in AI systems, Jaju said. “They should also engage in continuous adversarial testing and agentic red teaming before deploying any autonomous system into a production environment.”

AI summaries can be wrong sometimes—always verify important details using the source link below.