Zscaler has launched a suite of new products and platform updates designed to secure AI agents operating inside enterprise environments. The announcement extends the companyβs Zero Trust Exchange platform to cover how autonomous software agents connect to systems, access data, and run on employee devices.
The launch comes as businesses across industries accelerate deployment of AI agents, software that can act on behalf of users, chain tasks together, and interact with sensitive data without direct human instruction. Zscalerβs platform operates across more than 160 data centers globally, serving large enterprises, critical infrastructure operators, and government agencies, and the latest update is designed to bring that reach to the fast-growing agentic layer of enterprise IT.
The core challenge the announcement addresses is not new technology. It is a security gap that has been quietly widening as AI deployment outpaced governance.
What Zscaler Has Built
At the center of the launch are two new offerings. AI Broker secures communications involving AI agents through MCP and A2A brokers, the protocols increasingly used to connect agents to tools, services, and each other. Endpoint AI Security is designed to detect and block AI-related threats directly on user devices, covering risks tied to browsers, plugins, extensions, and locally running AI tools.
Zscaler also introduced AI Access Graph, a mapping layer for data and identity connections across an organization. The technology originated from the companyβs acquisition of Symmetry Systems and is now integrated into the Zero Trust Exchange platform. It is designed to give security teams a clear view of how users, agents, applications, models, and data sources interact, enabling tighter access policies and reducing unnecessary exposure.
The launch also includes a broader expansion of AI Protect, a product line introduced earlier this year. New capabilities span three areas: AI asset management, access controls for approved AI tools, and protection for AI applications in both development and live environments. Asset management features now include discovery of embedded AI in SaaS and internet traffic, identification of AI agents and MCP servers in public cloud environments, and visibility into AI activity on endpoints.
On the access controls side, Zscaler has expanded prompt extraction across more than 250 generative AI applications, added full conversational views, and introduced support for Anthropic and OpenAI compliance APIs. For AI infrastructure, the platform now includes red teaming for MCP servers, a standalone prompt-hardening service, and compliance heat maps to help organizations govern AI applications more closely as they move from development into production.
Deployment Is Running Ahead of Governance
The timing of Zscalerβs announcement reflects something the enterprise security industry has been slow to match. AI agents are already running inside organizations at scale, and in many cases the security infrastructure surrounding them was built for a different era.
Traditional security models were designed around known human users with predictable access patterns. AI agents break that model. They operate continuously, create short-lived identities, spawn sub-agents, and make access requests at speeds that legacy products struggle to log, let alone analyze.
Microsoft research underscores the scale of the problem. AI agent adoption is rapidly accelerating across organizations, but security governance and oversight frameworks are struggling to keep pace. Agents are being introduced into business environments without formal IT or security oversight, often carrying excessive permissions, unknown origins, or insufficient governance controls. Eighty-four percent of senior leaders flagged unsanctioned agents as a growing security risk.
That figure points to a structural challenge Zscaler is directly targeting. The endpoint, the identity layer, and the data access layer are all now in play in ways they were not 18 months ago. Browser extensions, local AI tools, and plugin ecosystems mean the device an employee uses to run a collaboration platform may also be running agents that security teams have no visibility into.
For Toshiomi Takahashi, Senior Partner Business Manager at Zscaler,Β the growth in news surrounding new, cyber capable AI models has made launches like this vital.
βWith frontier AI advancing at an unprecedented pace, AI-related headlines have become part of our daily lives. This evolution brings both tremendous opportunities and significant risks, and the security landscape must evolve with it.β
What Comes Next
Zscalerβs update is one of the clearest signals yet that the enterprise security market is recalibrating to tackle threats around agentic AI. Data lineage and identity traceability are two of the hardest problems in agentic security, knowing not just what an agent did, but which data it touched, which identity it acted under, and whether that action was sanctioned.
Zscalerβs latest update reflects where enterprise security investment is heading. As AI agents become a standard part of how organizations operate, the infrastructure to govern them is becoming just as critical as the agents themselves.
