Zscaler Launches AI Broker and Endpoint AI Security for AI Agents

Zscaler’s latest suite—AI Broker, Endpoint AI Security, and AI Access Graph—marks a strategic shift toward securing the "agentic" layer of modern IT environments. Traditional security tools focus on human identities, but autonomous AI agents spin up temporary credentials, spawn sub‑agents, and interact with data at machine speed, creating blind spots that evade conventional monitoring. By embedding a registry and policy engine directly into the Zero Trust Exchange, Zscaler gives security teams granular visibility and control over each agent’s permissions, while the endpoint component extends inspection to browsers, extensions, and locally‑run AI models that were previously invisible to legacy agents.

The move reflects a broader industry scramble to lock down AI‑driven workloads before they become ubiquitous. Rivals such as Palo Alto Networks and Google have introduced comparable agent‑centric solutions, but Zscaler differentiates itself through its recent acquisition of Symmetry Systems, which supplies a data‑access graph capable of mapping both human and non‑human identities across cloud and on‑premise assets. This capability, now branded as AI Access Graph, enables security teams to spot over‑privileged pathways and prune unnecessary connections, a critical function as enterprises adopt generative AI tools and internal AI agents for automation, analytics, and decision‑making.

For enterprises, the practical impact is twofold: improved risk visibility and faster remediation. With AI agents increasingly handling sensitive data—from customer records to proprietary models—any breach can propagate instantly across systems. Zscaler’s zero‑trust extension promises to enforce least‑privilege principles at the agent level, reducing the attack surface and supporting compliance mandates that now consider non‑human actors. As AI adoption accelerates, vendors that can seamlessly integrate agent security into existing zero‑trust frameworks will likely become the default choice for organizations seeking to balance innovation with robust protection.