Unified identity security platform provider Permiso Security Inc. today launched AI agent runtime security capabilities that give security teams continuous visibility into agent activity across cloud and on-premises environments, with Autodesk Inc. signing on as the launch customer.

The new capabilities extend Permiso’s unified identity platform to cover what the company calls the fastest-growing and least-governed identity class in the enterprise. Security teams can discover every agent operating in their environment, whether managed or shadow and track runs, events, tool calls and data access across agents, sub-agents, Model Context Protocol servers and the infrastructure those agents run on.

Autodesk is deploying the capabilities to secure agents operating across its products, global workforce and cloud infrastructure.

“Autodesk is investing significantly in AI across our workforce, infrastructure and products,” said Sebastian Goodwin, chief trust officer at Autodesk. “Permiso Security was already our security platform for identities, so the natural next step was to partner with them for agentic AI identities.”

The launch comes as enterprises are rushing to deploy AI agents that make autonomous decisions, call external tools and MCP servers, spawn sub-agents and interact with downstream data stores at machine speed, often without human oversight. Permiso says most security teams cannot answer basic questions about how many agents are running, what identities they use, what tools they call or what data they touch.

The company argues that much of the market is solving for posture, meaning where agents sit, how they authenticate and what permissions they hold. Permiso said posture is a snapshot and that the harder problem is runtime, where agents make context-dependent decisions in milliseconds. Traditional identity providers lose visibility once an agent authenticates, while nonhuman identity vendors treat agents like static machine identities even though agents behave more like humans, logging in as the users who deployed them.

“The market is full of vendors claiming they can prevent AI agent security incidents,” said Jason Martin, co-founder and co-chief executive of Permiso. “You are putting a deterministic capability on a non-deterministic brain. Agents will do things they were not supposed to do.”

The platform covers six capabilities: agent and session discovery across cloud, software-as-a-service, identity providers and code environments, including agents running in Lambda functions, containers and virtual machines; runtime identity attribution that ties every run and tool call to a specific human, non-human or AI identity; observability into tools, data and infrastructure touched by agents; runtime detection of over-privileged access, anomalous tool usage and policy violations; behavioral sandboxing of new and existing agent skills; and identity-first controls, including least privilege recommendations, approval gates and kill switches.

The capabilities draw on threat research from Permiso’s P0 Labs team, which has documented so-called LLMjacking attacks, cross-prompt injection vulnerabilities in enterprise AI copilots and malicious agent skills circulating on public marketplaces.

The capabilities are available today through an agentless, application programming interface-based architecture that requires no infrastructure changes.

Image: SiliconANGLE/Ideogram