search
Release Notes

โšกAI Agent Security

Discover and govern AI agents, models, and tools across AWS Bedrock, Google Cloud Vertex AI, Microsoft Copilot Studio, Azure AI Foundry, and Salesforce.

AI Agent Security extends Veza's authorization graph to include AI resources. It discovers AI Agents, AI Models, and AI Tools across AWS Bedrock, Google Cloud Vertex AI, Microsoft Copilot Studio, Azure AI Foundry, and Salesforce. From there, you can trace how agents access sensitive data through IAM roles and service principals, assign ownership for governance accountability, create access reviews, and alert on risky configurations.

circle-info

Early Access: AI Agent Security is an early access feature. Contact Veza support to enable it for your tenant.

hashtag
Requirements

  • AI Agent Security feature flag enabled (contact Veza support)

  • At least one supported cloud integration:

    • AWS (for Bedrock agents and models)

    • Google Cloud (for Vertex AI agents)

    • Microsoft (for Copilot Studio and Azure AI Foundry agents)

    • Salesforce (for Agentforce agents)

See Configuration for setup instructions per platform.

hashtag
What Veza Discovers

Veza discovers three categories of AI resources:

  • AI Agents โ€” Autonomous execution engines: Bedrock agents, Vertex AI Reasoning Engines, Copilot Studio bots, Azure AI Foundry agents, and Agentforce bots

  • AI Models โ€” Foundation models, custom models, and imported models used by agents

  • AI Tools โ€” Knowledge bases, action groups, and prompt templates that extend agent capabilities

See Supported Entities for the full list of entity types per platform, including entity properties and access relationship models.

hashtag
Navigating AI Agent Security

AI Agent Security is organized into three views:

  • Overview โ€” Aggregated counts and trends for agents, models, and credentials across connected platforms

  • Agents โ€” Filterable list of all discovered agents. Filter by platform, ownership status, or creation date. Select an agent to view its linked models and access paths in the graph.

  • Keys & Secrets โ€” AI-related credentials such as service account keys and API tokens. See NHI Security for credential management capabilities.

AI Agent Security overview page.
AI Agent Security Agents view.

hashtag
Access Path Analysis

Agents access resources by assuming IAM roles or service principals. Veza traces these multi-hop paths to show the agent's effective permissions across downstream resources.

spinner

A Bedrock agent assumes an IAM role. Veza resolves the role's permissions and shows which downstream resources the agent can reach. This makes it possible to evaluate the full blast radius of a given agent, not just its immediate role assignment.

See Access paths and relationships in Supported Entities for common patterns and security considerations.

hashtag
Ownership

Assign owners to AI Agents for governance accountability. Owners are notified when included in access reviews. Ownership can be assigned in bulk from the Agents view, or systematically using enrichment rules.

To assign ownership with enrichment rules:

  1. Create a saved query using Query Builder that identifies the agents to enrich.

  2. Go to Integrations > Enrichment and click Add Enrichment Rule.

  3. Select Entity Owner as the enrichment type and choose the relevant AI Agent entity type (BedrockAgent, VertexAiReasoningEngine, MicrosoftCopilotStudioBot, or SalesforceBotDefinition).

  4. Select your saved query and specify owners from your integrated IdP or HRIS.

  5. Save the rule and trigger a data source extraction.

See Enrichment Rules for full configuration details.

hashtag
Access Reviews

Create recurring access reviews for AI Agent permissions using any query result as a starting point:

  1. Query for agents using Query Builder or Access AI.

  2. Create an Access Review from the query results.

  3. Assign reviewers and set a recurrence schedule.

See Create an Access Review for step-by-step instructions.

hashtag
Rules and Alerts

Use Saved Queries to create rules that notify when AI security conditions change. Useful starting points:

  • Agents deployed without an assigned owner

  • Agents using models with lifecycle_status = LEGACY

  • Agents with write permissions to production databases

Alerts can be delivered via email, Slack, webhooks, ServiceNow, or Jira. See Rules and Alerts for configuration.

hashtag
AI Agent Security and NHI Security

AI Agent Security and NHI Security both surface non-human identities, but at different layers:

NHI Security
AI Agent Security

Discovers

Service accounts, API keys, tokens, certificates

AI Agents, AI Models, knowledge bases, action groups

Platforms

AWS, Azure, Google Cloud, and SaaS integrations

AWS Bedrock, Google Cloud Vertex AI, Copilot Studio, Azure AI Foundry, Salesforce

Primary use

Credential hygiene, key rotation, orphaned accounts

AI governance, model tracking, agent access analysis

The two work together. An agent discovered by AI Agent Security may assume an IAM role whose associated service account keys are tracked by NHI Security.

hashtag
Next Steps

  • Supported Entities โ€” Entity types, properties, and access relationship models per platform

  • Configuration โ€” Add required permissions to your cloud integrations

  • Query Builder โ€” Build and save queries for AI resources

  • Access Reviews โ€” Create recurring reviews for AI Agent permissions

  • Rules and Alerts โ€” Configure automated alerts for AI security events

Previous2022.3.1NextSupported Entities

Last updated

Was this helpful?