As AI agents take action inside enterprise systems, P0 helps organizations enforce runtime policy before control failures can occur
P0 Security, creator of the Authz Control Plane™, announced new capabilities for agentic runtime access control that help organizations manage agents across the enterprise. The company will showcase the solution at Identiverse 2026, where attendees can see how P0 enforces access policy across the full action chain, establishing fine-grained controls with real-time context.
Also Read: CIO Influence Interview with Hugo Dozois-Caouette, CTO and Co-founder at MaintainX
AI agents are actively querying enterprise data, invoking tools, modifying systems and taking action across applications in a single workflow. They typically do so using credentials that belong to the humans or non-human identities that triggered them. When access controls are weak for users and NHIs, that weakness flows into every agent action downstream, creating a new class of runtime control failures: agents that act with too much authority and naive, non-deterministic intent. Such actions should be limited, escalated or blocked before execution.
“Claude Code is reshaping our access risk model,” says Venkat Venkatraju, Cloud Security Engineer at Splunk. “Engineers could use agents to automate scripts on remote servers or access sensitive data on production databases. One unintended command, rm–rf or mkfs, executed with an engineer’s authority, can have catastrophic consequences. Every agent action needs to be evaluated against policy at runtime, not after the fact.”
The shift is being recognized across the industry. According to Gartner*, “the primary risk is not what the AI says, but what the AI does. The focus must shift from prompt injection to agent behavior analysis and identity traceability. If an AI agent cannot prove who it is acting for and why, it should not get access to tools and data.”
What’s new in this release
P0’s Authz Control Plane™ for Agents builds on the company’s foundation in Zero Standing Privilege and Just-in-time access. Rather than treating agent access as a static credential challenge, P0 evaluates access at the moment an agent acts, combining the invoking identity, agent identity, tool authorization and resource entitlements into a single runtime enforcement model, with automatic revocation once a task is complete.
Core capabilities include:
- Discover every identity that can access sensitive systems – Surface managed and unmanaged agents, MCP servers, owners and access paths.
- Enforce policy at runtime using blended identity context – Evaluate agentic actions against both the agent and the invoking user, scoped to the task and real-time context for time-bound access that’s automatically revoked once the work is done.
- Prove policy compliance and monitor exceptions continuously – Show who or what invoked the action, which agent acted, what systems and data were touched, and why access was allowed, denied or revoked.
“The first wave of agent adoption focused on what agents could do,” said Shashwat Sehgal, CEO and Co-Founder of P0 Security. “The next wave will focus on what agents should be authorized to do. We’ve spent years helping organizations implement zero-standing privilege across human users and non-human identities. Agentic systems build on those same foundations. Security teams now need a way to evaluate and control access at runtime, scoped to the specific task and tied to an accountable authority. That’s the problem we’re focused on solving.”
Catch more CIO Insights: What Does “Job-Ready” Really Mean in IT and Cybersecurity?
[To share your insights with us, please write to psen@itechseries.com ]
