Autodesk becomes launch customer as Permiso extends its unified identity platform to cover the fastest-growing and least-governed identity class in the enterprise.
Permiso Security, the unified identity security platform, announced AI agent runtime security capabilities that give security teams the ability to discover every agent in their environment, managed or shadow, and maintain continuous visibility into agent runs, events, tool calls, and data access across agents, sub-agents, MCP servers, and the underlying infrastructure those agents operate on. Autodesk, a Fortune 500 design and engineering software company, is deploying the capabilities to secure AI agents operating across its products, global workforce, and cloud infrastructure.
Also Read: CIO Influence Interview with Kyle Wickert, Field CTO at AlgoSec
“Autodesk is investing significantly in AI across our workforce, infrastructure, and products. Permiso Security was already our security platform for Identities, so the natural next step was to partner with them for Agentic AI Identities. Permiso gave us the ability to discover agents across our environment, maintain a full registry, attribute actions to an initiating identity, and monitor all events, runs, and tool calls touching our systems. This is non-negotiable when you’re securing enterprise AI at scale. In the agentic era, visibility and threat detection are what allows us to move fast.”
– Sebastian Goodwin, Chief Trust Officer, Autodesk
Agents are making autonomous decisions, calling external tools and MCP servers, spawning sub-agents, and interacting with downstream data stores and systems at machine speed, often without human oversight. Most security teams cannot answer fundamental questions about their agent environment: how many agents are running, what identities they are using, what tools they are calling, or what data they are accessing.
Most of the market is solving for posture: where agents are, how they authenticate, what permissions they hold. Posture matters. But posture is a snapshot. Agents operate in real time, making context-dependent decisions across tools, data stores, and downstream systems in milliseconds. The security question that actually keeps security professionals up at night is not what an agent is allowed to do, it is what it is doing right now, and whether you can stop it.
Traditional identity providers lose visibility the moment an agent authenticates, and NHI security vendors are treating agents like static machine identities when agents actually behave more like humans in their credential usage, logging in as the users who deployed them and making context-dependent decisions in real time.
“The market is full of vendors claiming they can prevent AI agent security incidents. As someone who has spent decades in the security industry, I can tell you that’s not possible. You are putting a deterministic capability on a non-deterministic brain. Agents will do things they were not supposed to do. The question is whether you have visibility into every run, every tool call, and every piece of data an agent touches to detect when it happens, and the controls to contain it. That is what we built.”
– Jason Martin, Co-Founder and Co-CEO, Permiso Security
How it Works: Permiso’s AI Agent Runtime Security
Purpose-built for the specific challenges agents create: non-deterministic behavior, dynamic tool usage, inherited credential chains, and runtime activity that traditional security tools were never designed to monitor. The platform delivers agent runtime identity attribution and agent behavioral anomaly detection across the full agent lifecycle, from the moment an agent is born in a code repository through deployment, runtime operation, and containment. The six core capabilities include:
- Agent and session discovery that inventories every AI agent, sub-agent, builder, model, and user across cloud, SaaS, IdPs, and code environments, including agents running in Lambdas, containers, and VMs that traditional identity tools cannot see.
- Identity attribution at runtime that ties every run, event, tool call, and MCP invocation to a specific human, non-human, or AI identity, visualized through Permiso’s agent graph and preserved as a complete audit trail.
- Tool, data, and infrastructure observability captures what tools an agent called, what MCP servers it connected to, what data it accessed, and what downstream systems it reached.
- Runtime detection of over-privileged access, unused permissions, anomalous tool usage, policy violations, and high blast radius behavior, surfaced in the same alert module security teams already use for human and non-human identity threats.
- Behavioral skill sandboxing of new and existing agent skills.
- Identity-first controls including least privilege recommendations based on actual agent behavior, approval gates for high-risk actions, and kill switches that operate at machine speed.
These capabilities are informed by years of AI-specific threat research from Permiso’s P0 Labs team, including the discovery of LLMjacking attack techniques, cross-prompt injection vulnerabilities in enterprise AI copilots, and analysis of malicious AI agent skills across public marketplaces.
“Every enterprise we talk to is deploying AI agents. Almost none of them can tell us how many agents are running, what identities those agents are using, or what MCP servers they are calling. We are not asking customers to buy a new product. We are extending the platform they already trust to cover the fastest-growing and least-governed identity class in the enterprise.”
– Paul Nguyen, Co-Founder and Co-CEO, Permiso Security
Catch more CIO Insights: The CIO as a Value Creator: Moving Beyond Cost Centers to Revenue Drivers
[To share your insights with us, please write to psen@itechseries.com ]
