SecureAuth launches platform to govern AI agent identities in real time

SecureAuth has issued a release marking the launch of its Agentic Authority Platform, a real-time, zero-trust control layer for agentic AI, and the appointment of Mark van Oppen as Chief Revenue Officer to scale the company’s reach.

The California-based firm provides secure identity at scale across customer identity, workforce identity, continuous risk monitoring, presence authority and authorization authority, for federal agencies, large financial institutions, healthcare organizations and global retailers.

Now, those customers are facing unprecedented challenges in navigating the influx of AI agents into the digital ecosystem – 91 percent of which, says Secure Auth, are over-privileged. Like animation’s Minions, they have taken over, writing invoices, calling APIs, and moving data on their own, without supervision.

‘I turn my back for one nanosecond…’

That means they’re just one prompt injection attack away from being weaponized or sent into a berserking frenzy. Per the release, “goal-seeking agents take shortcuts their operators never sanctioned, approving the wrong invoices, refunding the wrong customers, calling the wrong APIs.” And there may be no way to get rid of them: 78 percent of AI deployments have no audit trail.

“Authentication tells you who walked in the door,” says Geoffrey Mattson, CEO of SecureAuth. But when autonomous agents are logging in and performing tasks, that approach is no longer sufficient. Just because you trusted an agent at the gates, you can’t guarantee what they’ll do inside.

Authentication “tells you nothing about whether the next transaction should happen,” Mattson says, whereas SecureAuth’s Agentic Authority Platform “answers that question continuously, for every action, for every agent, every time.” Every API call, tool invocation and transaction is evaluated against identity, policy and risk in real time. Users can define these across “the full context of who, what, when, where, and how much.”

Credentials are federated across OAuth 2.0, OIDC, mTLS, and Real-Time Visibility eliminates shadow agents with “live attribution of agent actions to a human user and a business purpose.”

Agent Detection and Response (ADR) sets behavioral baselines for every agent, drift and anomaly detection for a safety net, and Tamperproof Audit and Compliance keeps a record of every action attempted or completed, retained for audit, exportable for regulators.

New CRO is van Oppen for business

To accelerate enterprise adoption, SecureAuth has appointed Mark van Oppen as Chief Revenue Officer to lead global sales and marketing. Van Oppen has held leadership roles at IBM, Heptio, VMware, and FusionAuth – and, says SecureAuth CEO Mattson, he “understands how to scale revenue around infrastructure that customers cannot afford to get wrong.”

“The next era of identity will be defined by continuous control, not one-time access decisions,” says Mark van Oppen, the new CRO of SecureAuth. “SecureAuth is building for that future at exactly the right moment, and the launch of the Agentic Authority Platform is the clearest proof. I am excited to join the team and help more enterprises adopt a modern identity platform built for technical depth, deployment flexibility, and the realities of AI-driven risk.”

The launch reflects a growing effort across the identity industry to apply identity governance, authorization and audit controls to AI agents as organizations move from human-centric access models toward environments where autonomous software increasingly performs transactions and makes decisions on behalf of users.

Article Topics

AI agents  |  continuous authentication  |  digital identity  |  identity access management (IAM)  |  SecureAuth