SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
Modern enterprise ai access gates permission cloud vaults
#
Data Protection
#
DevOps
#
Digital Transformation

Cequence launches agent controls for enterprise AI

Wed, 29th Apr 2026 (Today)
Author image
By Shannon Williams, News Editor

Cequence Security has launched Agent Personas in its AI Gateway, a product designed to limit what autonomous AI agents can do inside enterprise systems.

The release also includes Agent Access Keys, a credential format for headless agents running in automated workflows. The keys combine agent identity, user identity and persona-level permissions into a single credential that can be traced in audit records.

At the centre of the launch is an attempt to address a problem emerging as companies connect AI agents to internal applications through the Model Context Protocol, or MCP. In many deployments, agents are authenticated in the same way as users and inherit broad permissions originally intended for humans.

Agent Personas aims to narrow that access by defining a role for each agent in plain language, then mapping that role to a scoped virtual MCP endpoint. This allows security teams to set access at the level of an individual tool call rather than relying only on identity management.

Examples include a customer service agent that can read customer relationship management data but not alter records, a coding agent that can read GitHub issues and create Jira tickets but cannot merge pull requests, and a CI/CD automation agent that can use specific pipeline tools and only one notification channel.

Access controls

The system applies controls on a per-tool basis, including rate limits, data masking and approval workflows. Changes to a persona can also be applied across all agents using that persona without code changes.

Cequence describes the service as model-agnostic because it sits at the infrastructure level rather than inside a specific model stack. That means policies can apply across OpenAI, Google, Anthropic, open-source and custom models.

The launch comes as companies look for ways to move AI agents from pilot programmes into wider operational use while keeping tighter control over data access and system actions. Cequence cited Gartner research arguing that the main security risk with AI agents lies in what they do rather than what they say.

That concern is becoming more acute as adoption rises. Cequence says more than 80% of Fortune 500 companies now deploy active AI agents, while only 47% have AI-specific safeguards in place.

Operational risk

The distinction matters because autonomous agents can act on available permissions without human judgement about when not to use them. In practice, that creates the risk that an agent with valid credentials can move across systems or trigger actions beyond the narrow task it was meant to perform.

One large US telecommunications provider has already used the technology to stop agents crossing boundaries in GitLab, Confluence, Jira and Slack. In that deployment, scoped virtual endpoints limited each agent to the tools and functions it needed.

The broader commercial aim is to add a governance layer for AI agents that sits below the application interface and above the underlying systems of record. That differs from identity tools, which decide who is allowed in but may not control the exact actions an agent can take once authenticated.

Cequence says its AI Gateway now has more than 140 verified enterprise application integrations. Across its wider platform, it says it protects more than 10 billion daily API interactions and four billion user accounts.

Ameya Talwalkar, chief executive officer and co-founder of Cequence, linked the launch to the wider push to roll out autonomous systems in customer service, employee tools and business operations. "Enterprises have made massive investments in AI, and the race to put agents into production across customer experiences, employee workflows, and business operations is accelerating fast," Talwalkar said. "However, security, governance, and scale requirements can't be ignored. Cequence closes the gap that has been holding organisations back by automatically limiting agent tool access which lowers costs, enhances performance, and improves security."

Shreyans Mehta, chief technology officer and co-founder, said Cequence is trying to set policy at the level where agents interact with business systems. "AI agents have quickly become a channel as significant as the web or mobile, powering customer commerce, employee productivity, and autonomous operations all at once," Mehta said. "Agent Personas is how you govern infrastructure access at the agent level, enforcing exactly what each agent can do down to the specific API endpoint, across any model or platform. It is the control plane enterprises need to confidently and securely enable agentic AI access to applications and data."

Related stories
TP-Link launches PTZ5425 camera for business sites
Jazz urges stronger IP safeguards amid AI data leaks
AI advances are reshaping cyber risk, experts warn
Agiloft launches free Astra AI for contract analysis
Ping Identity warns of AI agent authorisation risks

Top stories

Industrial manufacturing tops Digitain cyber risk ranking
Fortinet report warns of widening cyber skills gap
Ransomware posts rise 22% as leak sites proliferate
Anthropic's AI agents spark debate over business risk
DevOps incidents jump 21% as downtime hits 9,255 hours