IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom
Keeper adds AI agent governance to endpoint manager

Keeper adds AI agent governance to endpoint manager

Tue, 14th Jul 2026 (Today)
Joseph Gabriel Lagonsin
JOSEPH GABRIEL LAGONSIN News Editor

Keeper Security has added agentic AI governance to its Endpoint Privilege Manager, extending access controls and policy enforcement to AI agents running on employee devices.

The feature is designed to discover and govern AI agents on workstations and other endpoints, including those using Model Context Protocol, direct APIs, local tools and other methods. Keeper's approach operates at the operating system level rather than only at the protocol layer, allowing it to observe and control actions taken by agents on the machines where they run.

The software can monitor whether an AI agent spawns child processes, writes to the file system, invokes a local shell, seeks elevated operating system privileges or accesses sensitive files. Those actions are then evaluated against the same policy engine already used for human users, using the same identity, approval and audit framework.

The move comes as businesses adopt growing numbers of autonomous software agents to carry out tasks previously handled by employees. Keeper cited Gartner forecasts that by 2028, a global Fortune 500 enterprise will use more than 150,000 AI agents on average, up from fewer than 15 in 2025.

It also pointed to IBM research showing that 63% of organisations do not have AI governance policies, while 97% of those that suffered an AI-related breach lacked suitable AI access controls. The figures underscore the speed of adoption and the relative immaturity of oversight tools.

Endpoint focus

Keeper's update centres on endpoints, where many AI agents operate directly on behalf of users. According to the company, rival products often govern only tool calls routed through an MCP server, leaving other actions outside policy controls if they do not pass through that layer.

By contrast, Keeper's installed endpoint agent mediates privilege requests from both people and software agents. That gives administrators a single audit trail covering human and non-human identities on managed devices, the company said.

Detection is a key part of the release. Endpoint Privilege Manager can identify both known and unknown AI agents running on managed endpoints.

Known agents, including GitHub Copilot, Cursor, Claude Code and Amazon Q, are recognised through a signed catalogue of identities alongside what Keeper described as an AI likelihood score. Applications not in the catalogue are assessed by a detection algorithm that gives each application on a managed endpoint a score from zero to 100.

If an application crosses a threshold set by administrators, it is brought under agentic AI policies as soon as it runs. Administrators can adjust the threshold for different policies and assign known agents to defined groups for more targeted controls.

New policies

The release introduces three policy types: an Agentic AI Policy, which determines who can run agents on an endpoint; an Agentic Access Policy, which determines what those agents can do on a user's behalf; and an Agentic Privilege Elevation Policy, which governs how agents request administrative elevation.

The update also adds an approval control that routes certain agent actions to end users for review. Under what Keeper described as a monitor-first lifecycle, organisations can observe behaviour before moving to full enforcement, while actions requiring human review are held at an approval gate until a designated approver makes a decision.

Keeper has also added a dashboard for AI agent visibility, a workload view, dedicated groupings for agents and automatic agent updates with version control. The audit trail records agent actions, policy decisions and approval outcomes, which can help security and compliance teams connect activity on endpoints with regulatory obligations.

It also linked the new controls to the National Institute of Standards and Technology AI Risk Management Framework, saying the product gives organisations a way to put those requirements into practice directly at the endpoint level.

Darren Guccione, Chief Executive Officer and Co-founder of Keeper Security, outlined the company's position on the status of AI agents inside corporate systems.

"AI agents are not assistants; they are principals," said Darren Guccione, Chief Executive Officer and Co-founder of Keeper Security. "Every agent running on an endpoint has an identity, requests access and takes actions on behalf of your organisation. If you are not governing them with the same rigour you apply to your human workforce, you have blind spots that adversaries will find before you do. Keeper closes that gap today."

Craig Lurey, Chief Technology Officer and Co-founder of Keeper Security, said the company sees autonomous agent behaviour as a growing security issue for organisations using new AI tools.

"AI agents operate with an alarming level of autonomy, creating an urgent security gap that organisations are scrambling to close," said Craig Lurey, Chief Technology Officer and Co-founder of Keeper Security. "This update stops the emerging threat of autonomous AI in its tracks, allowing enterprises to adopt cutting-edge AI agents without opening the floodgates to catastrophic risk."

The feature is available with Keeper Endpoint Privilege Manager as a standalone product or as part of the company's broader privileged access management platform.