New York, United States, March seventeenth, 2026, CyberNewswire
Unleash AI adoption securely: uncover, attribute, and govern AI brokers all through the enterprise
Orchid Safety, the corporate bringing readability and management to the complexity of enterprise identification, right now introduced it has been acknowledged as a Consultant Vendor in Gartner’s Market Information for Guardian Brokers, as a vendor “managing the identities/entry for AI brokers with zero-trust insurance policies and governance.”
On this inaugural market information, Gartner asserts that:
“AI brokers introduce new dangers that outpace human evaluate, but most enterprises are unprepared to handle them because of fragmented organizational buildings and ongoing challenges with discovery.”
Orchid Safety concurs with this evaluation. The corporate finds that the rising use of AI brokers exponentially expands the quantity of identification darkish matter—the invisible and unmanaged layer of identification—inside organizations.
AI brokers may exploit the darkish matter that already exists with a purpose to obtain their prompted functions as effectively as doable by design.
“For all of the thrilling enterprise transformation promise of agentic AI, its rising adoption poses very actual cyber, compliance and operational dangers to be managed,” mentioned Roy Katmor, co-founder and CEO of Orchid Safety.
In reviewing Gartner’s analysis, Orchid notes a number of key necessities for correctly managing AI brokers which are shaping the guardian agent market:
Human Operator Attribution
Though AI brokers are assumed to behave on behalf of people, they’ve their very own identities impartial of customers. Organizations should establish all brokers and map their exercise to the related human proprietor for accountability, compliance, and governance.
Exercise Audit
Organizations should see, log, monitor, and report on agent exercise and output to make sure accountability, reveal compliance, and allow incident response within the occasion of unauthorized modifications or incidents.
Posture Administration
Safe use of every AI agent requires correct identification and entry administration hygiene, together with centrally managed identities, robust authentication, time- and purpose-bound entry, and least-privilege authorization.
Runtime Inspection and Enforcement
Agentic actions and outputs should stay aligned with intentions, objectives, and governance insurance policies to take care of acceptable use.
Orchid’s Rules for Safe AI Agent Adoption
Orchid believes these necessities align carefully with its view of safe AI-agent adoption inside complete identification and entry administration, guided by 5 core rules:
Human-to-Agent Attribution
Determine and classify each AI agent—whether or not embedded in self-hosted functions, delivered by way of SaaS platforms, or working via third-party options—and explicitly correlate it to a accountable human proprietor (and, the place related, a system/service proprietor).
This ensures organizations know precisely who triggered an agent run, who authorised the device use, and who’s finally chargeable for the end result.
Complete Exercise Audit
For each agentic entity, seize the total operational context: the agent identification, assigned position, intent behind the motion, approvals, and the entire chain of custody from Agent → Instrument/API → Motion → Goal.
This allows accountability, compliance reporting, and speedy incident response.
Dynamic, Context-Conscious Guardrails
Guarantee each AI agent’s entry is repeatedly evaluated and enforced based mostly on real-time context, human proprietor entitlements, atmosphere, time, goal, sensitivity of the goal, and danger alerts—avoiding broad, standing privileges no matter how the agent is applied or built-in.
Least Privilege
Require correctly scoped permissions and Simply-in-Time (JIT) elevation for agent actions, changing persistent “god-mode” entry with purpose-bound, time-bound authorization aligned to the minimal required entry.
Remediation Responses
Detect unauthorized or dangerous agent exercise—corresponding to makes an attempt to bypass controls, use static secrets and techniques, exceed meant scope, or entry delicate targets—and orchestrate remediation by blocking the motion, stepping up approval, implementing re-authentication, or rotating credentials by way of Vault/PAM integrations.
“AI brokers is not going to be adopted safely on prime of yesterday’s identification stack,” Katmor summarized.
“Orchid delivers the identification infrastructure for each identification, human and non-human—together with agentic AI—with attribution, audit, and least-privilege guardrails inbuilt. That’s how enterprises unlock the total energy of AI with out increasing their assault floor or compromising compliance.”
Enterprise leaders chargeable for cybersecurity, identification and entry administration, and AI agent governance register for choose entry to the Gartner Market Information for Guardian Brokers, compliments of Orchid Safety.
Further Assets
Gartner Disclaimer
Gartner doesn’t endorse any firm, vendor, services or products depicted in its publications, and doesn’t advise know-how customers to pick solely these distributors with the best rankings or different designation.
Gartner publications encompass the opinions of Gartner’s enterprise and know-how insights group and shouldn’t be construed as statements of truth.
Gartner disclaims all warranties, expressed or implied, with respect to this publication, together with any warranties of merchantability or health for a specific goal.
GARTNER is a trademark of Gartner, Inc. and its associates.
About Orchid Safety
Orchid Safety sees straight into utility binaries to ship the business’s first Identification Management Aircraft, reworking IAM complexity into readability, compliance, and management.
Its Identification-First Safety Orchestration platform repeatedly discovers enterprise functions, analyzes their native authentication and authorization flows, and accelerates onboarding into governance programs—reducing months of guide work right into a single click on.
The platform additionally observes all identification exercise—managed and unmanaged—on the utility degree, offering a full audit of use and figuring out orphan, dormant, native, and over-permissioned accounts.
By exposing and remediating the “identification darkish matter” hidden throughout trendy environments, Orchid helps enterprises scale back danger, decrease operational prices, and obtain compliance at scale.
Backed by Intel Capital and Team8, Orchid leverages observability, automation, and huge language fashions to unify fragmented identification operations.
World organizations depend on Orchid to modernize identification governance, speed up IGA adoption, and safe the subsequent era of functions and AI brokers.
Contact
Chloe Amante
Montner Tech PR
