AI/ML, MSSP, API security

Entro Extends NHI Security to Agentic AI, Bringing Observability and Control to Shadow Agents

3D Illustration of Guardrails in the context of technology and safety

Although agentic AI is quietly rewriting how enterprise systems operate, it is also multiplying identities, permissions, and access paths at a pace security teams can’t easily contain. Entro Security’s latest expansion is designed to change that. With the addition of AI Agents Discovery and Observability to its NHI Security Platform, Entro is giving organizations the means to finally see, govern, and secure every AI agent running across their environment.

These aren’t chatbots. AI agents act on their own - calling APIs, completing tasks, and using embedded credentials to reach data and tools. Each one operates as a non-human identity (NHI) with its own permissions and access rights. As more organizations adopt frameworks like the Model Context Protocol (MCP), these agents are multiplying fast. Without proper oversight, they can create hidden access paths and excessive privileges, expanding the attack surface and making it harder to track who - or what - is in control.

Itzik Alvas, CEO and co-founder of Entro Security, told MSSP Alert that MCP and similar standards have made it easier than ever for AI agents to proliferate - often beyond what security teams can track.

"Entro discovers AI agents using logs and APIs to cloud and SaaS services that offer AI agents, scanning workstations for AI-related binaries and configuration files, and inspecting source code and collaboration tools for API usage and MCP configuration files, ensuring no shadow agents go undetected,” said Alvas. By tying discovery directly to telemetry across cloud, endpoint, and collaboration tools, Entro ensures that even short-lived or experimental agents don’t escape visibility.

Visibility, Ownership, and Least Privilege for AI Agents

Entro’s new capability builds on its core strength in secrets and NHI security. By extending its discovery engine to include AI agents, the platform helps teams find, track, and monitor these agents in real-time. It connects each one to the credentials it uses, the permissions it holds, and the human who created it - keeping accountability clear even as automation grows.

As Alvas noted, ownership is one of the toughest challenges for enterprises deploying AI agents. "Customers struggle to assign ownership because AI agents often lack metadata and are deployed across fragmented environments,” he said. “Entro solves this by automatically correlating agent activity with human users through logs, code commits, and device telemetry, then enforces ownership via policies, alerts, and automation.”

By attributing every agent to a human owner, Entro closes the accountability gap that emerges when development teams spin up agents without proper tagging or oversight. It keeps humans in the loop - not just as creators, but as custodians responsible for managing privileges and reviewing activity.

The update introduces four key functions designed to bring observability and control to agentic AI environments:

  • Agent Discovery and Inventory: A unified view of all AI agents, NHIs, and secrets, enabling teams to pinpoint shadow AI and inactive or risky identities.
  • NHIDR™ AI Threat Detection: Continuous behavioral analysis to establish baselines for normal activity and flag anomalies, access abuse, or privilege misuse.
  • Ownership and Lifecycle Management: Ties every agent and NHI to a verified human owner, automating key hygiene steps like credential rotation and decommissioning.
  • Agent and NHI Posture: Evaluates purpose and permission scope to enforce least privilege and reduce blast radius across tools and APIs.

Closing a Critical Blind Spot for CISOs

For CISOs already burdened with identity sprawl, agentic AI adds another layer of complexity. Alvas said Entro is deliberately filling the gaps left by traditional IAM and PAM tools: “Entro stands out by tackling the non-human identity and AI agent sprawl that traditional IAM tools miss. We give CISOs full visibility, ownership mapping, and automated control over secrets and AI agents across code, cloud, and endpoints, closing a critical blind spot.”

In other words, Entro isn’t replacing existing IAM investments - it’s augmenting them where they fall short. As AI agents gain autonomy, they’re bypassing many of the controls designed for human users. Entro’s contextual mapping ensures these identities remain visible and governable, no matter where they live or how fast they multiply.

Extending Observability to MSSPs

The rise of agentic AI is also reshaping how service providers deliver managed detection and response. MSSPs are starting to operationalize Entro’s observability capabilities as part of their MDR offerings. “MSSPs use Entro’s AI agent observability to detect shadow agents, map ownership, and monitor risky behavior in real time - enabling them to deliver managed detection and response (MDR) for AI-driven environments and customers at scale,” said Alvas.

This model gives MSSPs the ability to differentiate their services while helping customers transition to AI-native operations securely. Instead of focusing solely on human-driven alerts, they can now extend coverage to agent-led workflows - catching misconfigurations, privilege misuse, and access anomalies before they become incidents.

Entro’s approach acknowledges that AI agents, secrets, and NHIs now form a single interconnected risk surface. An exposed token or untracked permission can quickly cascade when autonomous agents are in play. Observability helps teams detect these weak links early, while lifecycle controls keep privileges aligned with policy.

As enterprises adopt agentic AI, Entro’s platform offers a path forward - one rooted in visibility, ownership, and continuous assurance. Rather than slowing innovation, it gives teams the guardrails to build with confidence, ensuring that every agent acts as intended - and never alone.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.
Suparna Chawla Bhasin

Suparna is the Senior Managing Editor for CyberRisk Alliance’s Channel Brands, including MSSP Alert and ChannelE2E. She manages content development, sharpens editorial workflows, and ensures storytelling is tightly aligned with audience needs. With a background in technology, media, and education, she combines strategic insight with creative execution.

You can skip this ad in 5 seconds