Enterprise AI security is changing. Teams are no longer trying to catch isolated alerts. They are trying to understand behavior across agents, identities, and systems. Zenity’s latest platform update reflects that shift. The release adds three things: incident intelligence that explains AI-driven events, governance for agentic browsers, and an open-source tool to reduce LLM manipulation risk. The focus is not on creating more alerts. It is on answering a basic question security teams keep asking: what actually happened, and why does it matter?
Context now matters more than volume
As AI agents, copilots, and autonomous workflows move into production, security teams are finding that traditional alerting breaks down. Signals exist, but intent and causality are hard to see. Zenity’s updates aim to close that gap by correlating identity context, runtime behavior, and agent actions into something analysts can work with immediately.
Ben Kliger, Co-Founder and CEO of Zenity, told MSSP Alert that this change shows up most clearly during investigations:
“Zenity’s correlation engine reduces investigation time by giving analysts a complete incident story up front. Instead of sorting through isolated alerts and trying to understand how posture gaps, anomalies, and agent behavior relate to one another, Issues brings everything together into one clear narrative. This removes hours of manual reconstruction and lets analysts focus on verifying impact and responding.”
Incident intelligence that shortens investigations
Zenity’s new 'Issues' capability correlates posture findings, runtime anomalies, identity relationships, and graph-based insights into high-confidence incidents. Rather than forcing analysts to piece together timelines, the platform presents a coherent account of what occurred, how different signals connect, and which systems or agents were involved.
According to Kliger, the practical impact is measurable: “In our POV process, we consistently see investigations that once took hours, days, or even weeks reduced to minutes. Zenity assembles all relevant signals into a single, coherent incident story, so analysts are not forced to stitch together posture findings, runtime anomalies, identity information, and agent actions on their own. The context they need is available the moment they open the Issue.”
For MSSPs evaluating this capability, the value test is straightforward. Kliger frames it this way: “Does the tool explain what happened and why, or does the analyst still have to build the story manually? If the story is still being reconstructed by hand, investigation time will not improve. Zenity provides that story automatically, which is where the meaningful time savings come from.”
Bringing agentic browsers under governance
Agentic browsers introduce a growing risk surface that most security stacks were not designed to handle. Tools such as ChatGPT Atlas, Perplexity Comet, and Dia can autonomously read authenticated content and take actions on behalf of users. From a security standpoint, that means sensitive activity can occur without clear visibility into whether a human or an agent initiated it.
Zenity is extending coverage to these browsers through its device agent, enabling discovery, monitoring, and policy enforcement at the endpoint. This approach recognizes where the risk actually lives.
Kliger explains why this matters for service providers: “Agentic browsers and coding assistants run directly on the endpoint, meaning they are independent from a team’s Agentic SaaS maturity level. These tools act with the user’s identity and interact with sensitive systems in ways that existing security controls cannot fully observe. For MSSPs that want to offer comprehensive AI agent security, a device agent is essential because it provides visibility into the full lifecycle of local agents and closes the Shadow AI gap.”
The focus is on making governance workable at scale, not just theoretically possible: “Zenity’s device agent is lightweight, deploys easily through standard UEM systems, and runs with least-privileged access. Once installed, MSSPs can discover agentic browsers, monitor autonomous activity in real time, detect risky actions, and enforce policies that prevent data exposure or misuse.”
This coverage also aligns agentic browsers with the same controls applied to SaaS-based and homegrown agents, reducing policy fragmentation across environments.
Open-source controls for LLM manipulation risk
Alongside these platform updates, Zenity Labs is releasing
Safe Harbor, an open-source tool designed to address emerging LLM manipulation techniques, including data structure injection and structured self-modeling attacks. Safe Harbor introduces a “safe action” an agent can call when it detects harmful instructions or unsafe workflows. Instead of executing a malicious path to completion, the agent can redirect or exit safely.
Kliger sees different value depending on customer maturity: “For organizations early in their AI journey, Safe Harbor can help the SOC pinpoint where unsafe behavior occurred and support investigations. For teams with a moderate level of maturity, it becomes part of a wider set of sensors that alert on and block misuse. For advanced environments, Safe Harbor fits into a broader defense-in-depth strategy where it is tuned, monitored, and integrated into custom agent workflows.”
He also points to where MSSPs should focus when deploying it: “We believe MSSPs should encourage customers to add Safe Harbor at the point where the model selects a tool call, since this is where many real-world attacks originate. This gives MSSPs a consistent foundation to improve AI agent safety across customers with very different levels of adoption and technical sophistication.”
By focusing on incident narratives, endpoint-level visibility into agentic browsers, and practical controls for LLM manipulation, Zenity is addressing areas where many AI security programs are already under strain. For MSSPs, the takeaway is practical: services that can explain behavior, govern new agentic surfaces, and reduce response time are likely to matter more than tools that simply add another layer of alerts.
