Saviynt, an identity security solutions provider, has expanded its Identity Security for AI solution with new controls designed to help enterprises manage how AI agents access applications, data, APIs, and other business systems.
Saviynt’s latest update adds Intent-Aware Runtime Authorization (IARA) to its Agent Access Gateway, a security layer that monitors and controls AI agent actions while they happen. The capability aims to address a growing challenge for businesses as AI agents move from testing environments into daily operations.
Unlike traditional access controls built mainly for human users and fixed applications, AI agents can make decisions, adapt, and perform multiple actions across systems within seconds. This creates a need for security tools that can evaluate not only who or what is requesting access, but also whether the action matches the intended purpose.
“AI agents are becoming a new class of enterprise identity — autonomous, powerful, and capable of taking action across critical business systems,” said Vibhuti Sinha, chief product officer, Saviynt. “Agent Access Gateway gives enterprises a way to control AI agent behavior at runtime, when decisions actually happen. With IARA, organizations can move beyond static permissions and make access decisions based on what an agent is trying to do, why it is doing it, and whether that action should be allowed.”
With IARA, Saviynt said organizations can evaluate AI agent activities in real time using identity, context, security policies, and intent. If an AI agent attempts an action outside approved limits, the system can block the request and create an audit record.
For example, an AI sales operations assistant may have permission to summarize customer information from a CRM platform. However, if it tries to export customer records, change pricing details, or send communications without proper approval, the system can check whether the action matches the original request before allowing it.
The update also adds inbound and outbound access controls for AI agents. These controls help organizations determine who can interact with AI agents and what systems, applications, and data those agents can access.
Saviynt’s Identity Security for AI control plane provides visibility, governance, and access management across the AI environment, including where AI agents are created, operated, and used within enterprise applications. The company has also expanded integrations to include Microsoft Foundry, N8N, Snowflake Cortex, and other platforms.
Beyond AI agent controls, Saviynt introduced identity verification features designed to reduce impersonation risks linked to AI-enabled fraud and social engineering. The platform now supports verification methods such as biometric scanning, selfie photos, liveness detection, and more than 4,000 government-issued document formats across more than 177 countries.
As companies adopt AI tools for business operations, Saviynt said these updates address two key security concerns: controlling what AI agents can do and ensuring that users behind digital identities are properly verified.