BeyondTrust launches AI Agent Security beta for endpoints
Wed, 1st Jul 2026 (Today)
BeyondTrust has launched a private beta of AI Agent Security, a new Pathfinder module designed to control what AI coworkers and autonomous agents can do on endpoints.
The module applies the same privileged-action rules across AI tools already used in large organisations, including Claude Code, Microsoft Copilot, Cursor and OpenAI Codex.
BeyondTrust is positioning the release as an extension of endpoint privilege management into a new category of software actor: AI systems that operate with the same access rights as the employee who launches them. The company argues this creates a security challenge because these tools can take actions that are not fixed in advance and can reach into cloud services, software repositories and production systems.
In practical terms, the module is intended to give security teams a single control point for AI software running on endpoints. It can identify AI assistants and autonomous agents across managed and unmanaged devices, block unapproved tools, and restrict what approved tools can access.
The system is also designed to enforce controls before an action takes place rather than flagging it afterwards. According to BeyondTrust, that includes setting boundaries around which services, plugins and MCP servers an AI agent may connect to, as well as stopping actions such as credential exfiltration, deletion of production code and erasure of databases.
Endpoint focus
The controls operate across Windows, macOS, Linux and containers. The module also keeps an audit trail showing who took an action, when it happened and what authority was used.
AI Agent Security is the first of several modules planned for Pathfinder. The framework is tied to PathfinderAI and the company's MCP server, which BeyondTrust said provide a single policy structure across its AI-related security products.
The launch comes as software suppliers and enterprise security teams try to address the spread of AI assistants inside companies. A central concern is that workers can install or use AI tools without formal approval, giving those tools access to corporate systems with little visibility for IT and security teams.
BeyondTrust referred to this as shadow AI and said such tools are already running across enterprise fleets. It also argued that AI agents are being adopted more quickly than security controls are being put in place.
Privilege concerns
The company's broader argument is rooted in privilege management, a long-established area of cyber security focused on limiting the level of access granted to users and software. Rather than allowing an AI tool to inherit full user credentials by default, BeyondTrust said its module applies least-privilege principles so the software receives only the access needed for specific tasks.
That reflects a shift in how endpoint risk is being framed. Traditional security questions often centre on whether an application is malicious, suspicious or approved to run. BeyondTrust said AI agents challenge that model because their behaviour is less predictable and their actions may change according to prompts, context and connected systems.
A factual backdrop to the launch came from Phantom Labs, BeyondTrust's internal security research team, which has worked on the product. The group previously reported that non-human identities now far outnumber human ones and that enterprise AI agents are growing by more than 460 per cent year on year.
BeyondTrust said the module was developed using research into how AI agents behave in real environments. The product also builds on its Endpoint Privilege Management software, which has been used for privilege enforcement across operating systems and container environments.
BeyondTrust said it serves more than 20,000 customers, including 75 of the Fortune 100. The new AI module will initially be sold as an add-on to Endpoint Privilege Management.
Marc Maiffret, Chief Technology Officer at BeyondTrust, set out the company's view of the shift under way on corporate devices.
"We are not a privileged access company adding AI," said Marc Maiffret, Chief Technology Officer at BeyondTrust. "We are the company that has long defined how to secure privileged action, and the most powerful actor on the endpoint is no longer human. For twenty years that actor was a person with admin rights, and we built the category for securing them. The actor has changed, but our job has not."