AI agent governance architecture: what changes for IAM teams?

TL;DR: Traditional security tools cannot secure AI agents because they were designed around user-centric identity, event-based visibility, and fixed data paths, according to Zenity and Gartner’s April 2026 evaluation. The governance problem is structural, because agent behavior, layered identities, and runtime intent invalidate assumptions that legacy IAM and detection stacks rely on.

NHIMG editorial — based on content published by Zenity: Why Purpose-Built Architecture Wins in AI Agent Governance

By the numbers:

• Gartner named Zenity the company to beat in the AI Agent Governance category in its AI Vendor Race report as of 17 April 2026.
• 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
• 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.

Questions worth separating out

Q: How should security teams govern AI agents that use multiple identity layers?

A: Security teams should inventory every identity layer an agent can use, including static credentials, session identities, embedded tool identities, and any delegated relationships between agents.

Q: Why do event-based tools struggle with AI agent governance?

A: Event-based tools struggle because they see isolated actions, not the full intent behind a chain of actions.

Q: What breaks when organisations try to retrofit IAM controls onto AI agents?

A: Retrofit IAM breaks when the control model assumes a stable human session or a single workload identity.

Practitioner guidance

• Inventory agent identity layers separately Document static credentials, session identities, tool identities, and any agent-to-agent relationships before assuming a single account view is enough.
• Replace event-only detection with session-level intent review Correlate tool calls, memory access, and data use across the full execution chain so you can judge whether the agent’s behaviour still matches the approved task.
• Classify agent environments by deployment pattern Separate SaaS-managed, home-grown, and device-based agents in your inventory and controls, because each requires a different discovery and enforcement path.

What's in the full article

Zenity's full article covers the operational detail this post intentionally leaves for the source:

• How the Observe, Govern, and Defend workflow is structured across discovery, posture, investigation, and enforcement.
• What the Clarity Agent and stateful threat engine do during runtime analysis of agent behaviour and intent drift.
• How Zenity Issues assembles posture findings, runtime anomalies, identity relationships, and attack paths into a single incident view.
• Why the article expects context-responsive policy to become the next stage of agent authorization design.

👉 Read Zenity's analysis of AI agent governance architecture and intent-aware detection →

AI agent governance architecture: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →