Defining Permissions for AI Agents: A Practical Guide to Securing Agentic AI

Read full article here: https://www.token.security/blog/securing-agentic-ai-defining-permissions-for-unpredictable-ai-agents/?utm_source=nhimg

The rapid emergence of agentic AI—autonomous, goal-driven AI systems capable of independent decision-making—is redefining the boundaries of identity and access management. In a live webcast hosted by Token Security, CEO Itamar Apelblat and Ty Sbano, CISO at Webflow, explored one of the most pressing challenges in cybersecurity today: how to define and secure permissions for unpredictable AI agents.

Unlike static workloads or role-based human accounts, AI agents operate with intent, adapting behaviors dynamically and performing actions across multiple systems. As Apelblat noted, “Agent identities are hybrids—they have the creativity of humans but the continuous action of machines.” This fusion makes them both transformative and inherently risky.

Traditional IAM models—built for deterministic interactions—are now insufficient. Sbano emphasized the need to evolve from action-based to intent-based permissioning, where security decisions account not just for what an agent does, but why it does it. This marks a new frontier for Zero Trust architectures—integrating context, behavior, and motivation into authorization logic.

Both leaders warned that AI experimentation is generating uncontrolled identity sprawl. Agents created for pilots or workflows often remain active, with lingering credentials and unclear ownership. “We see agents that were created, tested, and then forgotten,” Apelblat explained. This lack of visibility threatens both security and compliance, especially as enterprises scale AI across departments.

The webcast underscored a critical balancing act: enabling innovation without losing control. Sbano advised CISOs to “provide guardrails, not gates.” Blocking AI adoption drives shadow experimentation, while structured guardrails allow teams to innovate safely under clear security boundaries.

Compliance frameworks like ISO 42001 will play a growing role, but true AI security maturity lies in contextual enrichment—fusing telemetry from IAM, SaaS, and monitoring platforms to understand agent behavior in real time. Future-ready organizations will integrate authentication, authorization, and intent signals to govern AI identities holistically.

Key Insights

• AI agents represent a new identity class—autonomous, creative, and unpredictable.
• Intent-based access control extends IAM into contextual and behavioral domains.
• Visibility and lifecycle management are urgent priorities to prevent orphaned agents.
• Accountability frameworks must evolve—every employee becomes a manager of agents.
• Security must enable innovation, establishing guardrails rather than imposing blocks.

As enterprises transition into the era of autonomous digital identities, the challenge is clear: to redefine identity governance for entities that think, act, and evolve on their own.