Desktop AI agents and network visibility: can IAM keep up?

TL;DR: As AI agents move from browser-based use to desktop workflows, enterprises lose visibility into access, data handling, and policy enforcement, according to Lasso Security. That gap turns governance, compliance, and sensitive-data control into network-level identity problems, not just endpoint or browser issues.

NHIMG editorial — based on content published by Lasso Security: Securing Desktop AI Agents with Palo Alto Networks Next-Generation Firewall Integration

Questions worth separating out

Q: How should security teams govern desktop AI agents that bypass browser visibility?

A: Security teams should extend governance to the network and endpoint layers so desktop AI activity is visible, attributable, and policy-enforceable.

Q: Why do desktop AI agents create a governance gap for IAM and NHI teams?

A: Desktop AI agents create a governance gap because they move execution outside the browser session that many controls assume is the primary observation point.

Q: What breaks when AI interactions are not tied to identity context?

A: When AI interactions are not tied to identity context, security teams can see traffic but cannot explain who acted, under what policy, or whether the action was approved.

Practitioner guidance

• Expand visibility beyond browser telemetry Inventory where AI use now occurs on endpoints, in desktop apps, and through API-connected tools.
• Define policy actions for sensitive data classes Create explicit rules for customer information, proprietary code, financial records, and internal documents.
• Correlate AI events with identity records Join desktop AI access events, interaction metadata, and user-level activity patterns to a single audit trail.

What's in the full article

Lasso Security's full blog post covers the operational detail this post intentionally leaves for the source:

• Specific firewall integration mechanics for extending AI inspection from browser to network traffic
• Policy response options for sensitive-data events, including block, alert, and mask workflows
• Examples of the data classes teams can govern, such as customer information, code, and financial records
• Audit-log fields and activity metadata used to support compliance and oversight

👉 Read Lasso Security's analysis of desktop AI agent governance with Palo Alto Networks →

Desktop AI agents and network visibility: can IAM keep up?

Explore further

View Full Forum →  |  NHI Foundation Course →