P0 Security Extends Its Authz Control Plane to Service Accounts, Workloads and AI Agents

SAN FRANCISCO--(BUSINESS WIRE)--In conjunction with the NHAI Global Summit, P0 Security announced general availability of its NHI Lifecycle Management and Authz Control Plane for Agents, extending the P0 platform to centrally govern human users, machines and first-party AI agents. P0 continuously discovers these identities via native APIs, maps what they can access, assigns accountable ownership and flags risky posture. Most importantly, it replaces standing permissions with ephemeral, least-privileged access enforced at runtime, so automation and agents can only perform actions that are aligned with policy and business intent.

These capabilities bring P0’s trusted platform to non-human identities, applying the same just-enough, just-in-time authorization model to all entities accessing sensitive resources, data and code.

“P0 is focused on securing sensitive systems for our customers – automation and increasingly AI agents are a critical part of that in modern environments,” said Shashwat Sehgal, CEO and Co-Founder of P0 Security. “We don’t see agentic systems as introducing new identity problems so much as amplifying existing ones. Our platform ensures that agents and other NHIs operate within the same access constraints as the human end-users that invoke them, enforcing accountability and policy alignment across every identity type in production.”

Enabling innovation without compromising security

Enterprises are adopting an ever expanding set of automation, internal developer tooling and AI-driven applications to improve efficiency, automate operational workflows and accelerate product delivery. However, these technologies often depend on service accounts, workloads and internal AI agents that operate with excessive and persistent access, creating unacceptable risk exposure as unfederated adoption scales.

P0 enables organizations to modernize security alongside business innovation by shifting from reactive monitoring to proactive authorization. Key benefits include:

• One set of least-privilege policies for humans, service accounts, workloads and AI agents
• Every NHI is tied to an accountable owner and can only act within approved intent and policy
• Runtime authorization blocks unauthorized actions before they happen, not just after-the-fact detection

This approach allows enterprises to deploy automation and agentic capabilities with confidence, while maintaining strong governance and accountability.

“As we continuously anticipate what the business will need next, we have to enable agility in a way that doesn’t compromise security or operational resilience,” said Michael Chan, Director of AI and IAM Security at CNA. “P0 enabled us to scale our governance of non-human identities with automated, policy-driven controls; bringing service accounts, static credentials and their entitlements under the same disciplined guardrails we uphold for all privileged access.”

What’s new in this release

These capabilities are now generally available for service accounts, workloads and internal AI agents as part of the P0 platform.

• Central governance with automated discovery
  Continuously discover service accounts, workload identities and AI agents with access to production through native APIs. P0 maps what they can access, assigns accountable ownership and flags risky posture to drive remediation and lifecycle automation.
• NHI Lifecycle Management
  Provision non-human access, define usage intent, rotate credentials automatically and enforce just-enough, just-in-time workflows. P0 reduces identity sprawl and continuously keeps access least-privileged.
• Authz Control Plane for Agents
  P0 replaces persistent permissions with time-bound, purpose-specific authorization. Access is evaluated dynamically at runtime ensuring AI agents can only perform actions aligned with policy, identity, context and business intent.

P0 supports access workflows purpose built for each identity type:

• Human users request temporary privileged access through approval workflows
• Service accounts and workloads request access programmatically through platform integrations
• AI agents are authorized at runtime during real-time tool execution workflows

P0 integrates with major cloud providers, developer applications and enterprise AI platforms, including AWS Bedrock, Google Vertex AI and Microsoft Agentic Foundry.

Bringing NHIs inside the same guardrails as the humans they represent

The rapid expansion of automation and internal AI development is driving exponential growth in non-human identities across enterprise infrastructure. Traditional IGA and PAM tools were primarily designed for human users and static infrastructure. As a result, many organizations rely on shared credentials and long-lived service accounts with excessive permissions. As agents have increasingly entered the picture, the problem has only been amplified.

By extending the P0 Authz Control Plane to non-human identities, inclusive of AI agents, customers can apply consistent guardrails across every entity acting in production and prevent unauthorized access before it happens. This keeps NHIs and agents inside the same governance model as the humans accountable for their actions.

Availability and resources

The expanded capabilities are available now as part of the P0 Security platform which is being demonstrated at the NHAI Global Summit.

• ACP for Agents demonstration
• NHI Lifecycle Management demonstration

About P0 Security

P0 Security is the central Authz Control Plane for modern production environments. P0 helps enterprises meet evolving privileged access demands by delivering secure, auditable and agile access across multi-cloud and hybrid infrastructure. The central platform governs all identity types including human users, machines, workloads and AI agents. By managing the full privilege lifecycle from discovery through audit, P0 enables customers to programmatically replace broad access and static credentials with just-enough-privilege and Just-in-Time access.

Zero standing privilege. Zero added friction. Because threats to your production infrastructure must be priority zero. Learn more at www.p0.dev.