Opal Security Brings AI Agents to Access Governance, Starting With AI-Guided Access Reviews

SAN FRANCISCO & NEW YORK & LAS VEGAS--(BUSINESS WIRE)--Opal Security, the AI-native access governance platform for every identity, this week at Identiverse 2026 announced Agents in Opal, a set of AI agents built directly into its platform. The release begins with AI-Guided Access Reviews, powered by Opal's Paladin, an AI agent for access governance that can reason and make recommendations.

Access has outgrown human scale. Non-human and agent identities already outnumber people, and the roughly 100-hour review cycle that teams still run cannot keep pace. AI agents make the gap wider. They are deployed faster than security teams can track them, they often inherit the standing, over-scoped credentials of the people who created them, and they multiply the number of identities that need to be governed. Workflows alone do not close that gap. It takes agents that can reason over access, make recommendations, and handle routine decisions, while a person stays accountable for the calls that carry risk.

Meet Paladin: Opal’s AI agent for access governance. Paladin reasons over access, makes recommendations, and handles the routine calls, while a human signs off on the ones that matter.

With Agents in Opal, customers can now put agents to work across four areas:

- Access reviews. Paladin reduces review effort and raises review quality.

- Access requests. Paladin accelerates fulfillment while enforcing policy on every grant.

- Access intelligence. Ask who has access to what in plain English with OpalQuery, no query language required.

- Policy and remediation. AI-assisted OpalScript automates governance workflows and remediation actions.

Every agent runs on the same access graph, governance model, and audit trail, so every recommendation, decision, and action stays transparent and reviewable. That is how organizations move from manual identity administration to AI-assisted governance without giving up control.

The flagship: AI-Guided Access Reviews

The access review is where machine scale breaks first. Paladin groups low-risk grants, shows the evidence behind each one, and lets reviewers clear them in a single click, which can cut review effort by up to 90 percent. Reviewers spend their attention on the access that could actually cause harm. Reviews can be scoped in minutes, the right reviewers are assigned automatically, and reminders, progress tracking, and a complete decision history keep the process audit-ready.

The control sits with the customer. Teams set how much Paladin handles on a dial rather than a switch, and a human signs off on every certification, so the result holds up to an auditor. Where much of the market is moving toward fully autonomous decisions, Opal keeps a person accountable for the access that matters, which is the position security leaders and auditors can defend.

"Access used to be a one-time decision. Today it is a continuous, high-volume problem across humans, services, and AI agents at machine speed," said Sameer Mehta, Chief Product Officer at Opal Security. "Governing it takes agents that can reason over access and handle the routine work, with a human accountable for the calls that matter. We are bringing agents to Opal, starting with the place machine scale breaks first: the access review."

Proven in production

The best security and engineering teams protect their access with Opal. Databricks runs more than 86,000 time-bound access requests through Opal, and Chronosphere has cut standing access by 88 percent.

"Once our access data was centralized in Opal, generating user access reviews became effortless," said Sharon Aby, Senior Manager of IAM at Databricks.

"Agents will need to be more and more treated as identities," said Jason Fernandes, VP of Security and Privacy at Mercari.

Agents will multiply faster than any identity before them, and they will not wait for a quarterly review. The teams that stay ahead will be the ones whose governance runs at machine speed and still answers to a human.

Availability

Agents in Opal, including AI-Guided Access Reviews, will be available to customers in early July. Read the full announcement at https://www.opal.dev/blog/agents-in-opal-access-reviews, or go deeper on the AI-Guided Access Reviews features at https://www.opal.dev/blog/ai-guided-access-reviews.

Opal is showing Agents in Opal this week at Identiverse 2026 in Las Vegas. Stop by booth #848 or catch the Tech Theater session, "The State of Identity Governance and Access," Tuesday at 5:40 p.m. PT.

To see it directly, request a demo at https://www.opal.dev/request-demo or join an upcoming webinar at https://go.opal.dev/access-reviews-you-can-defend.

About Opal Security

Opal has now raised $59 million from Greylock Partners, Battery Ventures, Box Group, SVCI, and Cambium Capital, and was recently named to Notable Capital's Rising in Cyber 2026 list of the 30 most promising private cybersecurity startups, as selected by 150 leading CISOs. Opal is the AI-native access platform that gives security teams real-time visibility, expressive policy-as-code, and direct control over every identity, from employees to service accounts to AI agents. As environments grow more dynamic and autonomous, Opal becomes a self-improving system that ensures resilience and the ability to move faster without increasing risk.