Keeper Security is moving deeper into one of the messier parts of enterprise AI: what happens when AI agents start acting on employee devices. As part of their ongoing innovation, Keeper Security agentic AI governance is becoming an increasingly important area of focus.
The company has extended agentic AI governance to Keeper Endpoint Privilege Manager, giving organizations a way to discover, control, and audit AI agents running on workstations and enterprise endpoints. The update was announced on July 7, 2026, and is available through Keeper Endpoint Privilege Manager, either as a standalone product or as part of KeeperPAM.
That sounds like a narrow security feature. It is not.
AI agents are beginning to operate more like digital workers than simple software tools. They can access files, call APIs, run commands, trigger workflows, and request permissions. Useful, yes. Also risky when nobody is watching closely.
Keeper Wants to Govern AI Agents Where They Actually Run
A lot of AI governance talk still focuses on the model layer or the Model Context Protocol layer. Keeper is taking a different route. Its approach works at the endpoint level, where the agent is actually executing actions on a machine.
According to Keeper, this allows the system to govern agent behavior even when the agent does not use MCP. That matters because agents can interact with local tools, APIs, shells, files, and operating system functions outside neat governance pathways. Keeper says its endpoint-based controls can observe actions such as spawning child processes, writing to the filesystem, invoking a local shell, seeking privilege elevation, or touching sensitive files.
In plain terms, Keeper is trying to stop AI agents from becoming invisible operators inside company devices.
The AI Agent Problem Is Getting Bigger Fast
The timing is not random. Enterprise AI adoption is moving from chatbots to agents. Once that happens, identity security gets more complicated.
Keeper cited Gartner’s prediction that an average global Fortune 500 enterprise could have more than 150,000 AI agents in use by 2028, compared with fewer than 15 in 2025. The company also pointed to IBM’s 2025 Cost of a Data Breach report, which found that 63% of organizations lack AI governance policies entirely, while 97% of organizations that experienced an AI-related breach lacked proper AI access controls.
That is the uncomfortable part. Companies are testing agentic AI because it can automate work. But many of those same companies still do not have the security model to manage non-human identities at scale.
Known and Unknown AI Agents Can Be Detected
Keeper Endpoint Privilege Manager can identify both known and unknown AI agents on managed endpoints.
Known agents such as GitHub Copilot, Cursor, Claude Code, and Amazon Q are recognized through a signed catalog of agent identities, combined with Keeper’s AI likelihood score. For unknown agents, Keeper uses its own AI detection algorithm. Every application on a managed endpoint receives a zero-to-100 score, and once an application crosses a configurable threshold, agentic AI policies can apply immediately.
This is important because not every AI tool will arrive through an approved enterprise rollout. Developers may download some tools directly. Others may come bundled into existing applications. In some cases, they may not look obvious at first glance.
The endpoint is where those tools become real.
Three New Policy Types for Agentic AI Control
Keeper’s new governance feature is built around three policy types.
The Agentic AI Policy controls who can run AI agents on an endpoint. Meanwhile, the Agentic Access Policy defines what those agents may do on a user’s behalf, including access to sensitive files, executables, and commands. For administrative elevation, the Agentic Privilege Elevation Policy controls how agents submit requests.
There is also a monitor-first lifecycle. That gives organizations a way to observe AI agent behavior before switching enforcement on. For companies nervous about blocking legitimate workflows too quickly, that matters.
Keeper also added approval controls, so certain agent actions can be routed to end users or designated approvers before they are allowed to proceed.
Why This Is Really About Identity Security
Keeper CEO and Co-founder Darren Guccione described AI agents as “principals,” not assistants. That framing is important. In security terms, a principal is an entity that can be identified, granted access, and held accountable for actions.
That is where agentic AI creates a new security headache. A human employee may launch the agent, but the agent can take actions after that. It may touch files, request privileges, execute commands, or interact with internal systems. Without clear attribution, security teams are left trying to answer a basic question after something goes wrong: who, or what, actually did this?
Keeper’s update is designed to bring AI agents into the same identity, approval, and audit framework already used for human privilege requests. The company says this creates a unified audit trail across human and non-human identities on every endpoint.
Not flashy. Very necessary.
Enterprises Need AI Governance Below the Surface
The larger story here is that AI governance is moving beyond policies, dashboards, and boardroom language.
Companies now need controls at the machine level. Not just “which model are we using?” but “what is this agent doing on this laptop right now?” That is a much harder question.
Keeper’s expansion into endpoint-level agentic AI governance reflects where enterprise AI security is heading. The risk is no longer only about bad prompts or data leakage through chat windows. It is about autonomous software acting across real business systems with real permissions.
AI agents may help companies move faster. But without access controls, approval gates, and audit trails, they can also create a new blind spot.
Keeper is betting that the endpoint is where that blind spot needs to be closed first.

