Zscaler Unveils AI Agent Security Updates for Its Zero Trust Exchange

Zscaler, Inc. outlined enhancements to its Zero Trust Exchange aimed at securing AI Agents, including how they communicate, access data, and operate across enterprise environments. The company said the update extends zero trust controls beyond human users to address new access and governance gaps created when agents act on users’ behalf and autonomously.

Zscaler described a shift in security needs as autonomous AI agents introduce ephemeral identities, sub-agents and tasks, and permission use patterns that legacy tools may not fully see or control. It also said endpoints can be exposed to malicious agents, tools, and plugins that some legacy endpoint security solutions were not designed to detect.

To expand protections across the AI ecosystem, Zscaler introduced two advances within the Zero Trust Exchange: Zscaler AI Broker and Zscaler Endpoint AI Security. Zscaler AI Broker secures agentic communications through MCP and A2A brokers with an integrated Agent Registry for fine-grained access, while Endpoint AI Security targets AI-related threats on employee devices across browser, extension, plugin, and local AI tool layers.

The company also introduced Zscaler AI Access Graph, which maps how identities, applications, and other data sources connect across the enterprise and integrates with the Zero Trust Exchange to enable policy enforcement and data lineage tracking across channels. Building on Zscaler AI Protect launched in January 2026, it added enhancements across AI Asset Management, Secure Access to AI, and Secure AI Infrastructure and Apps, including red teaming for MCP servers, prompt hardening, and compliance heat maps.

“Traditional security was never designed for millions of autonomous agents that act and reach sensitive data at machine speed,” said Jay Chaudhry, Chairman and CEO of Zscaler. “We pioneered Zero Trust Exchange to secure users, branches and cloud workloads and now we are innovating to extend the Zero Trust security to AI Agents. Now Enterprises are not held back from rolling out agents everywhere.” “Managing data security is no longer just about building high walls; it is about scaling visibility and treating data as a highly active, strategic asset,” said John Israel, Global CISO at KPMG, who joined Zscaler as a guest speaker to discuss the launch. “As businesses scale their use of AI agents to optimize operations, having a unified, zero-trust framework to trace data lineage and govern agent-to-agent interactions is paramount to maintaining trust, compliance, and competitive advantage.” Zscaler also stated its forward-looking statements covered expected development, integration, adoption, performance, and benefits of the AI security platform offerings and AI Protect enhancements.