SecureAuth Opens Industry-First Agent Trust Registry to the Public as AI Agents Pose Escalating Enterprise Security Threat

SecureAuth, a frontrunner in modern identity security, today announced it is opening its Agent Trust Registry to the public, the industry's first open registry of AI agents with verified identity, trust scores, and governance metadata. The announcement arrives at a pivotal moment: autonomous AI agents are proliferating inside enterprise networks at machine speed, and the cybersecurity industry is confronting stark new warnings about the offensive power those agents can wield. The era of the AI agent risk is no longer hypothetical.

The scale of the problem is documented in stark terms. According to Gravitee's State of AI Agent Security 2026 Report, only 14.4% of AI agents go live with full security approval and 88% of enterprises have already experienced AI agent-related security incidents. At the technical root of the problem: the architecture of large language models is fundamentally insecure. The data layer and control layer are intermingled, meaning malicious instructions embedded in documents, emails, or data feeds can hijack agent behavior, a vulnerability class known as prompt injection. To add to this, as agents gain broader access to enterprise datasets across Salesforce, HR systems, and internal file stores, the attack surface expands significantly.

Available now to the public, the Agent Trust Registry is a free, vendor-neutral directory that's updated regularly and evaluates widely used enterprise AI agents against a consistent security framework to enable businesses to understand the threat better. For each agent, the Registry surfaces verified identity posture, trust score, governance metadata, and concrete recommendations for safe deployment, giving security teams an independent assessment before any agent is approved for enterprise use. By opening the Registry to the broader community, in alignment with initiatives like Glasswing and Mythos that champion open, collaborative defense against emerging AI threats, SecureAuth aims to accelerate the industry's collective response to the fast-moving risks of agentic AI.

Unlike vendor-supplied marketing claims, the Registry provides organizations with objective, structured data on the security posture and enterprise risk of the AI agents their employees are already using, often without IT's knowledge. The goal is straightforward, to help security teams determine whether an agent is safe to run in their environment, and exactly what controls to put in place before it does.

Powered by Agentic Authority

Underpinning the Registry is Agentic Authority, SecureAuth's unified platform and the industry's first purpose-built solution for Agentic AI Security & Governance, an entirely new layer of enterprise security that has not previously existed. Agentic Authority gives every AI agent instance its own cryptographic identity, discovers shadow agents across macOS, Windows, cloud, and SaaS without code changes, enforces per-action policy across every API call and delegation chain, and automatically quarantines rogue behavior in seconds. No single vendor today spans endpoint, gateway, risk, and identity for autonomous agents in a unified platform the way Agentic Authority does, and it embeds compliance directly into the agent lifecycle to support the EU AI Act, SEC guidance, and financial standards.