Silverfort acquires Fabrix to secure AI era identities

Silverfort has acquired Fabrix Security for an undisclosed amount. This deal is about improving security around autonomous AI systems. What makes it of interest is the shift towards making AI agents a first-class identity. That move makes it possible to track each agent as we track users. They get their own rights and permissions to access apps and data, providing a key level of governance.

Hed Kovetz, CEO and Co-Founder of Silverfort, said, “Today, identity security and access control rely on rules that are created at ‘admin time’, attempting to pre-define access. But in the AI era, it’s becoming impossible to keep up, and organizations are rapidly losing control. The only way to mitigate this risk without stopping the business is to make access decisions at runtime, using deep context and AI speed.

“Together with Fabrix, Silverfort’s platform will empower enterprises to protect their human, non-human, and agentic identities and their access, dynamically and continuously, using a runtime AI decisioning engine.  Fabrix’s innovative technology and the team’s track record across AI, security and identity bring the expertise needed to create the new standard for Identity Security in the AI era.” 

Addressing AI identity improves security

The first generation of autonomous AI agents made an assumption about access. They would inherit the rights and permissions of the user who was directing them. At one level, this makes sense. Users don’t know what specific rights and permissions are required to carry out a task.

Allowing an autonomous agent to inherit the access rights of a user solves several issues. It ensures an agent can complete a task without coming back and asking for more access from the user. It also meant that IT teams were not overwhelmed by users asking for new rights to be assigned to agents they were using. Additionally, teams cannot write static policies for unpredictable AI models.

A further challenge is the ability to track and understand risk. If a user instantiates multiple agents to act on their behalf, those agents all look like the same user. The problem is that you cannot connect traditional UEBA tools to understand when something unexpected is happening.

Security vendors are now proposing multiple solutions. One of which is to provide users with a much more granular and limited set of agents. But that means users may spend time tasking agents that cannot complete the job. The solution beyond that is to create orchestration engines, where a super-agent directs less powerful agents.

At a deeper level, agents now possess unique identities. IT security teams treat them like users and can track agent behaviour and monitor every action. That creates visibility and governance.

A merger that delivers greater observability and control

Silverfort and Fabrix are taking a proactive approach. They combine Silverfort’s Runtime Access Protection (RAP) with Fabrix’s AI-native decisioning engine. This system evaluates every access request in real-time and uses a context graph to understand intent.

This doesn’t just address AI agents. The new solution will track users, AI agents, machine accounts, software accounts, IoT – anything that has an identity. This hands IT security teams a tool that can enforce security controls in the execution path. Shifting authorisation decisions means that they happen when the access request is made. It makes access proactive rather than an admin task.

Fabrix delivers an identity knowledge graph that analyses access activity, organisational context, and intent. Silverfort adds the enforcement capability. The use of AI allows the combined platform to evaluate identity, permissions, and intent in a split second. When an AI agent behaves unexpectedly, the system blocks unauthorised actions immediately.

Enterprise Times: What does this mean

This acquisition addresses a critical market gap. Enterprises are struggling to scale IT projects into production. One reason is the challenge of security, and that includes identity. Solving that allows CIOs to adopt AI agents to stay competitive.

Gartner recently recognised this approach as “Guardian Agents.” Silverfort is the only vendor highlighted in this category for protecting AI agents with AI. It plans to roll out this new platform to its 1,000+ customers as soon as possible.

The question is, how long will this take? Writing some early integration code is relatively simple, but it won’t deliver full capabilities. Full integration, however, is much harder. It requires deep dives into the code and careful planning. It will also need product maps from the two vendors to be brought together and new priorities created.

For customers of both companies, this will help them prepare for the shift from static rules to dynamic, runtime identity decisions.

The post Silverfort acquires Fabrix to secure AI era identities appeared first on Enterprise Times.