Enterprise AI security has been quietly accumulating a structural problem for the past two years. AI agents are being deployed into production environments at a pace that has outrun the governance frameworks built to manage them. Those frameworks were designed around a relatively stable model: human users organized into directories, mapped to groups, granted access to specific applications and data through policies that change slowly and deliberately. That model held up reasonably well for a long time because the identities it governed were finite, predictable, and largely static.
AI agents break every one of those assumptions. They operate with ephemeral identities, inherit permissions from the systems that spawn them, move across applications and data stores without following the access patterns that human users establish, and their numbers are scaling exponentially. The policies and tooling built for thousands of human users were never going to scale to millions of autonomous agents, and the security industry has been working through how to address that without a clean answer until recently.
Zscaler’s announced intent to acquire Symmetry Systems is a direct move on that problem.
What Symmetry Systems Actually Built
The core asset here is an access graph. Symmetry Systems built a system that ingests access logs from SaaS applications, public cloud services, data stores, and AI systems across an enterprise, then uses AI to correlate those logs into a map showing which identities are accessing which data and through what paths. Human identities, non-human identities, applications, and data sources all appear in the same graph, along with the relationships between them.
That sounds straightforward until you consider what it actually requires to produce. Enterprise environments are not clean. Access logs live in dozens of different formats across systems that were never designed to talk to each other. Correlating them into a coherent, queryable picture of who is touching what and why is genuinely hard, and most organizations currently have no complete version of that picture at all for their AI agent deployments.
The access graph gives security teams something they have largely been operating without: foundational visibility into what agents are doing, which identities they are using, which systems they are touching, and on whose behalf they are acting.
Why Zero Trust Without This Visibility Does Not Scale
Zscaler’s Zero Trust Exchange is a policy enforcement platform. It governs how identities communicate with applications, data, and each other by applying rules to traffic flows in real time. The challenge with AI agents is that building meaningful policies requires knowing what those agents are doing in the first place, and without a clear picture of agent behavior, policy becomes either too broad to be useful or too narrow to cover the actual risk surface.
Jay Chaudhry, Chairman and CEO of Zscaler, described the gap the acquisition fills: “As enterprises rapidly adopt AI, the old playbook for governing access built around users and directories cannot scale to millions of AI agents. With Symmetry Systems, we are adding the access graph that maps how every identity, application, and data source connects across the enterprise. This foundational visibility is what Zscaler’s Zero Trust Exchange will use to govern agent-to-application and agent-to-agent communication at scale, giving customers the actionable control they need to safely embrace AI.”
The combination works as follows. Symmetry Systems surfaces, which identities are communicating with which applications and data, and the Zero Trust Exchange uses those relationships as the foundation for enforcement. When an AI agent accesses a customer record, the access graph immediately reveals what triggered the agent, the identity it used, and the systems it touched. If the behavior falls outside expected parameters, the Zero Trust Exchange enforces a response dynamically rather than waiting for a human to investigate and act.
Without the visibility layer, that enforcement chain has no reliable trigger. Security teams are essentially writing policies for behavior they cannot fully observe.
The Capabilities This Unlocks
Zscaler outlined several specific capabilities the combined platform will deliver that have not been achievable at scale until now.
Least-privilege policy for AI agents is one of the most significant. The access graph maps both granted permissions and actual-use permissions across every identity in the environment. The gap between what an agent has been granted and what it actually uses in practice is where unnecessary exposure lives, and that gap is frequently large. Using actual-use data to define minimum necessary permissions and enforce them through the Zero Trust Exchange brings AI agent access closer to the least-privilege model that security teams apply to human users, without requiring manual review of every agent’s behavior.
Data lineage tracing addresses the audit and compliance side of the problem. When an AI agent passes data through a chain of sub-agents and tools, following that data through the chain manually is slow and often incomplete. The combined platform traces that lineage automatically, which makes investigations and compliance reviews substantially more straightforward than they currently are in most environments.
Blast radius calculation is the incident response capability. If an agent or identity is compromised, understanding in seconds exactly what data and systems are at risk determines how quickly and precisely a response can be scoped. Without that calculation, containment decisions are made on incomplete information.
Mohit Tiwari on Where Enterprise Security Is Heading
Mohit Tiwari, CEO of Symmetry Systems, framed the acquisition within a broader argument about where the security industry is going: “We believe the dominant security platforms of the AI era will govern how information flows between identities across zero-trust networks. As AI disintermediates applications, endpoints, and traditional network boundaries, identities and data become the new control plane for enterprise security. In this world, legacy security models centered on endpoints, applications, or perimeter networks increasingly operate at the wrong layer of abstraction. Together, Symmetry Systems and Zscaler are building the information flow network for the age of AI.”
The abstraction layer argument is worth taking seriously. Security models built around endpoints assume endpoints are where the meaningful activity happens. Models built around network perimeters assume that inside and outside are meaningful categories. AI agents challenge both assumptions simultaneously. They operate across perimeters; they do not live on endpoints in the traditional sense, and their activity is defined more by the data and identities they interact with than by the network paths they use to get there.
Governing that kind of activity requires a model built around identities and data flows rather than one retrofitted from endpoint or perimeter assumptions.
What This Signals for the AI Security Market
Zscaler’s acquisition of Symmetry Systems is one of several signals that the enterprise security market is consolidating around the identity and data layer as the primary control plane for AI governance. The access graph, as a foundational security primitive, a map of how every identity relates to every data source and application across an environment, is emerging as the starting point that makes everything else possible.
Organizations that are currently deploying AI agents without that visibility are building on a foundation they cannot fully inspect. They are writing policies for behavior they cannot completely observe, and making containment decisions based on incomplete pictures of what is actually connected to what.
The Symmetry Systems acquisition gives Zscaler an answer to that gap within its existing platform rather than requiring customers to stitch together separate tools for visibility and enforcement. Whether that integrated approach becomes the standard model for AI agent governance or whether the market fragments across specialized vendors is a question the next eighteen months will start to answer.
Research and Intelligence Sources: Zscaler, Symmetry-Systems
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
