Andromeda Tackles AI Identity Crisis Amid Fierce Competition

SAN FRANCISCO, CA – March 24, 2026 – As enterprises rush to deploy autonomous AI agents, a critical security blind spot has emerged, creating a new frontier for cyber risk. Addressing this head-on, Andromeda Security today announced its “Galaxy” release, a platform designed to extend identity governance to the burgeoning "agentic workforce."

The new release aims to provide a unified security architecture to discover, manage, and secure the identities of AI agents alongside their human and non-human counterparts. However, Andromeda enters a fiercely competitive space, with nearly every major identity security vendor racing to solve the same urgent problem, turning this year's RSA Conference into a key battleground for the future of AI security.

The New Identity Crisis: Securing the Agentic Workforce

The perimeter of the enterprise has irrevocably changed. Beyond human employees and traditional service accounts, a new class of identity is proliferating: autonomous AI agents. These agents are being deployed to execute complex workflows, make decisions, and access sensitive corporate data, often with high levels of privilege. This rapid adoption, while promising massive gains in productivity, has left security teams grappling with a profound visibility and control gap.

"The immediate crisis with agentic AI goes beyond the activity an agent is performing; it’s that security teams have zero visibility into where these agents live, who owns them, or what they can access," said Murali Basavaiah, CEO and Co-founder at Andromeda Security, in the company's announcement.

This challenge is not theoretical. Industry analysts have been sounding the alarm. Gartner, for instance, predicts that by 2029, over half of all successful attacks against AI agents will exploit weaknesses in access control. The core issue is that traditional Identity and Access Management (IAM) systems were built for humans, whose behavior is relatively predictable. AI agents, by contrast, can operate 24/7, act with machine speed, and possess dynamic access needs that legacy systems cannot comprehend, leading to a rise in what experts call shadow AI.

The urgency is palpable among business leaders. "As our team rapidly adopts AI agents to drive business velocity, our biggest concern is unknowingly creating a massive, ungoverned attack surface," noted Bill Harper, Sr. Director of Identity at New American Funding. Harper's alignment with Andromeda's vision underscores the market demand for a solution that applies the same rigorous governance to AI agents as it does to humans.

Andromeda's 'Galaxy' Enters a Crowded Cosmos

Andromeda's Galaxy release promises to close this security gap by treating AI agents as a "full identity class." The platform offers foundational visibility and governance through a suite of features, including universal discovery to inventory all agents, access intelligence to map their permissions, and automated controls to enforce least privilege and ensure human accountability for every agent.

The company positions the release as the "industry’s first unified platform" for all identity types. However, that claim is heavily contested in a market that has seen a flurry of similar announcements. The race to secure agentic AI has become a central theme in cybersecurity, and Andromeda is just one of several high-profile contenders.

In the past year, the identity security landscape has been reshaped by this new imperative:
* Microsoft launched its "Entra Agent ID" in May 2025 and used the RSA Conference this week to announce further innovations for securing agentic AI.
* Okta introduced "Okta for AI Agents" in early access this month, explicitly aiming to treat agents as first-class identities.
* CyberArk, a leader in privileged access, made its "Secure AI Agents" solution generally available at the end of 2025, focusing on locking down the elevated permissions these agents often require.
* Ping Identity and SailPoint have also made major announcements in recent months, launching "Identity for AI" and new AI-powered platform capabilities, respectively, both aimed at providing a unified governance layer for this new workforce.

This near-simultaneous convergence from industry giants and specialized startups alike indicates that while Andromeda may have been an early pioneer in its focus, the "first to market" crown is difficult to claim. The differentiation will ultimately lie not in the timing of the announcement, but in the depth and efficacy of the execution.

Unifying Governance Beyond AI Agents

While securing AI agents is the headline feature, the Galaxy release also represents a significant enhancement of Andromeda's broader platform. The company is betting that the solution to the AI identity problem lies in a holistic approach that strengthens governance across all identity types, not just the newest ones.

To that end, the release introduces more powerful continuous compliance and intelligence capabilities. Dynamic Access Graphs provide security teams with a visual, intuitive way to answer the critical question: "who has access to what?" This allows them to track access frequency, automatically remove unused privileges, and transition infrequently used permissions to a more secure Just-in-Time (JIT) model.

The platform also strengthens its Segregation of Duties (SoD) enforcement, making it "omni-dimensional" to prevent toxic combinations of permissions not just within a single application, but across human, non-human, and AI agent identities. For instance, a policy could prevent a single identity—be it a person or an AI—from holding permissions to both create a vendor and approve a payment.

Furthermore, Andromeda is tackling the long-standing and growing problem of non-human identity (NHI) management. As service accounts, APIs, and bots continue to outnumber human employees, ensuring they have clear ownership is critical. The Galaxy release automates the discovery of these NHIs and uses an "Activity Insights" engine to suggest potential human owners based on usage patterns, streamlining the process of eliminating orphaned, high-risk accounts.

A Market Racing Toward an AI-Secured Future

The intense focus on AI agent security at this year's RSA Conference, where Andromeda is demonstrating its new platform, validates the company's direction. Gartner has even formalized this trend by publishing its first Market Guide for "Guardian Agents," a new category of tools designed specifically to secure AI agent identity and access. The industry consensus is clear: identity is the foundational control plane for safely enabling the AI revolution.

Andromeda's announcement builds on what it describes as a landmark year of "unprecedented momentum," claiming it has doubled revenue every quarter for the last twelve months. While specific financials for the privately held startup are not public, it has garnered investor confidence. The company has raised $7 million in total funding, including a strategic investment from Sorenson Capital in August 2025 and a grant from CrowdStrike and Amazon Web Services.

This influx of both capital and competition into the AI identity space signals a pivotal moment for the enterprise. The challenge is no longer if organizations will adopt AI agents, but how they will do so securely. As vendors like Andromeda, Microsoft, Okta, and others vie for market leadership, the ultimate beneficiary will be the organizations that can finally gain the visibility and control needed to unleash the full potential of AI without creating a catastrophic new attack surface. The race is on, and the security of the future enterprise hangs in the balance.