WitnessAI Unveils Agentic Control to Secure the Autonomous Enterprise

MOUNTAIN VIEW, CA – June 17, 2026 – As enterprises race to deploy a new class of autonomous AI agents, a critical security blind spot has emerged, leaving sensitive systems and data exposed. Addressing this burgeoning threat, AI-native security firm WitnessAI today launched Agentic Control, a new platform extension designed to discover, govern, and secure the increasingly independent actions of these digital workers.

The move comes as businesses integrate AI agents—software that can perform complex tasks, access data, and execute tools without direct human intervention—into everything from software development to customer service workflows. While promising unprecedented productivity gains, this rapid adoption has outpaced the capabilities of traditional security infrastructure, creating a 'wild west' scenario where security teams are often flying blind.

The Unseen Threat of the AI Workforce

The strategic shift from human-operated tools to autonomous agents represents a fundamental change in the enterprise risk landscape. Compromised agents can now act as insider threats, independently accessing sensitive systems, executing unauthorized commands, and exfiltrating vast amounts of data. According to a recent Forrester report, the danger is so acute that an agentic AI deployment is predicted to cause a major public breach this year, with nearly half of cybersecurity professionals identifying it as the top attack vector for 2026.

This concern is not abstract. Industry data reveals that 94% of organizations are already using AI agents to some degree, and more than 80% of these agents can access sensitive corporate data. Compounding the risk, a staggering 63% of companies admit to lacking formal AI governance policies. This governance. This gap between deployment and oversight is where the danger lies.

Much of the vulnerability stems from new communication methods like the Model Context Protocol (MCP). Released by Anthropic in late 2024, MCP provides a powerful, standardized way for AI agents to connect to enterprise tools and data. However, its specification explicitly leaves security enforcement to the implementing organizations. This creates potential single points of failure where aggregated credentials can be compromised, a risk that legacy security tools, unequipped to inspect MCP traffic or agent-to-agent workflows, are unable to mitigate.

A Single Pane of Glass for Human and Machine

WitnessAI aims to bridge this security chasm by unifying the governance of both human and AI-driven activity. The company's core argument is that securing AI cannot be a piecemeal effort. Its new Agentic Control capabilities are built upon the same platform that customers already use to govern employee AI usage, which the company claims has a 99.3% true positive rate.

"Enterprises are moving fast to deploy AI agents that can code, access internal data, and execute complex workflows. However, security teams cannot protect what they cannot see, let alone control," said Rick Caccia, CEO and co-founder of WitnessAI, in the announcement. "Most AI security vendors hand the buyer a choice: govern employees, govern apps, or govern agents. WitnessAI removes that choice. By extending the platform our customers already trust... we are providing a single control plane to protect all AI activity. A CISO can write a rule once, and it holds across every human user, IDE, chat application, and custom agent."

This holistic approach is designed to reduce the complexity overwhelming security teams. By establishing a single, organization-wide policy for approved tools and behaviors, enterprises can ensure consistent runtime governance across all AI environments. The platform provides a comprehensive audit trail for all activities, a critical feature for compliance and forensic analysis in an increasingly regulated landscape.

Under the Hood of Agentic Control

WitnessAI’s solution is built on a foundation of deep visibility and real-time enforcement. The platform's technical capabilities are designed to give enterprises granular control over their AI ecosystem.

Key features include:

• Agent Discovery and Visibility: The system automatically discovers and inventories AI agents operating across the enterprise, whether they are in commercial applications, developer IDEs, or custom-built frameworks. It then maps out the tools, MCP servers, and downstream systems each agent can reach, turning the 'shadow AI' problem into a managed asset.

• Approved-Tool and MCP Server Governance: A core component is the new MCP Catalog, which scores known tools against established security benchmarks like the OWASP and CVE risk classes. This enables security teams to make informed decisions and create organization-wide allow-lists of approved tools and servers, preventing agents from connecting to unsanctioned or malicious resources.

• Runtime Agentic Enforcement: This is the platform's active defense mechanism. It inspects agent communications and actions in real time, allowing organizations to restrict unauthorized prompts and enforce approved policies at the moment of execution. This is combined with the company’s existing AI Firewall capabilities to protect against sophisticated threats like prompt injection and jailbreaks, which aim to trick AI agents into performing harmful actions.

By understanding the intent behind interactions rather than relying on outdated keyword-based blocking, the platform aims to stop novel threats without stifling productivity, transforming security from a bottleneck into an enabler of AI strategy.

Navigating a New Era of AI Governance and Risk

The launch of Agentic Control is timely, arriving as both regulators and industry analysts sound the alarm over AI governance failures. Gartner predicts that by 2027, 40% of enterprises will be forced to decommission autonomous agents due to governance issues. The European Union's AI Act, with enforcement beginning in August 2026, imposes stringent requirements and substantial penalties for non-compliance, particularly for high-risk AI systems.

WitnessAI is not alone in recognizing this market need. Established cybersecurity giants like Palo Alto Networks and Varonis are integrating AI security into their platforms, while a host of startups are also tackling pieces of the puzzle. The competitive landscape validates the urgency of the problem, with WitnessAI differentiating itself through its singular focus on a unified control plane for both human and agentic AI.

For business leaders and investors, this strategic shift signifies that AI security is no longer an IT-specific concern but a board-level issue integral to corporate strategy. As autonomous agents become a permanent fixture of the modern enterprise, platforms that provide a 'confidence layer' for their deployment are not just valuable—they are essential for sustainable growth and risk management in an AI-powered world.