Zscaler Launches Industry-First Zero Trust Security Platform for Agentic AI
agentic-ai security zscaler zero-trust mcp
trending_up Trend: agentic-ai

Zscaler Launches Industry-First Zero Trust Security Platform for Agentic AI

calendar_month June 12, 2026 update Updated: June 12, 2026

🔄 Update — June 12, 2026: Zscaler Expands Platform with ZAgent Framework and Secure B2B Connectivity

Zscaler has announced further details and enhancements to its Zero Trust platform at Zenith Live. In addition to securing AI agents, the company introduced new features designed to simplify platform management using natural language and facilitate secure B2B connectivity.

What’s new?

  • ZAgent Framework: An AI-driven management framework allowing administrators to handle platform configurations, troubleshooting, and policy management using natural-language prompts.
  • Secure B2B Connectivity: A new offering that provides partners and supply chain members with secure, bidirectional application access without exposing the broader corporate network.
  • Browser-Based Security: New zero-trust browser solutions (including a cross-browser extension and a full enterprise browser) designed to replace traditional VPN and VDI environments for unmanaged devices.

Why this adds to the article

These updates demonstrate how Zscaler is extending its Zero Trust security model beyond protecting autonomous agents to simplifying security administration and securing external partner access.

Summary

At its annual Zenith Live conference, Zscaler announced the industry’s first complete Zero Trust security platform tailored for autonomous AI agents. As agentic AI systems become more prevalent in enterprise environments, Zscaler addresses critical security risks such as unauthorized data exfiltration and prompt manipulation. Key product releases include the Zscaler AI Broker, which secures agent-to-agent (A2A) communications and integrates an Agent Registry for access control, and Zscaler Endpoint AI Security, which monitors and protects local browser extensions and device-level AI tools. These innovations represent a major step toward establishing robust security guardrails for deploying autonomous AI systems within corporate IT infrastructures.

What happened

During Zenith Live, Zscaler unveiled new security solutions specifically designed to secure agentic AI. The platform combines network and endpoint security with advanced data flow mapping:

  • Zscaler AI Broker: This gateway acts as an intermediary for communication between agents, as well as between users and agents. It inspects data streams in real-time, blocking malicious inputs (e.g., prompt injections) and preventing data exfiltration. The AI Broker also supports the new Model Context Protocol (MCP) for standardized integration with data sources.
  • Zscaler Agent Registry: Integrated into the AI Broker, the registry enables organization-wide definition and enforcement of granular access permissions for each individual agent, acting as an identity management system for autonomous software units.
  • Zscaler Endpoint AI Security: This component monitors and secures AI tools on the endpoint level, including browser extensions and local AI applications, stopping shadow AI and malicious agent activity at the source.
  • Symmetry Systems Integration (AI Access Graph): Leveraging technology from its recent acquisition of Symmetry Systems, Zscaler maps data flows and access permissions for AI systems to ensure compliance with data security posture management (DSPM) policies.

Why it matters

Traditional security models are insufficient for autonomous AI agents. When agents make decisions, call APIs, and move data on behalf of users, the line between human intent and machine execution becomes blurred.

  • New Attack Vectors: Vulnerabilities like prompt injections and untrusted data sources can trick agents into leaking sensitive corporate data to unauthorized parties or executing malicious code.
  • Securing Agent-to-Agent Communication: As systems increasingly interact with each other (e.g., a planning agent tasking a booking agent), this A2A traffic must be authenticated, authorized, and encrypted.
  • MCP Security: Support for protocols like MCP indicates Zscaler’s intent to position itself as the standard security layer for the emerging wave of open interfaces in the agent ecosystem.

Evidence

Zscaler’s announcement is supported by official company press releases and coverage from leading IT news outlets such as Techzine Global. These sources confirm the launch of the AI Broker and Endpoint AI Security products and place them within the provider’s broader Zero Trust strategy. The integration of DSPM capabilities also reflects Zscaler’s recent acquisitions in data security.

Analysis

With this launch, Zscaler is addressing a critical security vacuum: while enterprises are investing heavily in building and deploying AI agents, security infrastructure has lagged behind. The OWASP Top 10 for LLM Applications highlights risks such as “Indirect Prompt Injection” and “Excessive Agency” – which is precisely where Zscaler intervenes. The introduction of the Agent Registry indicates that the industry must treat autonomous agents like human employees: they require a verified identity, clearly defined roles, and strict access privileges (Least Privilege). However, it remains to be seen how much these security checks will affect the latency of agent interactions. Overly restrictive controls could diminish the efficiency gains that autonomous agents promise.

Practical Takeaways

Organizations and security leaders should take the following actions:

  1. Audit AI Tools: Identify existing shadow AI and local browser extensions on employee devices that might be accessing sensitive company data.
  2. Identity Management for Agents: Start designing permission structures for autonomous software agents. Assign them only the minimum necessary API permissions.
  3. Evaluate Gateways: Consider implementing gateways like the Zscaler AI Broker to monitor and filter data flows between your internal systems and external LLM APIs in real-time.

Open Questions

  • Pricing Model: How will Zscaler license these new security features (e.g., per agent, per API call, or per user)?
  • Latency and Performance: How much will deep packet inspection of AI prompts and MCP messages impact the response time of agents in time-sensitive applications?
  • Interoperability: How easily can the platform integrate with multi-cloud environments and proprietary in-house agents that do not use standard protocols?

Sources

  1. Zscaler Press Release: Zscaler Unveils New Product Innovations to Secure Agentic AI
  2. Techzine Global: Zscaler optimizes Zero Trust for agentic AI security
  3. Central Charts: Zscaler Unveils New Product Innovations to Secure Agentic AI
  4. Zscaler Zpedia: How to Secure AI Agents: Models & Risks Explained