Security firm Snyk launched Agent Security on Monday, a platform designed to protect companies from ungoverned AI agents that pose cybersecurity risks. The solution monitors and controls autonomous AI systems from development through deployment, addressing the growing “Shadow AI” problem where unauthorized AI components operate without oversight. The platform includes Snyk’s newly released Evo AI-SPM engine for scanning, validating and enforcing security policies on AI-generated code.
The new platform arrives as enterprises grapple with ungoverned AI components that bypass traditional security controls. During its early access period, over 500 Evo scans uncovered AI elements that had slipped past existing cloud security stacks, according to Snyk. The company reports that Snyk Studio is already deployed across more than 300 enterprise customers supporting AI coding tools including Claude Code, Cursor, and Devin.
Three-Step Security Framework
Snyk defines Agent Security as a unified strategy to govern AI agents throughout their entire lifecycle, from code to runtime. The solution operates through three core steps: providing visibility into AI components, delivering intelligence on associated risks, and enforcing policies to block unsafe configurations before production deployment.
The platform includes Agent Scan, now in open preview, which discovers and assesses risks in AI agent components such as Model-as-a-Service providers, plugins, and external tools. Agent Guard, currently in private preview, monitors agent behavior during development and provides real-time policy enforcement with the ability to block unsafe actions as they occur. Agent Red Teaming, also in open preview, proactively identifies vulnerabilities by simulating multi-step attack scenarios including prompt injection and data exfiltration.
Evo AI-SPM Engine Powers Detection
Evo AI-SPM, which moved from stealth to general availability on Monday, serves as the central engine for the Agent Security solution. Its code-first architecture focuses on identifying AI components as they enter software development rather than after deployment.
The engine employs specialized automated agents: a Discovery Agent that scans codebases to generate a live AI Bill of Materials (AI-BOM), a Risk Intelligence Agent that enriches this inventory with security metadata and metrics on issues like hallucinations and bias, and a Policy Agent that translates plain-language governance policies into machine-enforceable controls within CI/CD pipelines.
“Agentic architectures turn governance into a software supply chain problem,” said Manoj Nair, Snyk’s Chief Innovation Officer, positioning the solution as distinct from cloud security platforms that typically monitor AI assets only after deployment.
WEX highlighted Evo AI-SPM’s ability to provide “full visibility” into a company’s AI landscape quickly, according to testimonials shared by Snyk. The phased rollout, with some components still in preview, suggests ongoing enterprise collaboration to refine the platform’s capabilities.
Sources
- snyk.io/news
- securityboulevard.com
