Financial News
Opal Security Releases Risk Layer to Solve Surging Agentic Authorization Requests in the Enterprise
Opal Security develops a robust risk layer for its authorization reasoning platform as Identity security poses new challenges for enterprises deploying LLM agents and other AI
Opal Security, the leader in AI-native security for every identity, today unveiled enhancements to its authorization reasoning platform and agentic AI roadmap – designed to address the challenge of authorization with the speed, scale, and fluidity of modern infrastructure. The updates come as organizations increasingly deploy autonomous AI systems that require access to sensitive resources, fundamentally changing how security teams must approach authorization.
According to RSA’s 2025 ID IQ report, AI agents and other non-human identities (NHIs) now outnumber employees by 5x in large enterprises. Meanwhile, 72% of CISOs say authorization is the biggest barrier to scaling AI adoption safely. With AI agents driving real work inside companies, security teams must now manage access not only for people – but also for service accounts, LLMs, and agents acting across business-critical systems. What was once a routine IT task has now become one of the most complex, high-stakes questions facing nearly every enterprise: “who (or what) should be allowed to do what?”.
To keep access under control, Opal Security has introduced three critical capabilities:
- Unified visibility and control across both human and non-human identities: Users now have access to a single-pane interface from which security teams can view, manage, and secure all human and non-human identities across cloud, infrastructure, SaaS, and even on-premises systems. Essential controls ranging from risk assessments and irregular access monitoring to just-in-time (JIT) provisioning and policy enforcement cover all identity types.
- Intelligent prioritization and guided, explainable remediation of identity risks: Opal Security’s risk layer dynamically surfaces and prioritizes identity risks in the context of each customer’s environment. A proprietary machine learning model ranks risks using historical access patterns, resource sensitivity, and more, while a dedicated LLM provides and justifies remediation guidance – helping teams understand not only what to fix, but why. Built-in orchestration capabilities give security teams the option to directly enforce these remedial actions or automatically route them to other humans, AI agents, or shared workflows – all with human-in-the-loop oversight. The risk layer (and its UI dashboard, the “Risk Center”) also gives teams insight into the downstream impact of changes before they’re made, reducing the likelihood of unintentional disruptions, or “SCIMcidents,” from overly aggressive access cleanups or policy enforcements.
- Composable authorization for agentic and hybrid workflows: Unlike standard tools that still treat identity as static and human-centric, Opal Security is building toward a composable, agent-aware authorization framework to further equip security teams to govern these workflows without slowing innovation. The resulting architecture will enable customers to allow AI agents to call Opal Security for data or access decisions – with human oversight and governance – applying consistent policy across both human and automated actors and delegate tasks to agents securely, with auditability and built-in guardrails. Users will also be able to federate authorization in multi-agent environments and compose custom automations and insights via Opal Security’s orchestration layer, policy engine, and/or robust library of templates.
"Security teams can't prevent what they can't see. With AI agents now accessing critical systems, traditional security approaches are leaving dangerous blind spots," shared Umaimah Khan, Co-Founder and CEO of Opal Security. "Opal Security tackles this head-on by continuously monitoring and adjusting access rights based on actual need and risk. By unifying visibility and control across both human and machine identities, we're helping organizations close the security gaps that could lead to the next major breach."
With this announcement, Opal Security aims to continue building toward a composable, agent-aware authorization framework to further equip security teams to govern these evolving workflows without slowing innovation. The company has raised $32 million in total funding from investors such as Greylock, Battery Ventures, and Box Group. To learn more about Opal and these latest enhancements to its platform and agentic roadmap, read the blog from its CEO or request a demo.
About Opal Security
Opal Security is the leader in AI-native security for every identity. Its authorization reasoning platform empowers security teams to reduce risk at scale by providing real-time visibility, prioritized insights, and frictionless control across human and non-human identities. At its core is an intelligent data layer that continuously surfaces and contextualizes the most critical risks. Unlike legacy IGA or workflow tools, Opal gives security teams read-write authority to remediate exposures directly. As environments grow more dynamic and autonomous, Opal becomes a self-improving system that ensures resilience and the ability to move faster without increasing risk. Customers including Cloudflare, Databricks, Elastic, Figma, Grammarly, Scale AI, and Verily trust Opal to help secure their most important assets. Based in New York City and San Francisco, the company is backed by Greylock, Battery Ventures, Box Group, SVCI, and prominent cybersecurity industry leaders. For more information, please visit opal.dev.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250423948589/en/
Contacts
Media Contact: onboard@sbscomms.com
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.