In the bustling tech hubs of Singapore, Hong Kong, and Tokyo, Asian enterprises are racing to deploy AI agents across design, manufacturing, finance, and cloud operations.
By 2026, these autonomous systems are making split-second decisions, spawning sub-agents, and accessing sensitive data at machine speed. Yet for many security leaders, the question remains: who or what is truly behind these actions?
On 14 May 2026, Permiso Security has stepped forward with a compelling answer. The unified identity security platform has unveiled new AI agent runtime security capabilities, extending discovery, protection, and defence across the full agent lifecycle – from code repository to runtime operation.
Design and engineering software vendor, Autodesk has become the launch customer, deploying Permiso’s solution to secure AI agents across its products, global workforce, and cloud infrastructure.
“Autodesk is investing significantly in AI across our workforce, infrastructure, and products. Permiso Security was already our security platform for Identities, so the natural next step was to partner with them for Agentic AI Identities,” said Sebastian Goodwin, chief trust officer at Autodesk.
“Permiso gave us the ability to discover agents across our environment, maintain a full registry, attribute actions to an initiating identity, and monitor all events, runs, and tool calls touching our systems. This is non-negotiable when you’re securing enterprise AI at scale. In the agentic era, visibility and threat detection are what allows us to move fast.” Sebastian Goodwin
The challenge is acute. Agents operate autonomously, calling external tools and MCP servers, often without human oversight. Traditional identity providers lose visibility post-authentication, while many non-human identity (NHI) tools treat dynamic agents like static credentials. Permiso addresses this gap with purpose-built runtime security.
Core capabilities include agent and session discovery across cloud, SaaS, IdPs, and code environments; real-time identity attribution linking every run, tool call, and data access to specific human, non-human, or AI identities; full observability of tools, MCP servers, and downstream systems; runtime detection of anomalies and policy violations; behavioural skill sandboxing; and identity-first controls such as least-privilege recommendations and machine-speed kill switches.
These features draw on threat research from Permiso’s P0 Labs, including insights into LLMjacking and cross-prompt injection vulnerabilities.
“The market is full of vendors claiming they can prevent AI agent security incidents,” noted Jason Martin, co-founder and co-CEO of Permiso Security.
“As someone who has spent decades in the security industry, I can tell you that’s not possible. You are putting a deterministic capability on a non-deterministic brain. Agents will do things they were not supposed to do. The question is whether you have visibility." Jason Martin
Paul Nguyen, co-founder and co-CEO, added: “Every enterprise we talk to is deploying AI agents. Almost none of them can tell us how many agents are running. We are extending the platform they already trust to cover the fastest-growing and least-governed identity class in the enterprise.”
For Asian organisations embracing rapid AI transformation in 2026, Permiso’s approach offers reassurance: the ability to move fast with AI while maintaining the visibility and control essential for trust and compliance in regulated sectors.
