Cequence Security today announced the general availability of Agent Personas in Cequence AI Gateway. Agent Personas give enterprises granular, infrastructure-level control over what AI agents are permitted to do — down to the specific tool call — closing the critical privilege gap that identity alone cannot address. As organizations deploy AI agents to connect to enterprise applications via the Model Context Protocol (MCP), a dangerous assumption has taken hold: that authenticating who an agent is amounts to controlling what it can do. It does not.
Agent Personas use plain-English job description to define scoped virtual MCP endpoint per agent role.
Agent Access Keys bind agent identity, user identity, and persona privileges into single attributable credential.
More than 80% of Fortune 500 companies deploy active AI agents, yet only 47% have AI-specific safeguards.
Cequence protects more than 10 billion daily API interactions and four billion user accounts.
Recognized as No. 128 on 2025 Deloitte Technology Fast 500.
Co-author of three CIS Critical Security Controls Companion Guides for AI agent security.
Agents inherit the privileges of their users and, unlike humans, have no judgment about when not to use available access. Agent Personas solves this by using a plain-English job description to define a scoped virtual MCP endpoint for each agent role. For example, a customer service AI agent gets CRM read-only access, not the ability to modify records. A coding agent can read GitHub issues and create Jira tickets but cannot merge pull requests. A CI/CD automation agent gets access to specific pipeline tools and a single notification channel, and nothing else. The release also introduces Agent Access Keys, a new composite credential type purpose-built for headless agents running in automated workflows. Each key binds agent identity, user identity, and persona-level privileges into a single attributable credential.
Agent Personas capabilities include scoped virtual MCP endpoint per agent role defining access down to the specific API endpoint and permission level; natural language persona creation by describing in plain language what an agent should do; single source of truth updating a persona once with immediate change across every agent using it; Agent Access Keys composite credential for headless agents; per-tool policy enforcement including rate limits, data masking, and approval workflows; full audit trail attributable to specific agent, user, persona, and timestamp; and model-agnostic enforcement across OpenAI, Google, Anthropic, open-source, and custom models equally.
According to Gartner, "While the current market focus is on model runtime and inference security, this approach fails to address the complexity of securing agents, where the primary risk is not what the AI says, but what the AI does." More than 80% of Fortune 500 companies now deploy active AI agents, yet only 47% have AI-specific safeguards in place. Early deployments show how Agent Personas govern AI agent access in complex environments. One major U.S. telecommunications provider used the technology to prevent agents from crossing boundaries in tools like GitLab, Confluence, Jira, and Slack. Scoped virtual endpoints ensured each agent accessed only what it needed, eliminating lateral access risks without extra infrastructure.
As Ameya Talwalkar, CEO and Co-Founder at Cequence, stated: "Enterprises have made massive investments in AI, and the race to put agents into production across customer experiences, employee workflows, and business operations is accelerating fast. However, security, governance, and scale requirements can't be ignored. Cequence closes the gap that has been holding organizations back by automatically limiting agent tool access which lowers costs, enhances performance, and improves security."
Shreyans Mehta, CTO and Co-Founder at Cequence, added: "AI agents have quickly become a channel as significant as the web or mobile, powering customer commerce, employee productivity, and autonomous operations all at once. Agent Personas is how you govern infrastructure access at the agent level, enforcing exactly what each agent can do down to the specific API endpoint, across any model or platform. It is the control plane enterprises need to confidently and securely enable agentic AI access to applications and data."
About Cequence Security
Cequence protects the applications and data that power enterprises in the agentic era. More than a decade of bot defense and API security experience has established Cequence as the leader of safe and secure agentic AI adoption. The Cequence platform delivers deep insight into user, entity, and agent behavior, enabling organizations to secure and control agentic AI workflows while protecting against bad actors and rogue agents. Cequence delivers value in minutes rather than days or weeks with a highly scalable, no-code approach. Trusted by the largest and most demanding private and public sector organizations, Cequence protects more than 10 billion daily API interactions and 4 billion user accounts.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.