AI Security
Zenity Platform
Discovers AI agents across SaaS, cloud, and endpoints, hardens their configurations pre-deployment, and detects and blocks agent attacks at runtime.
Zenity Platform Overview
Zenity is an AI agent security platform that gives enterprises visibility and control over AI agents and copilots across SaaS, cloud, and endpoints. Rather than inspecting prompts alone, it analyzes an agent's full execution path, including tool calls, memory access, and data flows, to judge intent and catch actions that prompt-based filters miss. It spans discovery, posture management, and runtime defense in one platform.
The platform discovers agents automatically and maintains a real-time inventory with ownership and dependency mapping, including shadow deployments across low-code copilot builders, SaaS agent platforms, and home-grown agents on cloud model services. Before deployment it applies least-privilege policies and reviews each agent's permissions, tool access, and memory, mapping findings to the OWASP LLM Top 10 and MITRE ATLAS. At runtime, step-level monitoring flags privilege escalation and prompt injection and enforces inline containment to stop unsafe actions.
Recognized by Gartner as a Cool Vendor in Agentic AI TRiSM and named a company to beat in AI agent governance, Zenity was founded in 2021 and is based in Tel Aviv. It has raised more than 59 million dollars, including a Series B round led by Third Point Ventures and DTCP, and serves enterprise security and governance teams adopting agentic AI.
Key Capabilities
mapped to solution categoriesAutomatically discovers AI models, LLM API connections, ML pipelines, and AI-enabled SaaS applications in use across the organization, including those deployed without IT authorization.
Assesses the identities and service accounts that AI models, pipelines, and agents use, flagging over-permissioned non-human identities and access paths that violate least privilege. Reports identity risk as a posture finding, distinct from enforcing access policies at the model API at runtime.
Analyzes AI runtime behavior to surface prompt injection, anomalous data access, and model extraction as posture findings, exporting scores and telemetry to SIEM and SOAR rather than blocking inline.
Maps the AI inventory and controls to EU AI Act risk classification, ISO/IEC 42001, and NIST AI RMF, generating auditable evidence for each framework.
Detects sensitive or regulated data in AI training, fine-tuning, or third-party LLM flows without appropriate controls, such as unencrypted PII in inputs or PHI sent to external APIs.
Enforces IAM-style policies on LLM API access, controlling which users and applications can invoke which models and data sources, with audit logging.
Detects and blocks adversarial inputs designed to override system prompts, extract training data, or redirect model behavior. Detection approaches include pattern matching, input semantic analysis, and secondary model classification.
Intercepts prompts and completions to prevent sensitive data (PII, credentials, internal IP), from being transmitted to external LLM services or returned in model responses.
Records prompts, completions, and metadata for all AI interactions with tamper-resistant storage, supporting compliance, forensics, and policy investigation.
Compliance
certificationsIntegrations
compatible toolsImplementation & support
Info last updated on June 26, 2026