Zscaler introduced new enhancements to its Zero Trust Exchange platform to secure AI applications, generative AI usage, and emerging agent-based workflows across enterprise environments. The updates reflect growing demand for identity-based security controls that extend beyond users to AI-driven interactions.
The company is expanding visibility into AI application usage, enabling organizations to identify and govern access to both public generative AI platforms and internally developed AI services. The platform allows enforcement of granular policies to control how users interact with AI systems, helping mitigate risks such as data leakage and unauthorized access.
Zscaler is also extending Zero Trust principles to machine-to-machine and agent-based interactions, recognizing that AI agents increasingly act on behalf of users and applications. Context-aware policies are applied to these interactions to ensure continuous verification based on identity, behavior, and risk.
In addition, Zscaler is enhancing data protection capabilities for AI workflows, including inspection of data exchanged with AI services and controls to prevent sensitive information from being exposed through prompts or responses. These capabilities are integrated into its cloud-native platform for consistent enforcement across distributed environments.
“AI applications are introducing a new class of interactions that traditional security models were not designed to handle,” said Jay Chaudhry, CEO of Zscaler. “By extending Zero Trust to AI-driven workflows, we are helping organizations securely adopt AI while maintaining control over access and data.”
Key points
• Zscaler expanded Zero Trust Exchange to secure AI applications and workflows
• Provides visibility and policy enforcement for AI application usage
• Extends Zero Trust to AI agents and machine-to-machine interactions
• Enhances data protection for AI prompts and responses
• Enables consistent policy enforcement across distributed environments
🌐 Analysis
Zscaler’s announcement reflects how Zero Trust architectures are adapting to AI as a new class of workload. Instead of focusing only on users and devices, Zero Trust must now govern interactions involving AI agents, services, and automated processes.
This shift positions identity and policy enforcement as central to managing AI systems, where controlling data flows between users, applications, and AI services becomes critical for security and compliance.