#USA #San Francisco #AI Agents #Tetrate #Ory

Tetrate and Ory: A New Era in AI Agent Security

In a rapidly evolving technological landscape, enterprise security, especially for AI agents, is becoming a paramount concern. To address this issue, Tetrate and Ory have announced a strategic partnership aimed at bolstering the security of AI agents in production environments. Together, they have created a joint solution that integrates Tetrate's advanced capabilities with Ory's robust identity and authorization platform. This collaboration allows for dynamic, granular control over AI functionalities and tool interactions.

The Power of Integration

The combined offering merges Ory’s authorization mechanisms with Tetrate's Agent Router Enterprise, which is built on the Envoy-based AI gateway. This integration ensures that security policies are not merely static but are enforced at the point of actual tool usage. This means that every call made by an AI agent to a management, control, or policy tool (MCP) is governed by real-time dynamic policies that account for varying degrees of risk and operational requirements.

This dual-layered approach to security consists of a network/gateway layer, where Tetrate monitors live traffic and tool interactions, and an authorization layer, handled by Ory, which determines the permissions granted to agents and users. If a request surpasses a set risk threshold, Tetrate's system can take immediate action—potentially pausing the request, initiating an authentication process through Ory, or issuing temporary elevated access rights while ensuring the entire approval path is documented for auditing purposes.

A Response to Market Needs

The urgency of this collaboration is underscored by the trends seen in the adoption of AI within enterprises. As businesses shift from pilot projects to actual deployment of AI agents, they face increasing risks concerning agent identities, excessive permissions, unregulated tool access, and vulnerabilities to data exposure. Hence, the solution provided by Tetrate and Ory is particularly relevant.

Initially, Ory collaborated with Tetrate as a customer. Through utilizing Tetrate's enterprise gateway for Envoy, Ory reduced its resource consumption by an impressive 40%, improving operational efficiency and product visibility. As the collaboration evolved, both companies recognized the potential for a more formal partnership focused on enhancing the security of AI agents.

Comprehensive Policy Enforcement

The innovative joint solution elevates the treatment of AI agents as sophisticated identities that require explicit governance. Tetrate's Agent Router Enterprise plays a critical role in enforcing detailed policies regarding which tools an agent can access and the parameters permitted for each request.

David Wang, Tetrate's head of product management, articulates the essence of their offering: “The challenge with AI agents isn't just controlling which tools they can access—it's controlling how they use those tools.” This mindset allows businesses to maintain a high level of precision and control over their AI deployments.

Moreover, Jeff Kukowski, CEO of Ory, emphasizes the significance of this partnership: “Together with Tetrate, Ory is helping enterprises secure AI agent deployments end to end, from identity and access decisions to runtime enforcement and policy control.”

Built on Strong Foundations

A notable aspect of this solution is its reliance on the Envoy AI Gateway, a prominent open-source project that many major organizations utilize in their operations. Tetrate’s contributions and expertise in deploying Envoy at scale grants enterprises a powerful traffic management layer, essential for consistent policy enforcement across various contexts and environments.

Key Features of the Tetrate-Ory Solution

1. Agent Identity Management: Ory provides verifiable identities for agents and users.
2. OAuth2 and OIDC Token Flows: Ory Hydra manages identity tokens for agents and users, supporting consent management and scoped access.
3. Fine-grained Authorization: Ory Keto enforces least-privilege access policies effectively.
4. Dynamic Runtime Enforcement: Tetrate assesses requests in real-time, ensuring appropriate controls are applied based on live interactions.
5. Parameter-Level MCP Control: Control extends to specific request parameters, enforcing significantly refined permissions.
6. Visibility and Auditability: Enhanced monitoring capabilities allow security teams to track agent activity efficiently.
7. Global Scale Deployment: The solution's architecture supports operations across diverse territories and providers.

Potential Use Cases

The implications of the Tetrate-Ory partnership are vast. Potential applications span various industries, including:

• - Retail: Agents can manage refunds within authorized limits but require approvals for larger transactions.
• - Financial Services: Routine transactions can occur automatically, while larger, sensitive ones necessitate additional clearance.
• - Healthcare: Standard data retrieval is permissible; however, access to sensitive records requires further authorization.
• - Government Operations: Agents can handle regular case actions, yet restricted data access necessitates a higher level of scrutiny.
• - IT and HR Operations: Routine tasks can proceed without intervention until a change involves greater risk or sensitivity.

This innovative solution is now available, with Tetrate and Ory committed to collaborating closely with customers to push the boundaries of security in AI agent deployment. For more information, visit the Tetrate blog and discover how this partnership aims to redefine enterprise AI security.