With MCP, AI Agents Now Have Power. SGNL Makes Sure They Use It Responsibly.

PALO ALTO, Calif.--(BUSINESS WIRE)--A new wave of AI-powered automation is hitting the enterprise. Agents powered by large language models (LLMs) are now capable of performing real tasks across internal systems — from updating records to analyzing data and taking action — all triggered by a simple prompt. But with that power comes risk: without proper controls, these agents can access far more than they should.

“MCP is enabling a powerful new interface for AI,” said Erik Gustavson, co-founder and Chief Product Officer at SGNL. “But like every interface shift before it, from cloud to mobile to APIs, it demands a new layer of security."

Share

Today, SGNL, the modern privileged identity management (PIM) platform, announced support for Model Context Protocol (MCP), a fast-emerging standard originally proposed by Anthropic, and now also adopted by OpenAI, that allows AI agents to integrate with real-world tools. With SGNL in place, enterprises can adopt these capabilities without opening the door to uncontrolled access, data exposure, or compliance violations.

“MCP is enabling a powerful new interface for AI,” said Erik Gustavson, co-founder and Chief Product Officer at SGNL. “But like every interface shift before it, from cloud to mobile to APIs, it demands a new layer of security. SGNL provides that layer with identity-aware, policy-driven decisions made in real time.”

Power without guardrails is a problem

While MCP unlocks a new class of productivity, it also removes many of the traditional boundaries that govern access. Once authenticated, an AI agent typically has broad access to systems for the duration of its session — without the ability to distinguish between what’s sensitive, confidential, or inappropriate to share.

A seemingly simple prompt like “What’s my projected headcount next year?” could surface data tied to layoffs or internal reorgs. Multiply that by dozens of agents operating across systems, and enterprises face an exponential increase in the complexity (and risk) of access management.

“The problem isn’t necessarily bad intent. It’s blind access,” said Marc Jordan, VP of Product Management at SGNL. “These agents don’t inherently understand risk or sensitivity. Without real-time controls, it’s only a matter of time before sensitive content is inadvertently exposed.”

SGNL: built for the agentic era

Legacy role-based access control (RBAC) wasn’t designed for autonomous systems. It assumes static roles, predictable patterns, and human decision-making, none of which apply in an agentic environment. With AI agents operating across tools, tasks, and teams, RBAC becomes either too permissive or too restrictive — and always too brittle.

SGNL brings real-time, contextual authorization to MCP-based environments, applying the same dynamic policies used to govern human access to AI agents. Its policy-as-a-proxy architecture sits between agents and enterprise systems, making a fresh decision for every request based on:

• Who the requester is (user identity)
• What they’re trying to access
• Why they need it (based on context)
• Whether policy allows it in that moment

This means enterprises don’t have to rely on brittle, over-privileged session tokens, legacy access controls, or hardcoded logic. SGNL integrates seamlessly, denying access by default — and granting it only when it’s needed.

The platform’s approach is already proven at scale, protecting critical systems and data for Fortune 50 and Fortune 500 companies. Now, it extends that same protection to autonomous agents acting on their behalf.

“We built SGNL for moments like this — when technology leaps forward but security isn’t keeping up,” added Gustavson. “AI agents should help move the business faster, not become a liability.”

See SGNL secure AI agents in action

To see how SGNL protects against human and agent overreach, session sprawl, and silent data exposure in real time, schedule a demo today.

About SGNL

SGNL’s modern Privileged Identity Management is redefining identity security for the enterprise with its cutting-edge identity data fabric. By decoupling credentials from identity and enabling real-time, context-aware access decisions, SGNL empowers organizations to reduce risk, streamline operations, and scale securely.

That’s why Fortune 500 companies are turning to SGNL to simplify their identity access programs and secure critical systems. Founded in 2021, SGNL is backed by top security technology investors, including Microsoft’s M12 Venture Fund, Cisco Investments, Brightmind Partners, Costanoa Ventures, and others.

Learn more at sgnl.ai