SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Versa adds Zero Trust controls for AI agent actions
Hybrid Cloud Network Security PAM

Versa adds Zero Trust controls for AI agent actions

Sat, 23rd May 2026 (Today)
Mark Tarre
MARK TARRE News Chief

Versa has introduced a Zero Trust architecture for the Model Context Protocol in its Verbo AI operations tool. The product is available now in Release 23.1.1 of the VersaONE platform.

The launch addresses an emerging issue as companies deploy AI agents in network and security operations: a single request can trigger multiple background actions across live systems, while operators may have limited visibility into what the software is doing before those actions are carried out.

The design applies identity checks, role-based access controls and policy rules to each action generated by an AI agent before execution. Administrators can allow some actions to run automatically, require human approval for others, or block them entirely, based on factors including user identity, role, system context, action type and risk level.

Every approved action is logged with attribution, creating an audit trail for changes made through AI-driven workflows. The architecture sits inside Versa Verbo, an AI operations co-pilot, and is integrated with the wider VersaONE Universal SASE platform.

AI oversight

The announcement reflects a broader shift in enterprise technology as AI agents move from answering questions to taking direct action in production systems. That has created new concerns for network and security teams, especially when software can trigger a chain of actions from a single instruction.

Versa casts the issue as one of verification and governance rather than simple automation. In practice, the concern is that an apparently routine prompt could lead to a sequence of unseen system changes, while a model error could produce unintended operational outcomes.

Its approach is designed to ensure that no AI-generated action is trusted by default. Instead, each step is checked against existing access and policy controls before it reaches the network or security environment.

That extends Zero Trust principles, already widely used in identity and access security, into the emerging area of AI agent execution. The concept is likely to appeal to organisations trying to balance pressure to roll out AI with the need to preserve accountability over operational systems.

Part of wider strategy

The latest release builds on Versa's earlier work around AI and the Model Context Protocol, a framework increasingly used to connect large language models with external tools and data sources. The company had already launched an open-source MCP server and later added agentic functions to Verbo.

With this release, Versa is focusing more directly on controls over what AI agents are allowed to do once connected to enterprise tools. The challenge is not just enabling access to systems, but constraining and validating the actions that follow.

Verbo supports software-as-a-service, on-premises and hybrid deployment models. That gives customers options over model choice, where data is processed and where operational controls are applied, which may matter for regulated sectors or organisations with strict internal security requirements.

Versa also tied the launch to a broader market need. Research firm Gartner recently said AI has introduced a new class of digital users in the form of agents and argued that traditional SSE and SASE platforms were not originally designed to secure them.

Operational context

For network operations teams, the issue goes beyond cybersecurity. AI systems are also being positioned as a way to identify anomalies, correlate events and guide troubleshooting across complex environments. If those same systems begin taking action on their own, change management, accountability and approval processes become central concerns.

Versa says its combination of Zero Trust controls and AI-assisted operations is intended to let organisations adopt AI-driven operations without losing policy control. It positions the model as a way to reduce the risk that productivity gains from AI come at the cost of oversight.

One practical question for enterprises will be how often human approval is required and whether approval workflows slow the benefits vendors often promise from automation. Versa's answer is to let administrators decide in advance which actions can proceed automatically and which require sign-off.

That policy-led approach may be more acceptable to large organisations than unrestricted automation, particularly in network and security functions where a single misstep can have broad consequences. It also provides a framework for documenting who authorised what, and under which conditions, when AI tools are involved in operational changes.

In a statement accompanying the launch, the company argued for stronger safeguards around agentic AI in production environments.

"Enterprise AI is at an inflection point. Until every agent action can be verified, AI in production can turn into a liability, not an advantage. Versa is solving that head-on, and we believe Zero Trust is the only viable architecture for trustworthy agentic AI," said Sridhar Iyer, Senior Director, AI and ML, Versa.

Related stories
ANZ firms shift to cyber resilience as AI risk grows
AI bots overwhelm identity controls in Australia & NZ
HPE unveils AI security tools & quantum-ready updates
ExtraHop launches AI network visibility & governance tool
Yubico & Delinea link AI actions to human approval
Top stories
Rubrik & MEDITECH team up on hospital cyber resilience
Geordie links Claude Enterprise to security controls
CTERA launches InsightAI for unstructured data analysis
Darwinium updates mobile SDKs to spot scam activity
Ayla launches video platform for smart home brands