TrustLogix adds AI agent controls to TrustAI platform

TrustLogix has launched a new version of its TrustAI data security platform, adding controls for AI agents used by companies in financial services, healthcare and technology.

The release includes what TrustLogix calls intent-based authorisation for AI agents, a runtime kill switch, a Model Context Protocol Data Gateway, a Guardian Agent for monitoring, and new audit and compliance tools. The platform is designed to govern access at the data layer as businesses expand their use of AI agents across internal systems and data stores.

TrustLogix is positioning the platform around what it sees as a gap between identity management software and AI application controls. In its view, identity platforms manage human and machine identities but do not extend deeply enough into how AI agents access underlying data, while AI platforms focus on prompts and outputs rather than the controls applied to the data itself.

That gap has widened as businesses roll out approved internal AI projects alongside unsanctioned tools, often referred to as ShadowAI. TrustLogix says many agents use generic service accounts, making it harder for security teams to determine who is accessing data and for what purpose.

New controls

The centrepiece of the release is intent-based access control, or IBAC, which is aimed at limiting an agent's access according to the task it is carrying out. The system considers not only the identity of the user and their entitlements, but also the reason an agent is requesting access, with the goal of constraining permissions to the specific context and resources required.

Another addition is a runtime kill switch that allows security teams to cut off an AI agent's access to data across connected platforms. It is intended for situations in which an agent has been compromised, gains excessive privileges or behaves outside its intended scope.

The Model Context Protocol Data Gateway is designed to create a single point through which AI agent activity involving enterprise data can be monitored and controlled. TrustLogix says the gateway can block unauthorised agents from reaching data stores and tools, while applying role-based and attribute-based controls and carrying identity context from a human user through the AI agent to the data layer.

The Guardian Agent is designed to monitor behaviour continuously and compare agent actions with an established baseline. It can raise alerts when data access or operating scope moves away from expected patterns, and can also identify unsanctioned agents that have not gone through a formal deployment process.

Compliance focus

Alongside those operational controls, the platform supports reporting and evidence gathering for a range of regulatory and compliance frameworks, including SOC 2, GDPR, HIPAA, NIST AI RMF, ISO 42001 and the EU AI Act. Logs, impact assessments and control evidence can be exported in a single package for internal and external audits.

The emphasis on compliance reflects growing scrutiny of how organisations use AI systems in regulated sectors. Financial services and healthcare groups in particular face pressure to demonstrate how access decisions are made, who initiated a request and whether systems can be halted quickly if they begin acting outside approved boundaries.

TrustLogix says the latest release builds on customer adoption in financial services, healthcare and technology. The platform integrates with Snowflake, Databricks, AWS, Azure and Power BI, and can be deployed as software as a service or in a private cloud.

Founder and CTO Ganesh Kirti set out the company's argument for focusing on the data layer.

"Every enterprise we talk to is asking the same question: we have IAM, we have an AI platform, so why do we still have a data access problem? The answer is that neither was built for the data layer. TrustAI is purpose-built to work alongside those platforms, not replace them, bringing enforcement, identity context, and behavioral oversight to the one place agents and humans actually touch data. That's where control has to live," Kirti said.

Ron Longo also pointed to demand from sectors already subject to tighter oversight.

"Our customers have made significant investments in their data and AI platforms. TrustAI is designed to make those investments more secure and more valuable, not add friction to them. The traction we're seeing across financial services, healthcare, and technology tells us that enterprises are ready for this level of control at the data layer," Longo said.