Securing AI agents: Cequence's agent personas

As AI agents become more widely used to connect enterprise applications, distinctions between authentication and control over actions are becoming more prominent. Cequence Security, an application protection provider, has introduced Agent Personas in its Cequence AI Gateway to address this issue.

Many organisations treat agent identity as sufficient for managing behaviour. However, AI agents operate based on assigned privileges, which can lead to unintended or excessive access if not properly constrained. Agent Personas is designed to provide more detailed control over what each agent is permitted to do.

By defining an agent’s role in plain language, the system creates a scoped virtual MCP endpoint that limits actions to those required for that role. For example:

• A customer support AI is given CRM read-only access
• A coding agent can read GitHub but cannot merge pull requests
• CI/CD automation agents are restricted to specific tools and notification channels

The solution also introduces Agent Access Keys, which combine agent identity and persona-based permissions into a single credential, enabling traceability of actions for security and audit purposes.

Key capabilities of Agent Personas include:

• Scoped MCP endpoint: Defines API endpoints and permission levels per agent role
• Natural language persona creation: Roles described in plain language to guide tool access
• Single source of truth: Updates to personas apply across all connected agents without code changes
• Agent Access Keys: Unified credential combining identity and permissions for headless agents
• Per-tool policy enforcement: Supports rate limits, data masking, and approval workflows at tool level
• Full audit trail: Tracks actions by agent, user, persona, and timestamp

With more than 80% of Fortune 500 companies using AI agents and fewer than half reporting AI-specific safeguards, Cequence positions this approach as a response to gaps in agent security. It is intended to support the transition of AI systems from pilot to production environments.

Early deployments include use cases where organisations have applied Agent Personas to enforce access boundaries across tools such as GitLab and Jira, reducing the risk of unintended cross-tool access.

As AI agents take on roles in customer operations and internal workflows, governance at the agent level is increasingly relevant. Cequence states that this approach is intended to support more controlled use of agent-based AI in enterprise environments.

Cequence AI Gateway currently integrates with more than 140 enterprise applications, processes billions of API transactions daily, and is recognised within industry frameworks focused on API security and management.