AppViewX Launches Post-Quantum PKI for Machine Identities

AppViewX has launched Agent Identity Security, a new product designed to address a rapidly expanding attack surface created by the proliferation of AI agents. The company is extending its existing platform, built on a decade of expertise in machine identity and Public Key Infrastructure, to specifically govern and secure these autonomous systems as organizations grapple with both their increasing use and the approaching threat of quantum computing. The announcement highlights the collision of AI agents becoming the largest workforce most enterprises never hired, operating autonomously across sensitive infrastructure with broad access and minimal oversight, according to Archit Lohokare, CEO of AppViewX, who emphasized the need for visibility and governance in this new era of agentic enterprise.

Agent Identity Security for AI and Quantum Environments

The company’s newly launched Agent Identity Security product directly responds to this convergence, extending their existing platform to specifically govern AI agents and prepare for a post-quantum future. The technologies and techniques most organizations rely on today were built for a human-centric world before AI agents emerged; they were not designed for the authentication and authorization demands that machines and agents create, and especially not for a post-quantum environment. A key component of Agent Identity Security is its ability to manage an AI Bill of Materials (AIBOM), providing a centralized view of every agent, its underlying large language models, and governing MCP tools. This capability aims to eliminate “shadow AI blind spots” by offering security teams a unified inventory and risk assessment.

The platform also supports organizational and regulatory policy coverage across the entire AI agent estate, including NIST AI RMF, EU AI Act, SOC 2, and SEC Cyber Disclosure, providing audit-ready compliance evidence. Beyond inventory and governance, Agent Identity Security focuses on adaptive access control, limiting agents to only the resources necessary for their designated tasks. This least-privilege approach, integrated with existing Privileged Access Management (PAM) and Identity and Access Management (IAM) systems, seeks to minimize the potential damage from compromised agents. Real-time threat detection, powered by an AI security companion called Guardian Agent, further enhances security by identifying anomalous behavior and providing context-aware remediation guidance. According to Todd Thiemann, Principal Analyst at Omdia, AppViewX is taking the right architectural approach with Agent Identity Security, grounding agent governance in a robust PKI foundation to address both AI and quantum computing challenges simultaneously. John Barrow, CISO at JB Poindexter & Co, adds that to reduce risk, we must monitor, audit, and control their privileged access to sensitive data and systems, highlighting the urgent need for solutions like Agent Identity Security to manage the expanding threat surface created by autonomous AI.