Adversarial inputs are carefully designed changes to data that confuse AI models and cause them to make mistakes. These changes can be subtle and hard for humans to detect, but they exploit weaknesses in the AI’s understanding. Adversarial inputs can reduce the accuracy and reliability of AI, so defending against them is important to ensure AI makes correct and safe decisions.

‍

AI security threats are risks and vulnerabilities that target or arise from AI systems, potentially compromising their integrity, confidentiality, or availability. Such threats can include adversarial attacks, data poisoning, model inversion, unauthorized inference, and misuse of AI for malicious purposes.

Read more about these risks and how to mitigate them in the Knowledge Center.

Data silos refer to isolated collections of data, such as customer or sales data, within an organization that are not easily accessible or integrated with other data sources. Imagine having separate storage rooms for each department, where each room holds important information, but each department can only access their own storage room. This makes it difficult to get a complete unified view of the entire organization’s data.

A directory information service is a centralized database which stores, manages, and provides access to directory data, such as user identities, resources, and access permissions. Picture a company’s phonebook, listing all employees, their contact information, and their roles, helping everyone find the right person quickly.

Dynamic access tokens are temporary, context-aware credentials that grant AI agents or users secure access to resources. They can adjust permissions in real-time based on policies, risk, or environmental factors.

Why it matters: Dynamic tokens improve security by limiting exposure and ensuring access is only granted under the right conditions.

A knowledge graph, also known as a semantic network or connected data model, represents a network of real-world entities, made up of nodes, edges and labels, and illustrates the relationships between them - visualized as a graph structure. Imagine a smart map that connects pieces of information together, and shows how things are related. By doing so, we can find unique connections and new insights, which makes it easier to answer complex questions, and provide helpful recommendations.

Why it matters: Mapping relationships between entities uncovers hidden insights, improves recommendations, and supports complex queries.

Policy Decision Points are parts of a system that review access requests against set rules and available context, then decide whether to approve or deny the request, sending that decision back to a Policy Enforcement Point (PEP).

‍Why it matters: PDPs centralize decision logic, allowing for scalable governance and consistent policy enforcement across systems.

Policy Enforcement Points are parts of a system that control access by checking each request, asking a Policy Decision Point (PDP) for a decision, and then allowing or blocking the request based on that decision.

‍Why it matters: PEPs ensure access is consistently enforced in real time, preventing unauthorized actions before they occur.

Agent-native refers to systems and workflows intentionally designed for autonomous AI agents to operate at the core, instead of being added on top of workflows designed for humans. It reflects a shift toward environments where agents execute tasks, make decisions, and interact with other systems independently, while humans guide overall direction.

Why it matters: Agent-native design ensures agents can operate safely and efficiently, enabling greater automation, scalability, and alignment with business goals.

OAuth 2.0 is an open standard protocol that allows third-party applications, like a website or application to access the resources of a user without exposing their credentials. For instance, it allows apps to access your data without giving them your password, keeping your information secure.

Access control is a crucial aspect of security that defines who can access specific data, applications, and resources - as well as under what conditions. In short, it's a selective restriction of access to a resource. Access control heavily depends on authentication and authorization techniques, enabling organizations to verify users’ identities and ensure they receive the correct level of access based on the authorization policy.

Connected data models involve networks of data points or nodes linked through relationships. Knowledge graphs are a popular way to do this, making connections between disparate sources to provide specific insights. They aim to intuitively represent the interconnected world. The real world is flexible, messy and constantly changing. Our relationships and connections are dynamic and are at times incredibly complex and layered, and knowledge graphs are designed to reflect this complexity.

Active metadata refers to dynamic information about data that is constantly updated and used to manage and optimize how data is organized, accessed, and used in different systems. It goes beyond metadata with only static descriptions and helps keep track of data's properties, relationships, and usage patterns in real-time, which is crucial for ensuring data quality, compliance, and efficient data management. Essentially, active metadata enables systems to automatically adapt and improve based on the most current information about the data.

Adaptive access refers to a security approach that adjusts access permissions based on real-time user behavior, contextual factors and risk assessments. Just picture a system that changes its rules depending on where you are, what device you’re using and how you normally behave online, and then decide to grant access or not.

Why it matters: Adjusting access in real time based on context reduces security risks while maintaining user productivity.

A data catalog is the ability to inventory and organize data assets. Capabilities include using machine learning for automatically detecting relationships between data assets. This process involves users verifying and resolving any uncertainties found during automated inventory.

A data control engine is an external system that uses metadata and relationships in a graph to enforce enterprise policies, manage governance, and control access across applications and systems. It ensures that rules, trust signals, and usage restrictions travel with the data, allowing operationalized graph data to be used securely and consistently in analytics, AI, and workflows.

Why it matters: Ensuring policies and governance travel with the data prevents misuse, reduces compliance risk, and allows secure, scalable data operations.

Data mesh is a data management approach that supports a domain-led practice for defining, delivering, maintaining, and governing data products. While it’s not yet an established best practice, data mesh helps ensure that data products are easy to find and use by data consumers, such as business users, data analysts, data engineers, or other systems. Additionally, data products must meet terms of service and SLAs, forming a contract between the provider and the consumer.

Agent access refers to the permissions and rights granted to an AI agent to interact with systems, data, or resources in order to perform its tasks. Access is typically controlled through policies, authentication, and authorization mechanisms.

Why it matters: Proper agent access ensures AI agents can perform their functions safely while preventing unintended or malicious use of sensitive data.

AgentControl provides fine-grained, context-aware authorization for AI agents, ensuring they access only the data and systems required for their specific tasks. By dynamically evaluating permissions in real time, it prevents over-permissioned agents from exposing sensitive information or violating policies.

Why it matters: Proper agent access ensures AI agents can perform tasks safely and efficiently, while reducing security risks, preventing unauthorized data use, and maintaining compliance.

Agentic AI refers to AI systems designed to operate autonomously, making decisions and performing tasks independently to achieve goals, often interacting with other agents or humans.

Why it matters: Agentic AI enables scalable automation and complex decision-making, but requires careful governance to ensure safe, ethical, and compliant behavior.

Agentic AI identity security ensures that AI agents have verified, managed, and auditable identities, with controlled access to resources and data.

Why it matters: Proper identity security prevents misuse, impersonation, or unauthorized actions by AI agents.

‍

Agentic AI security involves protecting autonomous AI systems by managing the unique risks that arise from their independent decision-making and actions. This includes preventing misuse, controlling unintended behaviors, ensuring robustness against attacks, and maintaining trustworthiness as these AI agents operate alone or collaboratively.

To learn more, download the E-guide: Access Control for AI Agents.

Agentic commerce is a specific application of agentic AI in shopping, payments, and commerce, where autonomous AI agents act on behalf of users to complete tasks such as finding products, comparing options, and making purchases. Unlike general agentic AI, which can operate across multiple domains like customer service, software development, or content creation, agentic commerce focuses exclusively on commercial and retail activities, using context, memory, and tools to make autonomous decisions.

Why it matters: Agentic commerce enables faster, more personalized, and efficient shopping experiences, while requiring clear permissions and governance to ensure trust, accountability, and safe use.

Agentic security is the overarching practice of securing autonomous AI agents and the systems they operate within. It overlaps with AI agent security but is broader, addressing risks that emerge when agents coordinate or operate collectively, while also managing lifecycle-level protections. This includes governing access, enforcing policies, and monitoring autonomous actions across the ecosystem.

Why it matters: Without agentic security, autonomous agents could be manipulated, leak sensitive data, or make unsafe decisions, creating cascading failures or systemic vulnerabilities across multi-agent environments.

A graph model is a way of structuring data (using a graph database) that represents entities as nodes and the relationships between them as edges. It captures not just values but the connections and dependencies among entities, allowing enterprises to see complex systems, follow chains of interaction, and understand how elements such as customers, accounts, transactions, and products relate to one another.

‍Why it matters: Understanding and using graph models enables organizations to uncover hidden relationships, maintain context across systems, and make better-informed decisions.