GLOSSARY

Agent Security 101

Plain-language definitions for the concepts behind agentic AI security. No jargon without explanation. No acronyms without expansion.

Agentic AI

AI systems that act autonomously — making decisions, calling tools, and executing multi-step tasks without continuous human oversight. Examples: coding agents, data pipeline bots, customer service automations.

Non-Human Identity (NHI)

Any identity that is not a human user: service accounts, API keys, bots, AI agents, CI/CD runners. NHIs now outnumber human identities 50:1 in most enterprises.

Per-Request Authentication

A security model where every single API call is independently verified — not just the initial login. SURADAR authenticates each request an agent makes, so a compromised session cannot be replayed.

Composite Identity

An identity built from multiple signals: the human user who initiated the task, the device they are on, the agent executing the work, and the specific task being performed. All four must be present for SURADAR to issue credentials.

Action Binding

The process of linking an agent's tool call to the specific task that authorized it. A coding agent bound to "fix rate-limit bug" cannot access payment APIs, even if the underlying model requests it.

Scoped Credential

A short-lived token that grants access to exactly one resource for exactly one task. Scoped credentials expire when the task completes and cannot be reused for other operations.

Policy Evaluation

The real-time decision of whether to allow, deny, or escalate an agent's requested action. Policies are versioned and can run in observe-only mode before enforcement.

Credential Rotation

Automatic replacement of active credentials on a schedule (e.g., every 24 hours). SURADAR rotates credentials with zero downtime using a grace period where both old and new credentials are valid.

Auto-Revocation

Instant, automatic invalidation of an agent's credentials when a threat is detected — such as anomalous request patterns, scope violations, or replay attempts. No human intervention required.

Risk Signal

An anomaly detected during request analysis. Examples: burst_rate (request spike), unusual_scope (first-time API access), new_source_ip (unknown origin), unusual_time (off-hours request). Risk signals attach to the audit trail for SOC review.

Agent Security Posture

A continuous assessment of your agent fleet's security health — measured against compliance frameworks like SOC2, ISO 27001, and NIST 800-53. SURADAR generates compliance evidence automatically from auth events.

MCP (Model Context Protocol)

An open standard for connecting AI models to external tools and data sources via "tool servers." SURADAR secures MCP connections by enforcing identity and policy on every tool server call.

Tool Server

A service that exposes capabilities (e.g., GitHub, Slack, databases) to AI agents via a standard protocol. Each tool server call goes through SURADAR's auth chain before execution.

Observe-Only Mode

A policy deployment mode where new rules log what they would allow or deny without actually enforcing. Used to test policy changes against live traffic before activating them.

Escalation

When an agent action requires human approval — either because policy requires it (e.g., payments above a threshold) or because risk signals indicate anomalous behavior. The agent pauses until a human approves or denies.

Audit Trail

A tamper-resistant log of every agent action, policy decision, credential issuance, and risk signal. Structured as queryable events that stream to your SIEM (Splunk, Datadog, Sentinel) in real time.

Agent Registry

A central inventory of every enrolled agent in your organization — their capabilities, scopes, status, and behavioral baselines. The registry is the source of truth for agent lifecycle management.

Behavioral Baseline

A learned profile of an agent's normal behavior — typical scopes, request times, source IPs, and request rates. Deviations from the baseline generate risk signals for anomaly detection.

Zero-Handshake Auth

An authentication model that does not require a setup handshake or session negotiation. Every request carries its own proof of identity, eliminating the latency and statefulness of traditional session-based auth.

Identity Provider (IdP)

An external service that verifies human or machine identities — such as Okta, Microsoft Entra, Auth0, AWS IAM, or SPIFFE. SURADAR federates across your existing IdPs to build the composite identity.

Ready to secure your agents?

Get Started