Become a TechRadar Insider
AI agents are entering the workforce, and while some show promise at increasing productivity and ending repetitive rote work, others are using their autonomy to cause some serious problems.
Zscaler CEO Jay Chaudhry believes his company has a solution.
Speaking in Vienna at the opening keynote of Zscaler Zenith 2026, Chaudhry shared his perspective on how a security architecture born in 2007 is best suited to secure the workforce of the future.
“Agents are becoming the weakest link”
“There have been so many instances where Microsoft Copilot exfiltrated data without a user action, the agent did it,” Chuadhry said. “We’re seeing OpenClaw poisoned with credential stealers, and there are other cases where databases got deleted, email inboxes got deleted - and it's not users who are doing it. These agents operate independently, they can make decisions, they can take actions.”
Where a human has the ability to recognise if their actions are destructive, many AI agents do not double check. “Yesterday, a user was the weakest link, today these agents are becoming the weakest link.”
“They move at machine speed. They need no coffee breaks, no weekends, no time to sleep,” Chaudry noted, pointing to the fact that there is very little time for human decision making to take place once an autonomous agent begins a workflow.
“The challenges are coming because the AI revolution is different.,” he added. “In the internet wave we had human beings able to access websites, in the cloud wave we could have people build applications on the cloud and access them. In every prior wave, we were securing waves using new tools, but this time the tools are the workforce.”
“This is where zero trust will play a bigger and bigger role.”
Zscaler recently unveiled a wave of new tools to help secure emerging AI technologies and autonomous agents under its Zero Trust Exchange platform. Among them are tools to prevent AI agents from abusing their permissions, and tools to mask their presence from attackers looking to create a double agent.
The tools unveiled include AI Broker: a platform for maintaining organisational visibility over the access controls applied to autonomous agents, and Endpoint AI Security: designed to closely monitor for malicious activity at the device level, digging as deep as the browser, extension and plugin levels.
“It's a very exciting but challenging problem to solve,” Chaudhry noted, adding that “to really take any action, you’ve got to understand what you have and what the risk is associated with it.”
Not only does the new AI agent platform feature MCP and A2A brokers to secure agentic communications, but it also helps in securing agents by “understanding the task that is being done, understanding prompts properly, and being able to inspect prompts to understand the intent.”
Additionally, Zscaler announced AI Access Graph, which provides visibility into the connections between individual identities, applications and data sources. “In an enterprise, you’ve got all these entities, you’ve got all these data sources. They talk to each other. How do you know who is talking to who? Who has what kind of access?”
“This problem was solved by a bunch of PhDs at the University of Texas in Austin,” Chaudhry explains, pointing to Zscaler's recent acquisition of Symmetry Systems. “It takes telemetry and meta data from all of these sources, applies AI on top of that, and creates a powerful graph that allows you to connect the dots.”
For Chaudhry, positioning AI agents behind zero trust and using Zscaler’s new tools makes enterprise security “simple, elegant, and your workloads are hidden from the internet.”
Currently, Zscaler handles more than 750 billion requests per day, and with agentic traffic rapidly growing, Chaudhry expects to add “one or two zeroes to this number.”
“That's the scale our engineering team is working towards. That’s the scale we want to build.”
