![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 15 15" xmlns="http://www.w3.org/2000/svg"><g d="M 4.5 0 L 4.5 9.334 M 0 4.5 L 4.667 9.167 L 9.334 4.5" fill="transparent" height="9.334000000000003px" id="wVLQb2Yt7" transform="translate(2.5 2.5)" width="9.333999999999946px"><path d="M 0 0 L 0 9.334" fill="transparent" height="9.334000000000003px" id="Ho_4eUERn" stroke-dasharray="" stroke-linecap="butt" stroke-linejoin="round" stroke-width="1.2" stroke="rgb(35, 41, 51)" transform="translate(4.5 0)" width="1px"/><path d="M 0 0 L 4.667 4.667 L 9.334 0" fill="transparent" height="4.667000000000002px" id="q4SooRAjE" stroke-dasharray="" stroke-linecap="square" stroke-linejoin="round" stroke-width="1.2" stroke="rgb(35, 41, 51)" transform="translate(0 4.5)" width="9.333999999999946px"/></g></svg>)
0
1
SAN FRANCISCO and NEW YORK—Opal Security, the AI-native access governance platform for every identity, today announced Agents in Opal, a set of AI agents built directly into its platform. The release begins with AI-Guided Access Reviews, powered by Opal's Paladin, an AI agent for access governance that can reason and make recommendations.
Access has outgrown human scale. Non-human and agent identities already outnumber people, and the roughly 100-hour review cycle that teams still run cannot keep pace. AI agents make the gap wider. They are deployed faster than security teams can track them, they often inherit the standing, over-scoped credentials of the people who created them, and they multiply the number of identities that need to be governed. Workflows alone do not close that gap. It takes agents that can reason over access, make recommendations, and handle routine decisions, while a person stays accountable for the calls that carry risk.
With Agents in Opal, customers can now put agents to work across four areas:
Access reviews. Paladin reduces review effort and raises review quality.
Access requests. Paladin accelerates fulfillment while enforcing policy on every grant.
Access intelligence. Ask who has access to what in plain English with OpalQuery, no query language required.
Policy and remediation. AI-assisted OpalScript automates governance workflows and remediation actions.
Every agent runs on the same access graph, governance model, and audit trail, so every recommendation, decision, and action stays transparent and reviewable. That is how organizations move from manual identity administration to AI-assisted governance without giving up control.
The flagship: AI-Guided Access Reviews
The access review is where machine scale breaks first, so it is where Opal is starting. Paladin groups low-risk grants, shows the evidence behind each one, and lets reviewers clear them in a single click, which can cut review effort by up to 90 percent. Reviewers spend their attention on the access that could actually cause harm. Reviews can be scoped in minutes, the right reviewers are assigned automatically, and reminders, progress tracking, and a complete decision history keep the process audit-ready.
The control sits with the customer. Teams set how much Paladin handles on a dial rather than a switch, and a human signs off on every certification, so the result holds up to an auditor. Where much of the market is moving toward fully autonomous decisions, Opal keeps a person accountable for the access that matters, which is the position security leaders and auditors can defend.
"Access used to be a one-time decision. Today it is a continuous, high-volume problem across humans, services, and AI agents at machine speed," said Sameer Mehta, Chief Product Officer at Opal Security.
"Governing it takes agents that can reason over access and handle the routine work, with a human accountable for the calls that matter. We are bringing agents to Opal, starting with the place machine scale breaks first: the access review."
Proven in production
The best security and engineering teams protect their access with Opal. Databricks runs more than 86,000 time-bound access requests through Opal, and Chronosphere has cut standing access by 88 percent.
"Once our access data was centralized in Opal, generating user access reviews became effortless," said Sharon Aby, Senior Manager of IAM at Databricks.
"Agents will need to be more and more treated as identities," said Jason Fernandes, VP of Security and Privacy at Mercari.
Agents will multiply faster than any identity before them, and they will not wait for a quarterly review. The teams that stay ahead will be the ones whose governance runs at machine speed and still answers to a human.
Availability
Agents in Opal, including AI-Guided Access Reviews, will be available to customers in early July. To see the product in action, read the deep-dive on the Opal blog, join an upcoming webinar, or request a demo.
About Opal Security
Opal has now raised $59 million from Greylock Partners, Battery Ventures, Box Group, SVCI, and Cambium Capital, and was recently named to Notable Capital's Rising in Cyber 2026 list of the 30 most promising private cybersecurity startups, as selected by 150 leading CISOs. Opal is the AI-native access platform that gives security teams real-time visibility, expressive policy-as-code, and direct control over every identity, from employees to service accounts to AI agents. As environments grow more dynamic and autonomous, Opal becomes a self-improving system that ensures resilience and the ability to move faster without increasing risk.
Contacts
Media Contact:
christine@opal.dev
