AI Agents Behave Non-Deterministically. That's Forcing a Rethink of Identity Security

The machines running inside enterprise networks are multiplying in a new direction — and the identity management industry is responding.

AppViewX, a leader in machine identity management, announced March 19 that it has acquired Eos, an AI-native identity security startup focused specifically on AI agents and autonomous workloads. Under the deal, Eos CEO Archit Lohokare becomes CEO of the combined company. Financial terms were not disclosed.

The deal reflects a growing recognition that AI agents represent a distinct identity group with behavior that doesn't fit traditional access control models. "AI agents often behave non-deterministically," said John Barrow, CISO at JB Poindexter, in AppViewX's announcement. "To reduce risk, we must monitor, audit, and control their privileged access to sensitive data and systems and ensure their lifecycle is automated and governed." That's a direct acknowledgment that existing identity infrastructure wasn't designed for agents that operate autonomously, make decisions without human review, and interact with enterprise systems at machine speed.

AppViewX brings automated Certificate Lifecycle Management, PKI, SSH, and code signing capabilities — the infrastructure for managing machine identities at scale. Eos brings governance and privileged access controls purpose-built for AI agents. The combined platform is positioned as a unified solution for securing machines, AI agents, and autonomous workloads across cloud and hybrid environments.

The acquisition accelerates AppViewX's stated shift toward an AI-native platform. The company is backed by Haveli Investments and claims enterprise customers including six of the top ten global banks and five of the top ten healthcare providers. It holds recognition as a leader in IDC's MarketScape for Certificate Lifecycle Management and in KuppingerCole's Non-Human Identity Management Leadership Compass.

The deal is the latest in a consolidating market for AI security infrastructure. As enterprise AI agent deployments scale — driven by frameworks like OpenClaw, Claude Code, and proprietary builds — the question of how to govern agent identities, constrain their access, and audit their behavior is becoming acute. Eos's specific focus on privileged access control for agents is what AppViewX is buying.

Whether the combined platform can deliver coherent governance across heterogeneous agent deployments, many of which are built on open-source frameworks with varying security postures, will be the competitive question.