{"id":3638,"date":"2025-06-20T10:46:20","date_gmt":"2025-06-20T10:46:20","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=3638"},"modified":"2025-06-20T10:46:20","modified_gmt":"2025-06-20T10:46:20","slug":"ibm-combines-governance-and-security-tools-to-solve-the-ai-agent-oversight-crisis","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=3638","title":{"rendered":"IBM combines governance and security tools to solve the AI agent oversight crisis"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

IBM (NYSE:IBM<\/a>) is integrating its AI governance tool watsonx.governance with Guardium AI Security \u2014 its tool for securing AI models, data, and their usage \u2014 to simplify and bolster AgentOps for enterprises.<\/p>\n

AgentOps, short for agent operations and also otherwise known as agent development lifecycle management, is a growing area of focus for enterprises as agent sprawl becomes<\/a> a key challenge, mostly driven by vendors lining up to offer enterprises tools to create AI agents for a plethora of different tasks.<\/p>\n

\u201cAgentOps is a new discipline with growing pains, and tool sprawl is one of them. Integrating agentic governance and security gives AI builders a unified perspective and controls. Integrating the two also makes it less likely for risks like shadow agents to proliferate,\u201d said Heather Gentile,<\/a> director of product for IBM watsonx.governance, risk, and compliance.<\/p>\n

The way the integration works is that both products share information about AI assets, such as AI project inventory.<\/p>\n

However, there is a catch. Enterprises who wish to take advantage of this integration will need to have both watsonx.governance and Guardium AI Security<\/a> deployed, according to Vishal Kamat, VP of data security at IBM.<\/p>\n

The integration will help enterprises by providing the \u201cfirst\u201d unified solution to manage both security and governance risks for AI use cases, especially agents, as they offer tremendous productivity benefits but can carry \u201csteep consequences\u201d when not properly governed or secured, said Dave Nicholson<\/a>, chief research officer at The Futurum Group.<\/p>\n

Nicholson said that he expects further integration of AI-focused governance and security products by vendors such as Microsoft, Google, and AWS.<\/p>\n

\u201cThe rapid adoption of AI agents is creating pressure across the technology sector to bridge the traditional silos between security and governance teams, provide unified platforms rather than fragmented point solutions, and address the unique risks that autonomous AI systems present to organizations,\u201d Nicholson added.<\/p>\n

New capabilities in Guardium AI and watsonx.governance<\/h2>\n

As part of the integration, IBM is introducing new capabilities to Guardium AI Security through a collaboration with\u00a0AllTrue.ai<\/a>, a platform that focuses on risk and security management of AI systems, applications.<\/p>\n

These new capabilities include automated penetration testing and agent discovery, which can be directly accessed from within IBM Guardium AI Security or watsonx.governance, Kamat said, adding that the new \u201ccapabilities are available through IBM product licensing.\u201d\u00a0<\/p>\n

The collaboration with Alltrue.ai will also allow enterprises to gain specialized detection capabilities in cloud environments, code repositories, and embedded systems, IBM said, adding that once risks are identified, IBM Guardium AI Security can automatically trigger appropriate governance workflows from watsonx.governance.<\/p>\n

This is becoming increasingly important as most enterprises are continuing to grow their AI ecosystem, which is decentralized, Nicholson said.<\/p>\n

Recently, IBM released updates to IBM Guardium AI Security, which included automated red teaming to help enterprises detect and fix vulnerabilities and misconfigurations across AI use cases.<\/p>\n

The integration with watsonx.governance will roll out throughout the remainder of the year, IBM said.<\/p>\n

As part of the integration, watsonx.governance has been updated with new capabilities, including the ability to monitor and manage AI agents across their entire lifecycle.<\/p>\n

\u201cEvaluation nodes can be built directly into agents, allowing users to carefully monitor metrics like answer relevance, context relevance, and faithfulness \u2013 and help identify the root cause of poor performance,\u201d IBM wrote in a blog post.<\/p>\n

IBM is also planning to add capabilities, such as agent onboarding risk assessment, agent audit trails, and an agentic tool catalogue, by June 27. The company said it is adding Compliance Accelerators to watsonx.governance to provide enterprises with a quick way to identify obligations about their AI usage and ensure compliance with local regulations.<\/p>\n

These Accelerators, which contain pre-loaded regulations, standards, and frameworks from around the globe and are available as an add-on, support key regulations like the EU AI Act, the US Federal Reserve\u2019s SR 11-7, and New York City Local Law 144, along with global standards like ISO\/IEC 42001 and frameworks like the NIST AI RMF.<\/p>\n

More IBM news:<\/p>\n

IBM\u2019s cloud crisis deepens: 54 services disrupted in latest outage<\/a><\/p>\n

IBM claims to have \u2018only realistic path\u2019 to quantum computing<\/a><\/p>\n

IBM claims $3.5 billion productivity boost through AI agent use<\/a><\/p>\n

SAP, IBM slammed for role in Quebec auto insurance board ERP overhaul fiasco<\/a><\/p>\n

IBM acquires Seek AI, launches Watsonx Labs to scale enterprise AI
<\/a><\/p>\n

><\/p><\/div>\n\n

><\/p><\/div>\n

<\/p>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

IBM (NYSE:IBM) is integrating its AI governance tool watsonx.governance with Guardium AI Security \u2014 its tool for securing AI models, data, and their usage \u2014 to simplify and bolster AgentOps for enterprises. AgentOps, short for agent operations and also otherwise known as agent development lifecycle management, is a growing area of focus for enterprises as […]<\/p>\n","protected":false},"author":0,"featured_media":3633,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3638","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3638"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3638"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3638\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/3633"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}