Cequence launches access controls for autonomous AI agents

Cequence Security has launched Agent Personas in Cequence AI Gateway. The original source is Cequence/GlobeNewswire, published on April 28, 2026 at 09:00 ET.

This is a security story, not just another product update. As AI agents connect to enterprise systems through MCP and other tool layers, it is no longer enough to know who the agent is. CIOs and CISOs also need to control what the agent is allowed to do.

Agent Personas creates a scoped virtual MCP endpoint for each agent role. Cequence says a customer service agent can get read-only CRM access without permission to modify records, while a coding agent can read GitHub issues and create Jira tickets without being allowed to merge pull requests. That is the right level of control: not broad access, but specific tool calls with explicit boundaries.

The launch also includes Agent Access Keys, a composite credential type that binds agent identity, user identity and persona-level permissions. The point is traceability. Security teams need to see which agent did what, for whom, when and under which permissions. Cequence also highlights per-tool policy enforcement, rate limits, data masking, approval workflows and full audit trails.

For leaders, the signal is clear: agent governance is becoming its own control domain. Buying a model with good security paperwork is not enough. The risk sits in the actions the agent can perform inside CRM, Jira, Git, Slack, ERP and customer-facing workflows.

Practical recommendation: create a matrix of agent roles, tools, permissions, approval thresholds and logging requirements before opening MCP access to production systems. Read access, write access and destructive actions must be separated hard. Otherwise, the company has only built a faster version of old access sprawl.

Original source: Cequence/GlobeNewswire, April 28, 2026.