Log in
Sign up
Back to all insights
AI-Enhanced Keystone Arch

Sections

Opal Security Unveils AI-Driven Access Governance Platform

Opal Security Declares the End of Access Sprawl

Opal Security, a leader in modern identity security and access governance, has announced the launch of three new AI-native capabilities that collectively form the industry’s first unified platform for seeing, encoding, and enforcing access governance. This innovative launch is spearheaded by Paladin, an AI access evaluation agent, solidifying Opal’s position as a pioneer in AI-native identity governance.

Rather than simply integrating AI into existing legacy workflows, Opal Security is introducing AI as a fundamental participant in access decisions, orchestration, and policy reviews. This strategic move comes in response to alarming data from Opal Labs’ report, The Permission Gap: How Unused Access is the Newest Security Crisis, which highlights the rampant issue of overprovisioning and the risks it poses without automated governance.

Introducing Paladin: AI Governance Redefined

The centerpiece of this launch is Paladin, an AI access evaluation agent that transcends traditional agents that merely respond to access requests. Instead, Paladin fundamentally governs access intent. It automatically aligns access policies with an organization’s evolving risk tolerance and growth objectives, thinking about access in ways not previously seen in the industry.

When an employee requests access, Paladin evaluates the requester’s identity, access history, ticket references, and resource sensitivity. It either approves the request or escalates it for human review, providing a detailed explanation of any concerns. Paladin operates as a first-class reviewer within Opal’s approval chain, complete with its own identity and audit trail, significantly streamlining the access review process.

The Need for Automation

As organizations increasingly adopt AI agents, manual security processes become untenable. The rapid dynamics of agent management necessitate automation to maintain governance amidst the velocity of AI workloads. Opal Security addresses this challenge by encoding access through systems like MCP, Terraform, or Opal’s APIs.

OpalScript and OpalQuery: Enhancing Access Governance

In addition to Paladin, Opal Security is also introducing two further capabilities: OpalScript and OpalQuery.

OpalScript is a Python-like policy language that allows security teams to codify access decision logic into executable automations. This feature enables administrators to write concise scripts or request modifications through an AI assistant, simplifying the process of establishing complex, organization-specific policies.

OpalQuery is an AI-powered access query environment that facilitates exploration of an organization’s access data using natural language. This capability allows security teams and IT administrators to obtain instant results, transforming what was once a tedious process into a matter of seconds.

The Data Behind the Launch

The urgency of this announcement is underscored by staggering statistics:

  • Auto-granted access is 50% more likely to go unused compared to manually reviewed access.
  • Nearly 49% of employees hold at least one entitlement that hasn’t been utilized in over three months.
  • Organizations could face up to 900,000 manual access reviews annually, consuming an estimated 213,000 hours of reviewer time.

According to Howard Ting, CEO of Opal Security, “Organizations are drowning in access they can’t see, track, or clean up fast enough.” The aim is to assist teams in mitigating risk while enhancing operational speed.

Availability and Future Directions

Opal Security’s latest platform capabilities are currently available to all customers, providing a robust solution for the challenges of access governance. With a focus on continuous policy enforcement without human intervention, Opal Security is redefining the landscape of identity risk management.

As organizations move towards a more automated and intelligent approach to access governance, the introduction of these capabilities marks a significant step forward in addressing the complexities of modern cybersecurity challenges.

More Insights

A safety helmet worn by drone operators

Revolutionizing Drone Regulations: The EU AI Act Explained

December 17, 2025 AI,AI Regulation,Drone Technology,Regulatory Framework
The EU AI Act represents a significant regulatory framework that aims to address the challenges posed by artificial intelligence technologies in various sectors, including the burgeoning field of...
Read More
A safety helmet worn by drone operators

Revolutionizing Drone Regulations: The EU AI Act Explained

December 1, 2025 AI,AI Regulation,Drone Technology,Regulatory Framework
The EU AI Act represents a significant regulatory framework that aims to address the challenges posed by artificial intelligence technologies in various sectors, including the burgeoning field of...
Read More
A light bulb to convey innovation and the bright potential of responsible AI solutions.

Embracing Responsible AI to Mitigate Legal Risks

November 29, 2025 AI,AI Ethics,AI Governance,AI Regulation
Businesses must prioritize responsible AI as a frontline defense against legal, financial, and reputational risks, particularly in understanding data lineage. Ignoring these responsibilities could...
Read More
A traffic light to illustrate the need for clear guidelines and regulations in managing AI technologies.

AI Governance: Addressing the Shadow IT Challenge

November 29, 2025 AI,AI Governance,AI Regulation Awareness,Regulatory Compliance
AI tools are rapidly transforming workplace operations, but much of their adoption is happening without proper oversight, leading to the rise of shadow AI as a security concern. Organizations need to...
Read More
A roadmap illustrating the journey companies must take to align with AI regulations.

EU Delays AI Act Implementation to 2027 Amid Industry Pressure

November 29, 2025 AI,AI Regulation,EU Compliance,Regulatory Compliance
The EU plans to delay the enforcement of high-risk duties in the AI Act until late 2027, allowing companies more time to comply with the regulations. However, this move has drawn criticism from rights...
Read More
A semiconductor chip

White House Challenges GAIN AI Act Amid Nvidia Export Controversy

November 29, 2025 AI,AI Regulation,Artificial Intelligence Governance,Technology Policy
The White House is pushing back against the bipartisan GAIN AI Act, which aims to prioritize U.S. companies in acquiring advanced AI chips. This resistance reflects a strategic decision to maintain...
Read More
Compliance checklist

Experts Warn of EU AI Act’s Impact on Medtech Innovation

November 29, 2025 AI,EU Compliance,Medtech Innovation,Regulatory Compliance
Experts at the 2025 European Digital Technology and Software conference expressed concerns that the EU AI Act could hinder the launch of new medtech products in the European market. They emphasized...
Read More
A tree

Ethical AI: Transforming Compliance into Innovation

November 29, 2025 AI,AI Ethics,Ethical AI
Enterprises are racing to innovate with artificial intelligence, often without the proper compliance measures in place. By embedding privacy and ethics into the development lifecycle, organizations...
Read More
A warning sign

AI Hiring Compliance Risks Uncovered

November 29, 2025 AI,AI Compliance,AI Regulation,Regulatory Compliance
Artificial intelligence is reshaping recruitment, with the percentage of HR leaders using generative AI increasing from 19% to 61% between 2023 and 2025. However, this efficiency comes with legal...
Read More