What happened
At its Zenith Live 2026 conference on June 9, Zscaler announced major extensions to its Zero Trust Exchange covering agentic AI. Key additions include: Zscaler AI Access Graph (powered by the Symmetry Systems acquisition) which maps real-time identity, application, and data-source lineage across all agents; expanded MCP and agent-to-agent (A2A) broker controls inside Zscaler AI Broker; an Agent Registry for inventorying which agents can access what; endpoint AI security for detecting malicious agents, plugins, and browser extensions; and agentic codebase scanning with MCP-server red teaming and prompt hardening.
Why it matters
Zscaler is the first major SSE/SASE vendor to deliver a vertically integrated, production-ready zero-trust enforcement layer specifically for agents — spanning identity lineage, tool-use controls, endpoint risks, and MCP governance in a single platform. For CISOs already running Zscaler for workforce access, this provides a migration path to governing AI agents within the existing ZTE policy framework without introducing a separate point solution.
Applicability
Relevant to enterprise organisations with existing Zscaler deployments deploying agentic AI workflows; evaluators should review the AI Access Graph's identity-lineage coverage and compare MCP broker control granularity against point-solution alternatives such as Linx Agentic Access Control.