>
    Strata Copilot
    Agent Discovery
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma AIRS
    3. Administration
    4. Agent Discovery
    Download PDF
    Prisma AIRS

    Agent Discovery

    Table of Contents

    Agent Discovery

    Learn about Prisma AIRS Agent Discovery.
    Where Can I Use This?What Do I Need?
    • Prisma AIRS AI Runtime Security
    Prisma AIRS supports AI Agent Discovery to track enterprise and SaaS AI agents you create using simple, no-code/low-code tools provided by cloud providers. Think of this process by creating an inventory and a security guard for your AI bots (or, agents); these processes are built on cloud platforms like AWS Bedrock and Azure AI Foundry/Open AI.
    AI Agent Discovery addresses two main objectives:
    • Determine what AI agents exist. This part of the process, referred to as configuration discovery, involves finding the blueprint of each agent, including its name, description, the brain (Foundation Model) it uses, what it knows (Knowledge Bases), and what it can do (Tools).
    • Determine how the AI agents are used. This part of the process, referred to as runtime interactions, involves watching the agent while it's working to see if it talks to another agent, uses a tool, or asks its brain (model) a question. This is primarily supported for AWS agents using their activity logs.
    AI Agent Discovery supports SaaS and enterprise AI agents. With this functionality you can discover agents from an onboarded cloud account and secure them using the AI Runtime API Intercept workflow.
    There are a few key points to consider when using AI Agent Discovery:
    • The existing Prisma AIRS Discovery page is used for cloud account onboarding; you simply need to add additional permissions to use it. Consider the following:
      • For new accounts, you'll need to onboard a cloud account if one is not present in the tenant.
      • For existing accounts in an enabled state, you need to re-apply the Terraform to provide AI Agent Discovery access for existing onboarded accounts. This process updates the inline discovery permissions.
      • For existing accounts in a disabled state (that is, cloud accounts that are disabled), attempts to re-enable the account results in failed validation. To resolve this issue, download and re-apply the onboarding Terraform configuration. Ensure that the previous tfstate file and the .terraform directory from the last apply are present before proceeding.
        The onboarding scenarios outlined above are applicable to both AWS and Azure environments.
    • Agents are discovered using the cloud provider’s API/SDK and data from the store bucket (for example, S3). This information is used to analyze invocation logs to generate a Sankey-style visualization in Strata Cloud Manager (SCM).
    • Protection is enabled using Prisma AIRS AI Runtime API Intercept.
    • Agent correlation determines whether an agent is protected, and understands the interactions. This process is achieved by analyzing storage logs and API scan logs from the log viewer in SCM. These logs include both agent IDs and asset IDs, which are used for mapping relationships.
    • When you add an API to the Agentic application, after the first call the Agent is moved to the protected state.
      After the first call to the Prisma AIRS API, the agent is moved to the protected state (as displayed in the Strata Cloud Manager Agent Discovery dashboard). This process may take approximately 10 minutes to complete.
    • For AWS Bedrock only optimized models are supported.
    • For Azure AI Foundry/Open AI only static configurations are supported.

    How AI Agent Discovery Works on Each Cloud Provider

    AI Agent Discovery functions differently based on the cloud provider.
    AWS Bedrock
    When it comes to assets, because agent versions are permanent snapshots of the agent's settings, each one is treated as a separate, discoverable item. AWS Bedrock provides good support for monitoring runtime activity (Agent to Model, Agent to Tool, Agent to Agent) by parsing detailed logs.
    Azure AI and OpenAI
    With Azure AI agents and OpenAI assistants, assets are treated differently because they don't have versions; the agent itself is the asset. At this release, AI Agent Discovery only supports finding the agent's configuration (what it is and what it knows/does). Live activity monitoring (runtime logs) is not yet supported.

    How AI Agent Discovery Provides Protection

    AI Agent Discovery represents a comprehensive blueprint for bringing visibility and security control to low-code AI development. It is designed to check if an agent is protected.
    Consider the following:
    • A unique, unified Asset ID is used for each discovered agent (or version).
    • API results show all agents, models, knowledge bases, and tools divided into Protected and Unprotected lists.

    Using AI Agent Discovery

    Prisma AIRS allows you to discover AI Agents created and used through low-code/no-code platforms from Cloud Providers. With this functionality you can discover, store, and monitor AI agents across two major cloud platforms:
    • AWS: Focuses on Bedrock Agents, including their configuration discovery and runtime interactions.
    • Azure: Focuses on AI Foundry Agents and OpenAI Assistants.
    This release only supports configuration discovery. The discovery supports Foundry Projects but not the older Hub-Based Projects.
    AI Agent Discovery includes the following key concepts:
    • Onboarding workflow and permissions. This process involves specifying the IAM roles and permissions that are required for AWS Bedrock, and Azure.
    • Agent Configuration Discovery. This process involves understanding how to discover and store metadata for components like:
      • Agent Versions and Aliases (AWS Bedrock only, storing immutable versions).
      • Foundation Models (and resolving inference types like on-demand, inference profile, and provisioned throughput).
      • Collaborator Agents (for multi-agent systems).
      • Knowledge Bases and Tools/Action Groups.
    • Agent Runtime Interactions: Describes the requirements and parsing logic for various agent interactions logged by AWS Bedrock (Agent to Model, Agent to Tool, Agent to Knowledge Base, Agent to Agent).
    • Limitations: Notes limitations such as no runtime invocation information for Azure agents in the current phase and limited support for tool types and non-Anthropic models in AWS logs.
    These key concepts represent the blueprint for the AI Agent Discovery feature, which automatically detects inventories agents built by users in major cloud platforms.

    © 2025 Palo Alto Networks, Inc. All rights reserved.