
About The Company
Enterprise AI-wide agent initiatives
Distributed operations in a regulated environment
Focused on authorization, observability, and governance
THE COMPANY
THE PROBLEM
A global mining and resources company was expanding the use of generative AI and autonomous agents across engineering, operations, knowledge management, and corporate functions. Operating across distributed sites in a highly regulated environment, the organization recognized that securing models alone would not be enough. The harder problem was governing agents that authenticate to systems, invoke tools, and reach business-critical resources on behalf of users — without losing control over access, accountability, and evidence.
THE SOLUTION
As the team explored agentic AI use cases, they needed more than a generic AI security discussion. They wanted a working answer to a set of concrete, architecture-level questions:
A recurring theme was the need to see the complete transaction path, not an abstract product overview. The team wanted an end-to-end demonstration of how authentication and authorization would work across agents, MCP infrastructure, and target resources.
Integrations
THE RESULTS
PointGuard AI proposed an integrated Agentic Security platform centered on the MCP Security Gateway for runtime control, complemented by Agent Mission Control and Discovery for governance.
PointGuard positioned the MCP Security Gateway as the runtime control layer for secure agent interactions: fine-grained authorization, centralized policy enforcement at the gateway, observability into agent-to-resource and tool behavior, and data protection with runtime guardrails. To meet the on-behalf-of (OBO) requirement, PointGuard shared authorization-code-based authentication flow diagrams covering both a direct path and a mediated path — including scenarios spanning VS Code Copilot and LibreChat with Amazon Bedrock AgentCore. The flows showed how access tokens could be scoped and mapped to the individual logged-in user on the outbound leg from the gateway to the MCP server or authorization server. Follow-up sessions focused specifically on Cedar policies and UI-based observability traces, so the team could see how policy enforcement and evidence would surface in practice.
Alongside the gateway, PointGuard introduced broader agent governance: an agent registry, cryptographic agent identity, sponsor metadata, behavioral trust scoring, policy-compliance tracking, and evidence capture. Where the gateway handles resource-facing control, Agent Mission Control validates agent actions before execution and provides the identity, traceability, and trust signals needed to govern agents operating in enterprise environments.
Discovery provides the operational foundation — continuously inventorying agents and AI assets already in the environment and binding them to governance context. This directly addressed a nuanced challenge the team was working through: the difference between agent ownership or sponsorship for governance purposes and transaction ownership when a user invokes an agent. PointGuard modeled both and showed how they fit together, so accountability holds at the individual-user level while governance stays owned at the sponsor level.
Rather than treating AI security as a collection of disconnected controls, PointGuard AI provides a unified platform for discovery, governance, runtime protection, and autonomous agent control. The MCP Security Gateway and Agent Mission Control let the organization enforce authorization across the full user-to-agent-to-resource path, govern every tool interaction, preserve end-user accountability, and capture the evidence a regulated enterprise needs — while still moving quickly on agentic AI. For an operator of critical infrastructure, that is the difference between experimenting with AI and deploying it with confidence.
We needed to see the full user-to-agent-to-resource authorization path work end to end. PointGuard’s MCP Security Gateway gave us a single control point for authorization, policy enforcement, and observability across our agentic AI workflows.
Our expert team can assess your needs, show you a live demo, and recommend a solution that will save you time and money.