The static one your identity stack assigns - and the Dynamic Identity it earns by how it behaves. FortLine learns the behavioral one across every mission and catches the agent that stops acting like itself.
A prompt-injected, poisoned or drifting agent acts entirely inside its granted permissions - so every gate says yes. The most dangerous agent looks completely authorized.
Decides which agents may act and what they may touch. Necessary - and it assumes the agent stays itself.
Filters prompts and enforces policy at the chokepoint. Blind to whether the run inside the policy is normal.
What the agent actually did, step by step, across the whole mission. This is the blind spot FortLine closes.
You want all three. Nobody argued that directory and access control made endpoint detection unnecessary - and because FortLine sits off the data path, it can never slow down, throttle or break an agent. It watches and explains.
FortLine links every anomaly to the agent conversation that produced it - the prompts, tool calls, reasoning, and the exact step where the mission went off-baseline. Investigation that took an afternoon becomes one click.
Identity vendors answer who is this agent and what may it do. That is essential, and we build on it. FortLine adds the missing dimension: a learned, living model of how each agent normally behaves - so you can tell when an authorized agent is no longer acting like itself.
Inventory every agent, model, MCP server and AI workload across clusters and clouds. Shadow-AI and posture (AI-SPM).
A self-governing AutoML engine learns each mission's normal behavior - hundreds of models per mission, no rules to write.
Catch drift, goal hijack, tool misuse and rogue behavior in production - the anomaly, not a signature.
Every alert links to the exact conversation, tool calls and reasoning that produced it. One click, not an afternoon.
Capture happens off the data path - at the kernel with eBPF, or through a transparent gateway for serverless. No SDK, no code change, and zero added latency to your agents.
The same kernel-level capture, Dynamic Identity baselining and explainable detection - now across serverless runtimes and the MCP tool mesh. Any model, any framework, any runtime: one behavioral baseline. No SDK, no code change.
Containerized and serverless agents, captured the same way.
The full agentic surface, including the tool-use layer prompt-firewalls never see.
Provider-agnostic by construction: we capture below the SDK, so any model works - even ones not on this list. A sample of what partners run:
eBPF DaemonSet or transparent gateway. Off the data path, by design.
FortLine maps to the OWASP Top 10 for Agentic Applications, with runtime behavioral evidence for the risks that show up in what the agent actually does - goal hijack, tool misuse, memory poisoning and rogue agents (highlighted below).
Start with free runtime visibility - we will baseline a mission and show you its Dynamic Identity. No SDK, no code change, off the data path.