SPNT
Enterprise tier · Agentic

Agent Control (ZASTAPNIK) — the control plane for AI agents and MCP

The newest attack surface is the AI agent. Zastapnik is the action layer that governs agents and MCP tools — tool-poisoning detection, agent-as-identity, and reachability analysis, all on one security graph.

Book a DemoTry the agentic scan
zastapnik-agents.view

64

Active Agents

211

MCP Tools

3

Poisoned

Tool poisoning: invoice-reader
Blocked
Over-scoped token → PII reach
Flagged
Agent action audit stream
Live

The headline proof

One sequence no point tool can run

This is the moat in a single chain — and why agent security belongs on the graph, not in a silo.

  1. 1

    Zastapnik finds a poisoned MCP tool on a live agent.

  2. 2

    The graph shows that agent can reach PII via an over-scoped token.

  3. 3

    The contradictions engine surfaces it as a single finding.

  4. 4

    Jadro explains the chain in an auditable reasoning trace that never left the environment.

Capabilities

What Zastapnik does

Three capabilities that bring AI agents and MCP under the same security graph as everything else.

Tool-Poisoning Detection

Catch malicious or drifted MCP tools before an agent runs them

Continuously inspects MCP servers and tool definitions for prompt injection, instruction smuggling, and silent schema drift on live agents.

Agent-as-Identity

Treat every agent as a first-class non-human identity

Each agent gets a tracked identity, scoped credentials, and a full action audit trail — shared with Nadzor's NHI graph.

Reachability Analysis

Know exactly what data and systems an agent can touch

Resolves the real blast radius of an agent through tokens, tools, and the security graph — including transitive paths to PII and secrets.

Architecture

The action layer on the security graph

Zastapnik acts on agents and MCP, then writes everything it learns back to the one graph all ten modules share.

Reads from

Nadzor

Identity & NHI signals

ProtivAI

Model-layer risk signals

Podatoci

Data sensitivity & exposure

Odbrana

Vulnerability findings

Zastapnik

Action Layer

Emits to graph

Agent Identities

Scoped, tracked, audited

Tool-Poisoning Findings

MCP drift & injection

Reachability Edges

Agent blast radius

Use Cases

For organizations deploying real agents

Zastapnik serves teams putting AI agents into production — where one over-scoped tool can reach everything.

AI-Forward Enterprises

  • Govern internal copilots
  • MCP server allow-listing
  • Agent action audit for compliance

Platform & DevEx Teams

  • Safe MCP rollout at scale
  • Per-agent least privilege
  • Drift detection on tool catalogs

Security Teams

  • Agent blast-radius reviews
  • Poisoned-tool incident response
  • Shadow-agent discovery

MSSPs

  • Multi-tenant agent oversight
  • Client-ready agent risk reports
  • Repeatable MCP hardening

Trust

Governed, audited, sovereign

Agent security is high-stakes. Zastapnik is built with authorization and auditability at the core.

Authorized Action

Agent interventions run under explicit authorization with full, immutable audit trails.

Complete Visibility

Every agent, tool, token, and action is discoverable — no shadow agents, no blind spots.

Least Privilege

Per-agent scoped credentials, continuously checked against real reachability.

Sovereign Option

Pair with Jadro to keep agent reasoning fully on-prem or air-gapped. Zero egress.