New AI-native platform capabilities address the three forces driving today’s identity crisis: credential theft at record scale, AI agents operating outside governance and access policies that were never built for a SaaS-first world.

SEATTLE and TOKYO, June 11, 2026 /PRNewswire/ — Josys, the AI-native identity security and governance platform trusted by more than 1,000 organizations and managed service providers (MSPs) across APAC and North America, today announced three new capabilities that close the identity governance gap facing enterprise security and IT teams.

The announcement arrives as identity-based threats reach historic levels. According to SpyCloud’s 2026 Identity Exposure Report, 642.4 million credentials were stolen from infostealer infections in 2025 alone,¹ making credential theft the single fastest-growing entry point into the enterprise.

AI adoption has created an equally urgent challenge. According to Gartner, 56% of non-human identities sit entirely outside structured governance.² The industry’s prevailing response has been to add more point tools, more manual reviews and more alerts that no one has time to govern.

“Identity is no longer just an IT concern. It is a board-level risk that grows every time a new AI agent is deployed or a credential leaks to the dark web,” said Yasukane Matsumoto, chief executive officer of Josys. “Legacy IGA tools were built for a world of static employee directories. That world is gone. Josys was built for the one we are actually in, where humans, machines and AI agents must be governed together, continuously, at the scale modern enterprises and their MSPs actually require.”

Built for the Scale at Which MSPs Operate

From its earliest days, Josys was designed to serve both enterprise security teams and managed service providers. That design reflects a straightforward reality: the scale of today’s identity problem has outgrown what any single in-house IT team can solve alone.

Among Josys’ 1,000-plus customers are some of the largest MSPs in the region, each managing identity across dozens or even hundreds of customer environments simultaneously. The platform was built from day one around the operational realities they face: multi-tenant architecture, continuous policy enforcement, cross-tenant alert aggregation and remediation without context-switching.

The result is a platform that reduces overhead for enterprise security teams and gives MSPs the operational leverage to deliver managed identity security at scale.

Three New Platform Capabilities

Today, Josys announces three new capabilities that close the identity security and governance gap.

Identity Threat Monitoring

Most organizations do not learn their credentials have been stolen until after an attacker has already used them. Josys changes that. The platform continuously monitors stealer logs, dark web forums and open-web paste sites for leaked employee credentials. When a match is detected, Josys maps the compromised identity to the user’s full application access profile and executes remediation automatically, revoking access across every connected application without manual triage or switching tools. For MSPs, the same workflow runs across every tenant they manage, so a single analyst can protect dozens of customers without context-switching.

AI Agent Discovery and Governance

Shadow IT once meant unauthorized applications. Today it means AI agents with privileged access to critical systems, operating outside any governance framework. With 80% of Fortune 500 companies now running active AI agents,³ the visibility gap is widening. Josys brings AI agents, including those built on Microsoft Copilot, Anthropic Claude or custom LLM frameworks, into the same identity governance control plane used for human identities. Every agent is inventoried, ownership is assigned, access is mapped and previously invisible agents are surfaced automatically.

Policy-Driven Autonomous Governance

Research from the Cloud Security Alliance shows that 55% of employees adopt SaaS applications without security’s involvement, and 43% of organizations report misconfigured settings as the root cause of at least one breach in the past year.⁴ Most governance tools still rely on periodic manual reviews, leaving policy gaps open for months as configurations drift. Josys replaces manual governance with continuous enforcement. Configure policies once, and Josys detects violations in real time, triggers remediation automatically and maintains audit-ready records across every identity, application and entitlement. With more than 60 pre-built policy templates aligned to NIST 800-53, ISO 27001, CIS Controls, NIS2, HIPAA, CMMC and DORA, Josys turns compliance from a manual exercise into a continuous, auditable practice.

The Channel Where This Gets Solved at Scale

“The MSP channel is where this problem gets solved at scale for the mid-market,” Matsumoto added. “Most identity platforms were never designed for that economic model. Ours was.”

Each of the three new capabilities operates within the same multi-tenant control plane that powers Josys’ existing customer base, so MSPs can extend identity threat detection, AI agent governance and continuous policy enforcement to every customer they serve without standing up parallel infrastructure for each tenant.

A New Standard for Identity Security

These capabilities advance Josys’ four-pillar identity security framework: Identity Visibility and Intelligence, Identity Governance, Identity Threat Detection and Response and Identity Security Posture Management. Together, they represent a shift from reactive, fragmented tooling to a single AI-native platform that governs every identity and every application, autonomously.

Sources

¹  SpyCloud, 2026 Identity Exposure Report. Available at: spycloud.com
²  Gartner, “2025 IAM Leader Survey,” n=335 IAM leaders, published 2025.
³  Microsoft Security Blog, “80% of Fortune 500 Use Active AI Agents,” Feb. 10, 2026. Available at: microsoft.com/en-us/security/blog
⁴  Cloud Security Alliance, State of SaaS Security Report 2025. Available at: cloudsecurityalliance.org

About Josys

Josys is a modern AI-native identity security and governance platform. Enterprise AI adoption has made identity the fastest-growing attack surface and the hardest to govern. Built on a foundation of more than 1,000 deployments across APAC and North America, including some of the largest MSPs in the region, Josys discovers, governs and secures every identity, human, machine and AI agent, across every application in the enterprise. Security and IT teams use Josys to surface risk, control access and remediate identity threats in real time. Josys turns identity from the fastest-growing attack surface into a continuously governed foundation for business. For more information, visit josys.com.

Media Contact
pr@josys.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/enterprise-identities-are-under-siege-josys-is-changing-how-organizations-fight-back-302798181.html

SOURCE Josys