Blog

Google Cloud & Gemini agents

transactionalgoogle-cloudnewssecurity

Vertex AI Agent Security Controls (2026 Best Practices)

Agent compliance, tool-use gates, and identity boundaries for Vertex AI agents — execution-time controls beyond platform defaults.

May 28, 20266 min read

Google Cloud, Unit 42, and security press documented Vertex Agent Engine risks: over-broad service agents, credential extraction, and “double agent” pivot paths. Google recommends BYOSA and least privilege — add execution verification so a compromised agent cannot run unchecked tools.

Vertex AI agent security: controls to add after “double agent” research: what teams should know

Most teams gate their first high-risk action the same day: create an agent in Agents, add a Shield Rule, and approve a held action on Overview. Open the console at console.sanctumruntime.com to start free.

Do we need a sales call before trying it?

No. Sign in, connect an agent with the SDK snippet, and run verifyAction on a staging action. Upgrade when you need fleet controls, compliance exports, or higher volume — not to prove the workflow.

Key takeaways

  • Identity hardening alone does not review each tool argument at execute time.
  • Artifact Registry exposure shows supply-chain blast radius of agent credentials.
  • Combine cloud IAM fixes with action-layer approve/block for defense in depth.

Implementation checklist

  1. Adopt BYOSA on Vertex per updated Google docs.
  2. Inventory agent tools that touch GCS, email, or billing.
  3. Gate those actions with Shield Rules + SDK verify.
  4. Test blocked path while fleet paused.

People also ask

How fast can we get value from Sanctum Console?

Most teams gate their first high-risk action the same day: create an agent in Agents, add a Shield Rule, and approve a held action on Overview. Open the console at console.sanctumruntime.com to start free.

Do we need a sales call before trying it?

No. Sign in, connect an agent with the SDK snippet, and run verifyAction on a staging action. Upgrade when you need fleet controls, compliance exports, or higher volume — not to prove the workflow.

What should we buy first — gateway or runtime trust?

Teams on Vertex should implement BYOSA per Google guidance and gate high-impact tools with Sanctum verifyAction before calls leave the agent runtime.

Guides: agentic AI risk · MCP security · runtime authorization · HITL approvals · coding agents · get startedMore: all posts · AI trust layer · open Sanctum Console

Give every agent action a trust boundary.

Start with Connect Agent, keep the SDK path for deeper fleets, and prove exactly what was approved, blocked, or contained.