The promise of microsegmentation has always been about reducing the attack surface in a bid to lower risk. In the modern era of AI agents, existing methods of network segmentation might not be enough anymore, according to Zero Networks.
The company, which was founded in 2019, built its platform around the argument that existing microsegmentation tools demand too much manual effort to be practical at scale. Zero Networks’ approach is agentless and automated, enforcing network segmentation without dedicated agents on managed assets or manual policy creation.
The rise of AI agents inside corporate environments has added a new dimension to that problem. Employees are running AI tools that operate as autonomous processes on endpoints, connecting to internal systems and external services, often without any network policy governing what they can reach. Now the company is tackling the next big challenge, with AI Segmentation, a new set of platform capabilities extending that enforcement model to cover AI agent control, unsanctioned cloud AI services, and AI-driven lateral movement.
“As long as networks are open, it will be easy for hackers or attackers,” Benny Lakunishok, co-founder and CEO of Zero Networks, told Network World.
Where traditional microsegmentation falls short
Early microsegmentation relied on VLANs and IP-based isolation, which provided a basic level of control. Those controls were coarse and provided little enforcement at the host level. The next generation of tools largely relied on agents and sometimes even hardware dependencies, to identify and isolate traffic.
Zero Networks is taking a different approach. Rather than requiring agents on managed assets or dependencies on hardware, the platform is agentless and automated. Lakunishok’s argument is that if segmentation is too hard, organizations simply will not do it.
“What’s difficult or what’s hard you don’t do,” he said. “What’s easy you do.”
How the platform works
Zero Networks starts with discovery. The platform syncs with asset repositories including Active Directory, Microsoft Entra ID (formerly Azure AD), and third-party tools such as Axonius to build a complete inventory of everything on the network.
Policy is written at the label and group level, not against raw IP addresses. An administrator defines that one environment cannot talk to another, and the platform translates those rules into IP-level enforcement in real time. Lakunishok called the approach “living off the land defense,” using whatever native control already exists on the asset. On Windows, that means Windows Firewall. On Linux, it is IPTables or NFTables. For IoT and OT devices, the platform manages ACL rules directly on the network switch.
Once an administrator selects an asset and sets an enforcement date, the platform enters a learning period and builds rules automatically. Before enforcement begins, it simulates against observed traffic to show what would be allowed, blocked or MFA-challenged on the enforcement date.
How Agentic AI changes the game for microsegmentation
Zero Networks’ push into AI controls came directly from its customer base. The questions organizations were asking were straightforward: What are my AI agents doing and where are they connecting to The platform addresses this by treating AI agents the same way it treats any other process running on a managed OS.
From a network behavior standpoint, agents share some characteristics with traditional bots, though fingerprinting is more straightforward since they originate from known, legitimate vendors. The platform identifies what an agent is, learns what it typically does, and enforces a least-privilege boundary around it. When an agent attempts a connection outside that boundary, the platform blocks it and alerts both the end user and the security team.
On the SaaS side of AI, Zero Networks categorizes all outbound internet connections. An organization can permit access to a sanctioned AI service while blocking all other AI destinations in a single policy rule, covering both well-known tools and niche services employees may be running without authorization.
AI is also changing the threat side of the equation. Attackers are using AI to build tools faster and run them more autonomously, shortening the window between initial access and lateral spread. Zero Networks’ least-privilege enforcement model applies the same controls to AI-assisted lateral movement as to any other unauthorized connection attempt.
Roadmap: Deeper detection and inline insight
Looking ahead to the second half of 2026, Zero Networks plans to move further into the detection space and become more inline with certain protocols. The aim is to gain richer visibility into what is happening at the application layer, not just at the network metadata level.
“Microsegmentation exists to stop lateral movement, and now lateral movement has taken it up a notch because it’s more automated and easier,” Lakunishok said.