What this is for
The Agents workspace is where you inspect every AI agent Guardway has discovered in your cloud accounts. For each agent you see models, tools, MCP servers, routing posture against your gateways, linked Entra ID identities when configured, and OWASP Top 10 for Agentic Applications findings. It lives at Agents in the dashboard sidebar (between Playground and Logs). The workspace has two tabs — Inventory and Findings — plus a per-agent detail view when you click a row. Org-wide totals, routing percentages, and finding breakdowns live on Dashboard → Agents — use Open Agents workspace from that tab to jump here.Discovery is configured under Settings → Integrations. You will not see agents until at least one cloud AI integration is connected and the first sync completes.
Connectors
Azure AI Foundry and Amazon Bedrock populate the inventory. Each connector discovers agents for its cloud; the Provider column distinguishes them.
Microsoft Entra ID does not add agents. It hydrates each discovered agent with execution identity (Service Principal or Managed Identity), owners, credential lifecycle, OAuth grants, and directory roles for ASI03 rules. Identity sync runs after a successful Resync on the Azure AI Foundry card (or after Test Microsoft Graph access on the Entra card).
The Azure AI Foundry connector discovers both prompt agents (default in the New Foundry experience) and legacy Assistants-API agents.
Inventory
The default tab when you open Agents (URL omitstab or uses ?tab=inventory).
Toolbar
Columns
Pagination: Rows per page (default 25), Showing X–Y of Z agents.

Agents → Inventory
Findings
Switch to the Findings tab (?tab=findings) for the org-wide OWASP list.
Toolbar
Columns
Sorted by severity (highest first), then category, then rule id.
Empty state: No OWASP findings detected. with a green shield icon.

Agents → Findings
Agent detail
Opens when you click an inventory row. Back control: Agents.Header
Agent name, provider · project · account label, Routing unknown / gateway badge, optional worst-severity chip andN ASI finding(s) anchor to the findings card, Open in console when raw_url is present.
Sections (in order)
Footer: last discovered timestamp.

Agent detail
OWASP Top 10 categories
Guardway maps findings to the OWASP Top 10 for Agentic Applications 2026 framework. Five categories are evaluated in this release from passive cloud metadata; the rest are deferred (Limits).Rule reference
ASI02 · Tool Misuse & Exploitation
ASI02 · Tool Misuse & Exploitation
ASI03 · Identity & Privilege Abuse
ASI03 · Identity & Privilege Abuse
Rules below
no_managed_identity_hint require Microsoft Entra ID and a resolved agent → principal link.ASI04 · Agentic Supply Chain Vulnerabilities
ASI04 · Agentic Supply Chain Vulnerabilities
ASI05 · Unexpected Code Execution (RCE)
ASI05 · Unexpected Code Execution (RCE)
ASI07 · Insecure Inter-Agent Communication
ASI07 · Insecure Inter-Agent Communication
Severity meanings
Lifecycle
Findings are created on first rule match, updated on each sync when the rule still fires, and pruned automatically when the rule stops firing. Deleting an agent in the provider removes its findings.Gateway routing detection
Hostname of the model endpoint is compared to registered gateway URLs.Limits
- One subscription (Azure) or account+region (Bedrock) per provider per organization in v1.
- Refresh is on-demand via integration Resync; no continuous background poll yet.
- OWASP evaluation is passive — Guardway never sends prompts to discovered agents.
- Five ASI categories evaluated (ASI02, ASI03, ASI04, ASI05, ASI07).
- ASI04 allowlist: until seeded, MCP hosts may all trigger
asi04.mcp_server_unpinned_url.
Related
- Dashboard → Agents — org-wide metrics and breakdowns.
- Topology — graph of gateways → providers → models → agents.
- Settings → Integrations — connect providers.
- Logs — request history for gateway-routed traffic.