Introducing PathfinderAI and MCP Server: Simplifying Privilege-Centric Identity Security by Using AI on Your Terms

Ask any security team leader about their biggest operational challenge and you'll hear a familiar answer: their analysts are drowning. Modern security operations centers (SOCs) are often cluttered with disconnected point tools. While these tools attempt to provide a cohesive picture, they often fail to make organizations safer because they don’t integrate well. This fragmentation forces analysts to spend excessive time extracting data from each tool, which delays reporting, visibility, prioritization, and, ultimately, remediation.

Identity has become the modern perimeter. However, for identity security teams, the problem is even more pronounced. Every misconfigured privilege, stale account, or shadow admin is a potential attack path. While the data to find these risks exists, it requires navigating complex product interfaces, knowing exactly where to look, and manually piecing together the True Privilege (total effective privileges) of a single identity. Now, multiply that task by hundreds of human, non-human, and agentic AI identities. It’s a time sink that most teams simply can’t afford.

Furthermore, security leaders need to communicate risk to the board, executives, and compliance teams, while analysts need to communicate findings to their leadership. Generating these reports—which involves pulling data, summarizing trends, building narratives, and highlighting the risks of inaction—is currently manual, labor-intensive work. It eats hours that should be spent on analysis and remediation, and the resulting reports are often stale by the time they're distributed.

Modern security platforms generate enormous volumes of data, yet analysts frequently report that they don't have enough visibility. Even though it’s a cliche at this point, the saying is still as true as ever: You can’t protect what you can’t see.

Organizations now manage an average of 45 security tools, each capturing overlapping yet often conflicting data streams. But, correlating this data to connect a suspicious login to an escalated privilege and a lateral movement attempt requires either deep product expertise or time-intensive effort. Not all risks are equal priority. Without clear prioritization, analysts may spend as much time on a low-risk alert as they do on a critical privilege escalation path, simply because of the order of alerting.

Even when an analyst correctly identifies and prioritizes a risk, the remediation path is rarely obvious. What are the correct steps for a shadow admin in a hybrid environment? What is the downstream impact of removing a specific privilege? To solve these challenges, security teams are turning to AI agents and large language models (LLMs) to process mass data and come accelerate better decision-making.

BeyondTrust is leading this important shift with PathfinderAI and MCP Server, asymmetrically changing how fast and easily security analysts can level up and proactively stop identity risks before they become breaches.

The Pathfinder Platform: One Place to Secure Everything

The BeyondTrust Pathfinder Platform dynamically maps and manages privilege relationships for every human, machine, and agentic identity. It continuously updates access paths and exposes hidden attack vectors in a single, unified control plane that spans Privileged Access Management (PAM), Identity Threat Detection and Response (ITDR), Cloud Identity Management, and Cloud Infrastructure Entitlement Management (CIEM).

Because Pathfinder aggregates identity, access, and privilege data from across the entire BeyondTrust portfolio, it creates a foundation for AI that analyzes your full security suite rather than operating in a vacuum.

PathfinderAI is the natural language, interactive layer built on this foundation. Simultaneously, the MCP Server enables security teams to centralize usage within their own LLM stacks and AI-driven workflows.

At BeyondTrust, we've always believed that securing privileged access shouldn't slow your business down; it should power it forward. That's why we’re providing organizations with the flexibility of using the integrated PathfinderAI to accelerate privilege-centric identity security workflows or “bring their own AI” using the MCP server.

We don’t just manage identities, we control their privileges—which is where the business risk lies. Securing privilege is arguably the fastest, most measurable path to provable risk reduction.

The most immediate business value of these new BeyondTrust capabilities is faster time-to-respond. When your analysts can ask a question in natural language and receive an accurate answer in seconds, you're compressing what used to be a 30-minute data-gathering effort into a 10-second streamlined upleveling of Tier 1 skill. Multiplied across an entire analyst team and hundreds of investigations per month, that compression translates directly into massive operational efficiency improvements and cost reduction.

For security leaders responsible for reporting upward, PathfinderAI and the MCP Server also eliminates the “manual reporting tax” described earlier. Instead of spending hours aggregating data for executive briefings, analysts can use these to surface key metrics, trends, and risk summaries that form the backbone of security reporting.

The governance model built into the platform ensures these capabilities are deployed responsibly. LLM features are disabled by default and require explicit opt-in at the site level, giving customers control over whether PathfinderAI is enabled in their environment. Access to PathfinderAI is governed by Pathfinder's RBAC controls, meaning the same access policies that govern product access also govern AI access. No analyst can query data they aren't already authorized to see, and customers have the control to turn it on or off. For security teams in regulated industries, this control model is not a nice-to-have—it's a prerequisite.

As stated earlier, PathfinderAI and the MCP Server launched in Early Access on April 15th, 2026.

• PathfinderAI: Initially available to all Identity Security Insights customers on Pathfinder in the US region.

• Pathfinder MCP Server: Initially available to all Remote Support, Privileged Remote Access, Endpoint Privilege Management, Password Safe, and Entitle customers on Pathfinder in the US region.

During the EA phase, BeyondTrust is actively collecting feedback. This feedback directly informs model tuning and feature prioritization before General Availability. We encourage every eligible team to opt in, put the PathfinderAI and MCP Server to work on real investigations, and tell us what it gets right and where it needs to improve.

To learn more about enabling these features for your organization, contact your sales representative, or reach out to one of our highly trained advisors.