Workday is aiming to help customers to develop and deploy agentic systems without compromising corporate security or compliance, unveiling a series of AI tools at its DevCon event this week.
Chief among them is Agent Passport, which validates an agent’s safety and compliance both before it is deployed, and continuously during its operation. When an agent attempts a task, Agent Passport can allow, block, or route the action appropriately, and problem agents can be stopped or restricted, based on company policy.
Agents will be vetted for a series of risks, including prompt injection, jailbreak and goal hijacking, system prompt extraction, leaks of employee data, and unsafe outputs. Those tests will be tied to public standards such as Mitre ATLAS, and will be performed by security partners, not by Workday. Security teams can view those attestations, receiving a signed, auditable record of who tested the agent, and what it was tested for.
Because every check is tied to a public standard, security teams can compare agents from different vendors, tested by different partners, on the same terms.
The sole testing partner at launch is Cisco.
“It’s difficult to really get ramped up in a standard with a lot of partners in the mix, so we want to get this right with just ourselves and Cisco,” said Workday CTO Gabe Monroy. “We’ll be rolling it out more broadly soon.”
No-one to blame
There are still questions to be worked out. For example, if an agent that has been tested and received its compliance stamps from a tester misbehaves, who’s on the hook? That, said Monroy, is something “we’re still wrestling with with our partners.”
Agent Passport will be available in early access in the third quarter, with general availability expected before year end.
DevCon also saw the launch of Developer Agent, which enables developers to easily build AI apps and agents, and Agent-Ready Tools, a new class of enterprise connectors created for autonomous agents.
Agent-Ready Tools provide agents with precise, easy-to-navigate business logic and context while reducing hallucination and latency, Workday said. They connect to act across Workday through open standards such as MCP. For agents that need to work beyond Workday, developers can use pre-built Pipedream connectors to create custom agent actions and expose them as Agent-Ready Tools.
Developer Agent plugs into a dev’s agentic development tool of choice, be it Claude Code, Cline, Codex, Cursor, or Google Antigravity, and can also be used to create and deploy custom agents for the Workday platform with the open AgentSkills standard (OASS). Using it, a developer can simply type a request such as “Build an agent that alerts finance when a department is trending to go over budget this quarter,” and Developer Agent will choose the appropriate Agent-Ready Tools, connect to the necessary data and services, and pull in any required documentation and examples to complete the task.
Developer Agent and Agent-Ready Tools are available to early access customers through Workday Extend Professional, with general availability planned for the second half of 2026.
Read More from This Article: Workday launches Agent Passport to test and monitor AI agents in the enterprise
Source: News