Tigera launches Lynx for Kubernetes AI agents

Tigera's Lynx is a unified control plane for Kubernetes-native AI agents, automatically discovering agents, assigning cryptographic identities, and enforcing policy on every action without touching agent code [Dev.to]. Lynx integrates with existing identity providers such as Entra ID, Okta, or SPIFFE/SPIRE, and forwards telemetry to customers' observability stacks [Tigera Blog].

Lynx provides a single enforcement point for AI workloads, reducing the attack surface that would otherwise be scattered across dozens of sidecars or custom admission controllers. This allows enterprises to impose sandboxing, policy, and audit requirements on agents without modifying their source, accelerating time-to-compliance for regulated sectors.

By integrating with existing identity and observability investments, Lynx lets organizations reuse their identity fabric and monitor agent behavior alongside regular workloads, avoiding siloed tooling. Tigera's decade of Kubernetes network-security experience backs the product, with the GA release including full documentation and support for multi-cluster deployments.

The industry now has a drop-in alternative to bespoke sidecars for policing AI traffic, promising comparable coverage with far less operational overhead. Lynx forces the industry to treat agents as first-class citizens in the Kubernetes security model.