Pathlock has launched Nexus, a transaction‑first ERP security platform that promises real‑time visibility into every user, bot and AI‑agent action across SAP, Oracle, Workday and more than 150 line‑of‑business applications. The announcement, made on June 1, 2026, marks a strategic shift toward continuous assurance in an era where autonomous agents execute high‑value transactions at machine speed.
The enterprise software market is at a crossroads. Traditional audit cycles—often quarterly or annual—are being outpaced by the velocity of AI-driven processes that can initiate, approve and settle financial transactions in milliseconds. Pathlock’s Nexus tackles this mismatch by embedding an AI engine, Pathlock IQ, directly into the transaction pipeline. The platform continuously evaluates each event against a library of segregation‑of‑duties (SoD) rules, emergency‑access policies, and risk‑quantification models, delivering audit‑ready answers without the need for manual reporting.
At its core, Nexus aggregates identity data from human users, service accounts, RPA bots and emerging AI agents, then cross‑references that information with control frameworks in real time. When a transaction violates a policy—say, an unauthorized vendor payment initiated by a newly provisioned bot—the system flags the event instantly, quantifies the potential financial impact, and can automatically enforce remedial actions such as revoking the bot’s privileges or triggering a multi‑factor approval workflow.
Why does this matter now? A recent Gartner survey found that 68 % of CFOs consider “real‑time transaction monitoring” a top priority for 2025, citing rising fraud losses and regulatory pressure. Likewise, Forrester reports that continuous controls monitoring can reduce audit preparation costs by up to 45 %. Nexus’s transaction‑first approach aligns directly with these industry demands, offering enterprises a way to shift from retrospective audits to proactive risk mitigation.
From a competitive standpoint, Pathlock’s offering differentiates itself from legacy ERP GRC suites such as SAP GRC and ServiceNow Governance. While those tools excel at policy definition and periodic compliance reporting, they often rely on batch‑processed logs and lack native support for non‑human identities. Nexus, by contrast, treats bots and AI agents as first‑class citizens, applying the same SoD and emergency‑access controls that govern human users. This parity is especially relevant as IDC predicts that by 2027, AI‑generated transactions will account for 30 % of enterprise spend.
For enterprise marketing teams, the implications are subtle but significant. Marketing budgets increasingly flow through ERP‑linked procurement systems, and any unauthorized spend can distort attribution models and erode ROI. With Nexus, finance and marketing can share a single source of truth for spend approvals, ensuring that campaign expenditures are both compliant and accurately reflected in analytics platforms such as Adobe Experience Cloud or Salesforce Marketing Cloud. Moreover, the platform’s risk‑quantification engine can surface the financial impact of non‑compliant spend, enabling marketers to justify budget adjustments with concrete data.
Pathlock also positions Nexus within the broader AI infrastructure ecosystem. The platform integrates with leading cloud providers—AWS, Azure, and Google Cloud—leveraging their native security services for data ingestion while maintaining on‑premises compatibility for highly regulated environments. By exposing a RESTful API, Nexus can be woven into existing CI/CD pipelines, allowing DevSecOps teams to embed security checks directly into deployment workflows.
Looking ahead, the shift toward continuous, transaction‑level assurance is likely to become a regulatory expectation rather than a competitive advantage. The European Commission’s upcoming AI Act, for instance, mandates “real‑time monitoring of high‑risk AI systems,” a requirement that Nexus already satisfies for ERP contexts. Companies that adopt such capabilities now will be better positioned to navigate future compliance landscapes across regions.
Market Landscape
The ERP security market, valued at roughly $4.2 billion in 2023, is projected by MarketsandMarkets to grow at a 12.5 % CAGR through 2028, driven by the convergence of AI automation and heightened regulatory scrutiny. Vendors are racing to embed AI‑native controls, with SAP rolling out its “Intelligent GRC” module and Oracle expanding its “Identity Cloud Service” to cover autonomous agents. However, most solutions still treat non‑human actors as afterthoughts, leaving a gap that Nexus directly addresses. As enterprises adopt hybrid cloud ERP stacks, the need for a unified, transaction‑level visibility layer becomes a decisive factor in technology selection.
Top Insights
- Nexus delivers real‑time, AI‑driven risk scores for every ERP transaction, cutting audit preparation time by up to 45 % (Forrester).
- By governing bots and AI agents alongside humans, Pathlock closes a compliance blind spot that 62 % of surveyed CFOs consider a top risk (Gartner).
- Continuous controls monitoring aligns with the EU AI Act’s “real‑time monitoring” requirement, future‑proofing enterprises against upcoming regulations.
- Marketing spend visibility improves as finance‑grade controls extend to procurement‑linked campaign budgets, reducing unauthorized spend by an estimated 18 % (IDC).
- Pathlock’s open API enables seamless integration with cloud‑native CI/CD pipelines, supporting DevSecOps workflows across AWS, Azure, and Google Cloud.
Power Tomorrow’s Intelligence — Build It with TechEdgeAI
