RSS

Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way

ilreb1 pts0 comments

Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way

Home<br>News<br>Security<br>Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way

Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way

Sponsored by Token Security

June 19, 2026

09:10 AM

For years, security teams built their programs around a simple premise of if you control the identities, you can control the risk. Employees authenticate through identity providers. Service accounts connect systems. API keys let workloads talk to cloud services and databases.

The actors have been very predictable. And as a result, the identity security and governance model have followed that predictability. Now, this premise is breaking.

AI agents entered the enterprise quietly, summarizing meetings, drafting emails, helping employees find information. Most security teams didn't think hard about them at first. They looked like productivity tools, because that is exactly what they were.

Then, organizations started connecting them to critical business services such as Salesforce, Snowflake, GitHub, Jira, production databases, and cloud environments. Now, they retrieve information, trigger workflows, update records, write and deploy code, and take actions across multiple systems.

Sometimes on the behalf of a human, sometimes autonomously, and sometimes in ways where it's genuinely unclear which.

This makes AI agents more than just tools. It makes them identities and most enterprises have no security and governance models for them.

The pattern is consistent across organizations. A new identity layer gets built on top of existing infrastructure with almost none of the controls that identity teams spent the last decade putting in place. An agent might be created by one team, used by another, connected to five different applications, and running on credentials that were provisioned for a completely different purpose.

It got broad access early because someone needed it to work and didn't want to slow things down. The result is a sprawl of high-privilege, low-visibility actors that most security teams can't inventory, let alone govern.

Don't let fear slow you down. AI at scale with Token Security on your side.

AI agents create, use, and rotate identities at machine speed, outpacing traditional IAM controls.

Token Security helps teams manage the full lifecycle of AI agent identities, reduce risk with remediation, and maintain governance and audit readiness without sacrificing speed.

Request a Tech Demo

According to a 2026 CSA survey commissioned by us here at Token Security, 82% of organizations discovered at least one AI agent created without the knowledge of security, IT, or governance teams in the past year, and 41% found this happening multiple times.

Here's where the security conversation has gone sideways. Most of the attention on AI security has landed on model risk, such as prompt injection, jailbreaks, unsafe outputs. While these are all an important part of the agentic AI ecosystem, they don&rsquo;t paint the complete picture enterprise security teams require. The most important piece they need must answer what can the agent actually access?

An agent that summarizes public documentation has limited blast radius. An agent connected to customer records, source code, financial systems, and admin-level cloud credentials is a different problem entirely.

A bad prompt, a compromised session, a malicious plugin, or a misconfigured integration can turn an overprivileged agent into a path for data exfiltration, destructive action, or lateral movement through systems that were never meant to be connected.

This is no longer theoretical, 65% of organizations experienced a security incident involving an AI agent in the past year, with 61% reporting exposure or mishandling of sensitive data as a result (source).

Getting control starts with visibility. Security teams need AI agent discovery and inventory that extends beyond just names and platforms to answer questions that actually matter.

Who owns this agent? Who can invoke it? What systems is it connected to? What credentials does it use? What can it read, write, delete, or execute in each target application?

This is harder than it sounds, because the surface isn't obvious. A security team might know a sales assistant exists in an AI platform without knowing it runs on a Snowflake service account with admin privileges. They might know a coding agent is installed on developer endpoints without knowing which secrets, repositories, and CI/CD pipelines it can reach.

The agent itself is only part of the picture. Everything the agent's identities can touch is the actual exposure surface.

The second piece is purpose. Security and governance can't be purely permission-based with AI agents. It has to account for the agent&rsquo;s intent. A sales prep agent only needs read access to CRM records. It doesn't need to delete database tables.

A finance workflow...

agent security identity organizations teams identities

Related Articles

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

German ruling declares Google liable for false answers in AI Overviews

ahlCVA15 ptsgoogle court search overviews content users

Britain Became as Poor as Mississippi

SanjayMehta15 ptsbritain mississippi next financial crisis self
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.