AI Identity Security Frontier: Who's Accountable?

The AI Agent security category has a placement problem. Gateways, identity providers, SIEMs, all real tools with real value. But nothing out there (including most of the 'new AI vendors') see how AI agents actually reason when they decide to act. This context is vital to have effective real-time judgement and security controls around what agents are allowed to do next.   Our head of AI Daniel Morris wrote about this in a genuinely clever way. The hallway/room framing is the question every enterprise security team needs to be asking right now.   Customers have a tough job cutting through the noise in this space. It is chaos out there. This piece helps.   Link in comments. #AIsecurity #AIAgents

AI agents now outnumber human users 50 to 1 in the average enterprise. 80% are operating outside any governance framework. And the detections most security teams have built? They were designed for humans and service accounts — not for identities that adapt, clone, and scale at machine speed. In this talk, Ismael Valenzuela breaks down why agentic AI is fundamentally an identity problem and what applying zero trust principles to non-human identities actually looks like in practice — including a live prompt injection demo showing both the attack and the defense in real time. If your network includes security practitioners navigating AI in the enterprise, this is worth sharing. 🎬 https://lnkd.in/eTEstgu6 #CyberDefense #ZeroTrust #AIAgents #SANSSyF2026

We've solved the AI adoption problem. Now we have an "AI agent sprawl" problem. According to a new article in The Wall Street Journal, the ease of using platforms like Anthropic’s Claude Cowork has led to a massive proliferation of independent AI bots created by nontechnical employees. While it is fantastic to see organic adoption, this is creating serious headaches for IT around cybersecurity, conflicting outputs, and rapidly rising compute costs. Gartner estimates that the average Fortune 500 company will run over 150,000 AI agents in the next two years. Yet, only 13% of organizations feel they have adequate governance in place. Some companies are already feeling the scale of this; DaVita, for example, has over 10,000 AI agents operating internally. This is exactly why establishing strong Centers of Excellence and active Communities of Practice is so critical right now. We shouldn't stifle employee creativity, but we must build centralized platforms with proper IT controls to manage token costs, ensure safety, and prevent redundant efforts. The goal isn't less AI—it's governed, scalable AI. Read more https://lnkd.in/gZMevWBb #AIGovernance #EnterpriseAI #TechLeadership #Innovation #FutureOfWork

If AI is truly intelligent, why does it still end up wiping production databases? The issue isn’t AI itself it’s how quickly we’re integrating AI agents into production environments without proper security testing and controls. AI agents should be treated as high-risk, non-human identities, with: - Least privilege access - Strong access governance - Real-time monitoring - Strict approval workflows for critical actions Without these safeguards, incidents like data loss, leakage, and system disruption won’t be rare they’ll become the norm. #AIsecurity #Infosec #DataSecurity #AIGovernance

AI agents now outnumber human users 50 to 1 in the average enterprise. 80% are operating outside any governance framework. And the detections most security teams have built? They were designed for humans and service accounts — not for identities that adapt, clone, and scale at machine speed. In this talk, Ismael Valenzuela breaks down why agentic AI is fundamentally an identity problem and what applying zero trust principles to non-human identities actually looks like in practice — including a live prompt injection demo showing both the attack and the defense in real time. If your network includes security practitioners navigating AI in the enterprise, this is worth sharing. 🎬 https://lnkd.in/e-vKKY2Q #CyberDefense #ZeroTrust #AIAgents #SANSSyF2026

Giving an AI agent access to your network is a lot like handing a teenager the car keys 🔑 Freedom of movement requires strict rules of the road. With the shift to agentic AI, security teams must proactively govern identity, intent, and permissions across every workflow. Lawrence Pingree, Ian Swanson, and Scott Simkin unpack the definitive blueprint for AI Security strategy and why CIOs and CISOs must stop treating AI Security and Data Security as separate domains. Following the recent Portkey announcement, AI Gateway becomes a critical enforcement layer to secure the complete AI transaction chain from end to end. Dive into the full conversation ➡️ https://bit.ly/4uFVetp

Listen to the video. You would understand why deploy AI agent in to the operation and business process without security is the big concern. #AI Agent #Cybersecurity #Challenge

Lawrence Pingree, Ian Swanson, and Scott Simkin frame it well here: giving an AI agent access to your network without proper governance is handing over the keys with no rules of the road. The shift to agentic AI means identity, intent, and permissions all need to be managed across every workflow, not just at the perimeter. And as Palo Alto Networks points out, treating AI security and data security as separate domains is itself a vulnerability at this point. Worth watching for CIOs and CISOs thinking through where their AI security strategy actually stands.

AI agents are transforming productivity by acting, executing, and chaining actions across business-critical systems at machine speed—without waiting for human approval. But they also present a massive new blind spot. Every agent in your environment is a non-human identity making decisions on your behalf. Most security teams can't tell you how many are running right now. That’s why I’m proud to share that we’ve built Prompt for Agentic AI Security, SentinelOne’s real-time discovery and governance control plane. It's designed to surface every agent and MCP server (sanctioned or shadow) and score risk dynamically so organizations can adopt AI with full confidence. Turn blind trust into verified control with Prompt Security for Agentic AI. 👇 Learn more: https://bit.ly/3RtOv7r

AI agents are transforming productivity by acting, executing, and chaining actions across business-critical systems at machine speed—without waiting for human approval. But they also present a massive new blind spot. Every agent in your environment is a non-human identity making decisions on your behalf. Most security teams can't tell you how many are running right now. That’s why I’m proud to share that we’ve built Prompt for Agentic AI Security, SentinelOne’s real-time discovery and governance control plane. It's designed to surface every agent and MCP server (sanctioned or shadow) and score risk dynamically so organizations can adopt AI with full confidence. Turn blind trust into verified control with Prompt Security for Agentic AI. 👇 Learn more: https://bit.ly/4fCxFgz