Close Menu
  • Homepage
  • Local News
  • India
  • World
  • Politics
  • Sports
  • Finance
  • Entertainment
  • Business
  • Technology
  • Health
  • Lifestyle
Facebook X (Twitter) Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • DMCA
Facebook X (Twitter) Instagram Pinterest
JHB NewsJHB News
  • Local
  • India
  • World
  • Politics
  • Sports
  • Finance
  • Entertainment
Let’s Fight Corruption
JHB NewsJHB News
Home»Technology»Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds
Technology

Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds

July 10, 2026No Comments10 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds
Share
Facebook Twitter LinkedIn Pinterest Email

Share one API key throughout 5 AI brokers, and a single compromised agent inherits the attain of all 5. The attacker instantly advantages from the gathered permissions of each workflow that the important thing touches. The forensic path goes chilly on the credential degree as a result of 5 brokers on one account depart no document of which agent did what.

Sixty-nine p.c of enterprises run brokers with credential sharing someplace of their deployments, based on VentureBeat’s June 2026 Pulse Analysis wave of 107 enterprises.

That one quantity explains the shopping for spree reshaping enterprise safety this yr. Palo Alto Networks, CrowdStrike, and Cisco have collectively guess greater than $22 billion on it up to now yr, focusing on precisely the layer most enterprises on this survey have not completed constructing.

Palo Alto Networks accomplished its acquisition of CyberArk on February 11 for $21.1 billion in whole consideration at shut — a deal it introduced final July at roughly $25 billion and the biggest within the firm’s historical past.

CrowdStrike closed its $740 million acquisition of runtime authorization platform SGNL and, by June 15, shipped the primary product from the deal, Steady Id for AI Brokers. CrowdStrike built-in SGNL in lower than a yr, delivering a product that validates each agent motion in actual time primarily based on who owns it, who is looking it, and the gadget’s threat posture.

Cisco introduced its intent to accumulate non-human id specialist Astrix Safety on Might 4 for a reported $400 million.

For a safety director, this survey reads as a board-level query, not a pattern line. It additionally surfaces a discovering no competitor’s information exhibits, one which exposes which corporations are essentially the most in danger.

The information under is the primary take a look at VentureBeat’s Q2 Agentic Safety report, drawn from 107 certified respondents at organizations with greater than 100 workers. The complete report might be launched to attendees at VB Rework, the occasion in Menlo Park subsequent week (July 14-15) specializing in enterprise autonomous brokers.

Forty-five p.c are remaining decision-makers for AI purchases. The pattern skews mid-market, so learn the numbers because the view from organizations adopting agent safety proper now fairly than from the biggest enterprises.

Greater than half of respondents, 54%, have already had an agent safety incident or near-incident. Eighteen p.c confirmed an incident, and thirty-six p.c caught a near-miss earlier than a breach. Safety groups are stopping most of those occasions on the final management level within the chain, however the remainder of the information exhibits how skinny that margin is.

Your brokers are sharing credentials

Solely 32% of enterprises give each AI agent its personal scoped, managed id. Practically half (48%) report that some brokers have scoped identities, whereas many nonetheless share credentials. One other 32% say brokers largely run on shared API keys or borrowed human and service-account credentials. The survey query allowed multiple choice, and 24 of the 107 respondents selected a number of choices — which is why the three classes sum to 112%. Deduplicated by respondent, 74 organizations, or 69%, flagged credential sharing in at the very least one reply.

One quantity explains why the acquisitions goal this layer. A shared credential converts a single compromised agent into many, and CyberArk’s analysis places machine identities at 82 for each human in organizations worldwide, with brokers because the fastest-growing class of the ratio. Cisco made the identical analysis when it purchased Astrix, whose founders constructed the corporate round API keys, service accounts, and OAuth tokens. Cisco’s announcement calls these the credentials AI brokers are actually “utilizing (and abusing)” to execute work at scale.

Adam Meyers, senior vice chairman of counter adversary operations at CrowdStrike, described the mechanism instantly in an interview with VentureBeat. Some AI methods have their very own identities, he stated, and in different circumstances “individuals give their id to the AI to take motion on their behalf, and that additionally additional form of murkies the water and makes it very complicated.” The murk is the purpose, as a result of when the id is shared, attribution dies with it.

Publicity scales with measurement, and containment doesn’t

Forty-nine p.c of enterprises implement scoped permissions at runtime, and 47% monitor and log agent exercise, which will help cut back safety incidents. Solely 30% sandbox their highest-risk brokers, the one management that limits blast radius when the primary two fail. Isolation is what retains a single compromised agent from changing into a deployment-wide occasion. Enterprises have funded detection and resistance, however the containment layer barely exists.

The sharpest discovering within the survey, and the one no vendor report captures, exhibits up whenever you cut up outcomes by firm measurement. The incident fee is 49% for corporations with 101 to 1,000 workers, but it surely shoots as much as 63% for corporations with greater than 1,000. Sandbox isolation strikes the opposite means, falling from 35% to twenty% on the bigger corporations.

The chart above exhibits the identical discovering at finer granularity: the 49%/63% cut up above is a binary lower at 1,000 workers, whereas the bars right here break incident fee and isolation fee into 4 measurement bands. The pink line measures incidents and near-misses, and the navy tracks the one management that accommodates injury after every thing else fails. At organizations with 101 to 250 workers, the 2 sit 7 factors aside, however above 5,000, the hole blows out to 60 factors. That prime band swimming pools the survey’s two largest measurement teams and holds solely 15 respondents, so deal with the quantity as directional. Bigger enterprises run extra brokers throughout extra methods, which drives incidents up whereas sandboxing, the engineering undertaking that may include them, goes unfunded. The enterprises with essentially the most brokers have the least isolation round them.

The offers goal precisely these accounts. Palo Alto Networks, Cisco, and CrowdStrike promote to giant enterprises first, the place incident charges are highest and containment is the thinnest.

Guarded by whoever shipped the mannequin

The mannequin suppliers are the safety layer. OpenAI’s built-in guardrails lead at 51%. Google Cloud reaches 36%, Microsoft Azure’s Purview and Copilot Studio DLP 35%, and Anthropic’s managed-agent controls 29%. Eighty-two p.c of respondents title a provider-native or hyperscaler management as their single major agent safety layer.

The aim-built specialists are in single digits, with Palo Alto Networks’ Prisma AIRS at 7%, CrowdStrike at 6%, and Okta for AI Brokers at 4%. Zenity and the devoted non-human id platforms are at 3% every. Microsoft Entra Agent ID is the highest-penetration identity-specific management within the dataset at 13%, the one one from a hyperscaler, and it nonetheless falls outdoors the highest 4. Solely 5% of enterprises run no devoted agent tooling in any respect, and the remainder have tooling that got here pre-installed.

Bundled controls lead as a result of they ship free and are enabled by default. Most filter prompts and outputs, however they don’t give an agent its personal id or sandbox it. Hyperscalers promote identity-layer merchandise, and Entra Agent ID is within the dataset at 13%, however adoption stays low. The 2 controls that reward incident information essentially the most, scoped id and isolation, are the 2 that the default stack doesn’t embody.

Immediate-and-output filters consider whether or not a name seems to be malicious. That’s an intent drawback, and intent can’t be solved on the language layer. CrowdStrike CTO Elia Zaitsev drew the road in an interview at RSAC 2026. “Observing precise kinetic actions is a structured, solvable drawback,” Zaitsev stated. “Intent is just not.” CrowdStrike’s Falcon sensor walks the method tree on an endpoint and tracks what brokers did, not what brokers appeared to mean. A scoped id and an isolation boundary give that sensor one thing to trace, whereas a shared credential on a bundled guardrail doesn’t.

Cloud safety went by way of the identical cycle a decade in the past, and Palo Alto Networks, CrowdStrike, and Wiz constructed multi-billion-dollar companies on the gaps native cloud controls left open. Agent safety is monitoring the identical path quicker. A misconfigured storage bucket sat open till a human observed. A misconfigured agent exploits its personal over-permissioning on each run, and no human is watching when it does. Merritt Baer, chief safety officer at Enkrypt AI and a former deputy CISO at AWS, advised VentureBeat that the default layer is thinner than enterprises assume. “Enterprises imagine they’ve ‘permitted’ AI distributors, however what they’ve really permitted is an interface, not the underlying system,” Baer stated. “The true dependencies are one or two layers deeper, and people are those that fail below stress.”

Snug, unconvinced, and already purchasing

Right here is the contradiction value a keynote slide. Enterprises fee their agent safety tooling 4.2 out of 5, with worth for cash at 4.1 and ease of implementation at 3.9. These scores would make most SaaS distributors envious.

Solely 35% imagine their AI-enabled defenses are forward of AI-enabled attackers, whereas thirty-two p.c name it roughly even. Twenty-one p.c say attackers lead, and one other 21% say it’s too early to inform, exhibiting how enterprises belief their tooling greater than they belief its outcomes.

Budgets verify it. Forty-six p.c allocate 6 to 10% of the safety funds to agent safety, and a full third spend 5% or much less. Half the pattern has already had an incident or near-miss, however the funding doesn’t match the publicity.

Fifty-nine p.c plan to undertake, add, or change agent safety tooling inside 12 months, and twenty-nine p.c plan to maneuver this quarter. OpenAI leads ahead curiosity at 34%, adopted by Google at 30%, Anthropic at 29%, and Azure at 25%. The devoted distributors draw extra curiosity wanting ahead than their present single-digit footprint suggests. Glad clients don’t reshuffle this quick except they know the stack they’re at the moment utilizing is provisional.

Three strikes for safety administrators

1. Stock each agent’s credentials this quarter. Map which brokers share credentials with different brokers and which run on borrowed human or service-account identities. The purpose is just not one credential per agent. Brokers that contact a number of methods want a number of scoped identities. The purpose is zero shared credentials between brokers and 0 borrowed human identities. 13 p.c of surveyed enterprises already run Microsoft Entra Agent ID. Okta for AI Brokers and the non-human id specialists promote equivalents. Shared and borrowed credentials are the very first thing to remove.

2. Sandbox the riskiest brokers first. Isolation is the least-adopted management at 30% and the one one which accommodates blast radius after prevention fails. Rank brokers by the sensitivity of what they contact and isolate the highest of the checklist. Above 1,000 workers, the place isolation falls to twenty%, that is the one highest-return transfer within the dataset. Sandboxing doesn’t require changing the agent or the platform. It requires a coverage resolution and an isolation layer.

3. Match the funds to the incident fee. A 3rd of enterprises fund agent safety at 5% or much less of the safety funds, though greater than half have already had an incident or near-miss. 9 p.c allocate greater than 25% right now. The complete report breaks out publicity and containment by firm measurement, exhibiting which bands carry essentially the most threat and the least safety.

The board’s query is easier. If one in all our AI brokers was compromised this afternoon, which methods did it contact, and whose credentials was it holding? For the 69% of enterprises working brokers on shared credentials, the reply is a shrug. The path goes chilly on the key.

The complete Q2 Agentic Safety report, with the whole vendor matrix, trade cuts, and the total dataset behind these charts, debuts July 14 and 15 at VB Rework, held at Resort Nia in Menlo Park. The open query it leaves is whether or not enterprises shut the agent safety hole on their very own phrases, or whether or not a confirmed breach closes it for them.

Source link

agents API enterprises expose finds Keys research shared VentureBeat
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Grok 4.5 arrives alongside OpenAI’s new voice models for live conversations | Technology News

July 10, 2026

Google Pixel Care+ Comes to UK

July 9, 2026

Samsung Galaxy A18 Renders Leak Showing Design

July 9, 2026

Samsung Galaxy Unpacked 2026: Date, time and what to expect | Technology News

July 9, 2026
Add A Comment
Leave A Reply Cancel Reply

Editors Picks

Palestinians mourn Gaza World Cup screenings organiser killed in Israeli strike

July 10, 2026

‘Toxicity of Trump’ Could Cost Republicans Mitch McConnell’s Senate Seat

July 10, 2026

Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds

July 10, 2026

Kalshi traders see higher gas prices lasting through election day

July 10, 2026
Popular Post

Who won Jeopardy! tonight? July 28, 2023, Friday

Elon Musk’s new jet costs ₹643 crore, can accommodate 19 passengers: Report

Best Prime Day Electric Toothbrush Deals

Subscribe to Updates

Get the latest news from JHB News about Bangalore, Worlds, Entertainment and more.

JHB News
Facebook X (Twitter) Instagram Pinterest
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • DMCA
© 2026 Jhb.news - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.