Sixty-nine percent of organizations allow their AI agents to share credentials, creating a critical vulnerability where a single compromised agent could inherit the permissions of multiple workflows—and leave no forensic trail. This practice, uncovered in VentureBeat’s June 2026 Pulse Research survey of 107 enterprises, explains the aggressive consolidation in enterprise security this year, as major players like Palo Alto Networks, CrowdStrike, and Cisco invest billions to address the gap.
The acquisitions signal a shift in focus: securing the identity layer that most companies have yet to fully implement. Palo Alto Networks finalized its $21.1 billion purchase of CyberArk on February 11, marking the largest deal in its history. CrowdStrike, meanwhile, completed its $740 million acquisition of SGNL in under a year, launching Continuous Identity for AI Agents by June 15—a product that validates every agent action in real time based on ownership, caller identity, and device risk. Cisco also entered the fray on May 4 with its intent to acquire Astrix Security for $400 million, targeting the non-human identities driving modern AI workflows.
For security leaders, the findings underscore a board-level concern rather than a passing trend. The data, drawn from 107 qualified respondents at organizations with over 100 employees, is the first look at VentureBeat’s Q2 Agentic Security report—a full version of which will be released at VB Transform in Menlo Park next week (July 14–15). Forty-five percent of respondents are final decision-makers for AI purchases, with the sample skewed toward mid-market adoption, offering a snapshot of the current state of agent security.
The credential-sharing blind spot in AI deployments
Nearly half of enterprises (48%) report that some AI agents operate with scoped identities, but many still rely on shared API keys or borrowed human credentials. Only 32% assign every agent a unique, managed identity. The survey allowed multiple responses, and 24 of the 107 participants selected more than one option—explaining why the three categories total 112%. When deduplicated by respondent, 74 organizations (69%) explicitly flagged credential sharing in at least one answer.
The stakes are high because shared credentials transform a single compromised agent into a potential breach multiplier. According to CyberArk’s research, machine identities now outnumber human identities by a factor of 82:1 globally, with AI agents as the fastest-growing segment. Cisco echoed this diagnosis in its Astrix Security acquisition announcement, emphasizing that API keys, service accounts, and OAuth tokens are the credentials AI agents are increasingly "using—and abusing" to execute tasks at scale.
Adam Meyers, CrowdStrike’s senior vice president of counter adversary operations, highlighted the problem in an interview with VentureBeat. Some AI systems have dedicated identities, he noted, but in many cases, "people give their identity to the AI to take action on their behalf," further complicating attribution. When identities are shared, the forensic trail dissolves, making it nearly impossible to trace which agent initiated a breach.
Size amplifies risk—and containment lags behind
While 49% of enterprises enforce scoped permissions at runtime and 47% monitor agent activity, only 30% sandbox their highest-risk agents. Sandboxing is the critical control that limits the blast radius when other defenses fail, yet its adoption declines as organizations grow. The survey’s sharpest finding reveals a stark divide by company size: incident rates jump from 49% in firms with 101 to 1,000 employees to 63% in those with more than 1,000. Meanwhile, sandbox isolation drops from 35% to 20% in larger companies.
The gap widens dramatically at the enterprise level. In organizations with 101 to 250 employees, the difference between incident rates and sandbox adoption is just 7 points. At companies with over 5,000 employees, that gap balloons to 60 points. This imbalance suggests that while detection and prevention strategies are maturing, containment measures—particularly isolation—are struggling to keep pace with the growing attack surface.
The implications are clear: as AI adoption accelerates, enterprises must prioritize identity segmentation and runtime isolation to avoid turning a single agent breach into a systemic failure. The investments by Palo Alto Networks, CrowdStrike, and Cisco reflect a recognition that the identity layer is the new frontier in securing autonomous systems.
Looking ahead: The next phase of agentic security
The survey data paints a picture of an industry still catching up to the realities of AI-driven workflows. With machine identities proliferating and credential sharing persisting, the window to implement robust identity and access controls is narrowing. Organizations that fail to adopt scoped identities, runtime validation, and sandboxing risk not only breaches but also regulatory and reputational consequences.
As the full VentureBeat report prepares for release at VB Transform, the findings underscore a critical takeaway: securing AI agents isn’t just about detection or prevention—it’s about containment. Until enterprises close the isolation gap, the cost of a single compromised agent could far exceed the price of prevention.
AI summary
Araştırma, şirketlerin yüzde 69’unun AI ajanlarında ortak API anahtarları kullandığını ortaya koydu. Bu durum, saldırganların tek bir ajandan tüm sisteme erişimini kolaylaştırıyor. Detaylar ve çözüm önerileri için tıklayın.
