‍

Two of the largest identity and security companies in enterprise tech are sending the same warning: AI agents are now your biggest ungoverned insider threat, and most organizations aren't treating them that way.

Okta launched Okta for AI Agents on April 30, framing it plainly: "Simply put, AI agents are your newest opportunity, identity type, and insider threat." The product gives enterprises a way to discover, register, and revoke AI agents.

Microsoft followed with the general availability of Agent 365 in May, its unified control plane for managing agents across enterprise environments. 

Its security team put it even more bluntly: "Bad actors might exploit agents' access and privileges, turning them into unintended double agents. Like human employees, an agent with too much access, or the wrong instructions, can become a vulnerability."

The numbers behind the warning

The scale of the problem is already visible in the data:

• 88% of organizations have reported suspected or confirmed AI agent security risks
• 80% have experienced unintended agent behavior
• 23% have dealt with credential exposure from AI agents
• 65% still apply weaker security controls to AI agents than to human employees

Microsoft's own red team research documented agents being misled by deceptive content embedded in everyday documents, with the agent then accessing sensitive files it was never meant to touch. 

A malicious insider editing a SharePoint document was enough to manipulate an organizational agent's behavior.

Okta's research found that while 91% of organizations are already running AI agents, only 10% have a strategy for governing non-human identities.

Why traditional controls don't work

The core problem is that AI agents don't behave like software or like humans. They are non-deterministic, meaning their actions are hard to predict. They chain tasks across systems, accessing data outside their intended scope. 

Microsoft's security blog noted that once an AI agent is connected to tools, prompt injection "draws a thin line between being just a content security problem and becoming a code execution primitive."

Both Okta and Microsoft are recommending the same foundational controls: register every agent in a central directory with a mandatory human owner, and enforce least-privilege access at the identity layer.

CloudEagle.ai's AI governance capabilities address the same problem from the SaaS layer, providing discovery of unsanctioned AI tools and agents, usage visibility, and the ability to block access to unauthorized AI applications across the organization.

‍

The Biggest Security Risk Isn't Obvious

That's why it survives.

Expose It