AI agents are already inside your digital infrastructure

The double agent is a figure from espionage, a spy working for both sides. AI agents have the same capability: without clear orders and a strict hierarchy, they can end up hijacking a system, triggering an event – or just meandering around in digital purgatory, waiting to be spurred back into action by some divine prompt or hallucination.

New data from the Cloud Security Alliance (CSA), a not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, suggests that 82 percent of organizations have unknown AI agents running in their IT infrastructure. Nearly two in three have experienced AI agent-related incidents in the past 12 months. The agentic economy is here, and it brings with it agentic chaos.

As agents take over a growing number of tasks, many linger past their intended use, retaining permissions and credentials that create what the CSA’s new report, commissioned by Token Security, calls “retirement debt.” Although 68 percent of respondents report high confidence in their visibility into AI agents, the number of shadow agents being discovered, wandering the digital plains like lost tardigrades, puts the lie to this confidence.

“Left unchecked, this debt will continue to grow, accumulating quietly until it becomes a structural exposure, setting the stage for larger governance challenges.”

“As agents gain greater autonomy, governance must evolve into a more unified, operational model that can sustain control at scale,” said Hillary Baron, AVP of research for Cloud Security Alliance. Risk and delegation are key factors for effective governance.

“AI agents are outpacing the identity systems meant to secure and control them, and it’s already showing up in unknown agents and real incidents in the enterprise,” said Itamar Apelblat, CEO of Token Security. “These agents are not just another workload. They are a new type of identity and legacy controls don’t work. Securing them requires an intent-based model, where every agent is continuously scoped to its purpose.”

Prove Identity Platform aims to create lasting trust

Prove Identity has launched a new unified platform that offers continuous verification for a “persistent foundation of trust,” according to a release.

The move is spurred in part by the agentic AI boom, which has seen AI agents positioned as the next transformative technology, already deployed extensively across enterprises. Richard Crone, CEO of Crone Consulting, estimates that “by 2030, there will be 4 to 40 AI agents acting on behalf of every human on the planet.” Prove notes that OpenAI and Stripe launched the Agentic Commerce Protocol in September 2025, and Visa has named Anthropic, OpenAI, and Perplexity as agentic commerce partners. The shift to an agentic economy is happening as we speak.

The flipside of that is that “AI has driven the cost of impersonation to zero” – meaning that legacy authentication, designed for the pre-agentic area, is no longer adequate to maintain security. Point solutions leave gaps.

The Prove Identity Platform leverages three core components:  Prove Key Management for adaptive authentication, Prove Identity Manager for proactive identity monitoring and real-time alerts on key lifecycle events, and Prove Global Fraud Policy for advanced fraud protection  using network intelligence.

“AI can fabricate a face or clone a voice, but it cannot replicate a decade of real digital behavior,” said Rodger Desai, CEO of Prove. “The Prove Identity Platform is built on 12 years of authenticated identity history covering 90 percent of the world’s digitally active adults, and that foundation compounds with every interaction. That is the model the AI economy requires, and what we’ve spent the last decade building.”

Per the release, Prove’s evolving agentic AI suite extends its persistent identity foundation into agentic workflows, embedding cryptographically signed consent directly into an identity token that travels with every agent action. It is built on open protocols already integrated across AI frameworks from OpenAI, Anthropic and Salesforce.

Au10tix integrates Camunda for agentic orchestration

Biometrics and identity intelligence firm Au10tix has integrated Camunda’s enterprise platform for agentic orchestration to support Know Your Customer (KYC) and Know Your Business (KYB) workflows at scale.

A press release says Camunda’s orchestration platform enables the management of complex identity processes without embedding decision logic deep inside application code. The product coordinates document and photo capture, automated authenticity and consistency checks, third-party risk screening, and decision handling; results are consolidated into a single case, automating approval and decline decisions and routing exceptions to manual review as needed.

The new integration builds on a working relationship that goes back to 2022 and has grown over time. Stéphane Faivre-Duboz, VP of sales EMEA at Camunda, says “identity verification sits at the heart of trust in digital services. With Camunda, Au10tix has a scalable orchestration foundation that connects systems, services, and decisions into one governed process.”

“Camunda gives us robust orchestration for some of the most critical processes in our business,” says Au10tix Vice President of R&D David Voschina. “By leveraging standardized, configurable workflows, we can scale faster, introduce new verification scenarios more efficiently, and provide greater transparency. Continuous innovation is essential to staying ahead through a proactive defense framework, and Camunda strengthens our ability to anticipate threats.”

Silverfort partners to defend against attacks at scale and at speed

Dallas-based identity security company Silverfort has announced a strategic partnership with  SentinelOne, to “secure human, AI agent and other non-human identities (NHIs)” through deep technical collaboration and joint research.

Silverfort recently discovered a privilege escalation issue with Microsoft Entra ID’s AI Agent Administrator. A post on the company’s blog explains: “We discovered that accounts with only the Agent ID Administrator role could take over arbitrary service principals – including ones that have nothing to do with agent identities – by becoming owner, then adding credentials and authenticating as that principal. That’s full service principal takeover. In tenants where high-privileged service principals exist, it becomes a privilege escalation path.”

The scenario demonstrates just how much can go wrong with agents and permissions, as new forms of identity risk arise. And it’s not happening in isolation: a release points to a sophisticated supply chain attack by North Korean state actors on March 31, 2026, “executed by hijacking the npm credentials of the primary Axios maintainer. In this attack, the first infection was observed 89 seconds after publication, a pace no manual workflow could possibly defend.”

SentinelOne also caught and blocked a trojaned version of LiteLLM that had been updated by an autonomous coding assistant, which triggered a malicious action without any human in the loop.

These high profile attacks offer a look at what lies ahead for modern defences and the speed at which they must respond to agentic and identity-based threats.

In partnering, Silverfort and SentinelOne aim to secure identity at runtime, resulting in faster containment, reduced lateral movement and privilege escalation. Jointly, they offer AI-driven detection and response capabilities across endpoints, cloud workloads and user identities, through a simplified security architecture that centralizes identity security enforcement.

“Security architectures built around isolated tools are failing to keep up with modern threats,” said Ron Rasin, chief strategy officer for Silverfort. “By unifying runtime identity enforcement with autonomous AI security, we are helping organizations stop identity-driven attacks before damage occurs, and preparing them to secure the next generation of AI-powered environments.”

Melissa K. Smith, SVP of global strategic partnerships and initiatives for SentinelOne, says the two companies “want to take the guesswork out of identity protection.”

“Together, we’re delivering a level of visibility and real-time enforcement that neither identity nor endpoint tools could achieve alone, ensuring our customers remain resilient in an increasingly complex threat landscape.”

Identity Digital pursuing ‘birth certificates for AI agents’

With the race on to provide the best agentic AI management tools, Identity Digital is pursuing a novel idea in launching DNSid, which it compares to “birth certificates for AI agents.” It aims to provide a universal way to identify who is responsible for agents, which combines DNS, PKI, and blockchain elements.

According to a post on Domain Name Wire, the birth certificate analogy applies in that “while a birth certificate doesn’t open a bank account for you or get you through airport security, it’s necessary to obtain one to get the credentials needed to do so.”

The company has applied for trademarks with the U.S. Patent and Trademark Office.

Article Topics

AI agents  |  AU10TIX  |  digital identity  |  Identity Digital  |  identity orchestration  |  non-human identities  |  Prove  |  SentinelOne  |  Silverfort