Friday, 10 Jul 2026
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • DMCA
logo logo
  • World
  • Politics
  • Crime
  • Economy
  • Tech & Science
  • Sports
  • Entertainment
  • More
    • Education
    • Celebrities
    • Culture and Arts
    • Environment
    • Health and Wellness
    • Lifestyle
  • 🔥
  • Trump
  • House
  • White
  • ScienceAlert
  • VIDEO
  • man
  • Trumps
  • Season
  • star
  • Years
Font ResizerAa
American FocusAmerican Focus
Search
  • World
  • Politics
  • Crime
  • Economy
  • Tech & Science
  • Sports
  • Entertainment
  • More
    • Education
    • Celebrities
    • Culture and Arts
    • Environment
    • Health and Wellness
    • Lifestyle
Follow US
© 2024 americanfocus.online – All Rights Reserved.
American Focus > Blog > Tech and Science > Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds
Tech and Science

Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds

Last updated: July 10, 2026 7:35 pm
Share
Shared API keys expose AI agents at 69% of enterprises, new VentureBeat research finds
SHARE

Contents
Your agents are sharing credentialsExposure scales with size, and containment does notGuarded by whoever shipped the modelComfortable, unconvinced, and already shoppingThree moves for security directors

Using a shared API key across multiple AI agents poses significant security risks. If one agent is compromised, it can access the permissions of all agents sharing that key. The attacker gains control over all workflows associated with the key, and the lack of individual records for each agent makes it difficult to trace the breach.

According to VentureBeat’s June 2026 Pulse Research, 69% of enterprises use credential sharing in their AI deployments, based on responses from 107 enterprises.

This statistic highlights the ongoing investment in enterprise security, with companies like Palo Alto Networks, CrowdStrike, and Cisco investing over $22 billion in the past year to address these security layers that many enterprises have yet to fully implement.

Palo Alto Networks finalized its purchase of CyberArk on February 11 for $21.1 billion, marking the largest acquisition in the company’s history, initially announced last July at an estimated $25 billion.

CrowdStrike completed a $740 million acquisition of SGNL, a runtime authorization platform, and launched Continuous Identity for AI Agents by June 15. This product ensures real-time validation of agent actions based on ownership, caller identity, and device risk.

Cisco expressed its intention to acquire Astrix Security, specializing in non-human identity, on May 4 for a reported $400 million.

For security directors, this survey suggests a pressing board-level concern rather than a mere trend. It reveals unique insights into which companies are most vulnerable.

The data represents the initial findings from VentureBeat’s Q2 Agentic Security report, based on responses from 107 organizations with over 100 employees. The full report will be unveiled at VB Transform, an event focused on enterprise autonomous agents, happening in Menlo Park from July 14-15.

Forty-five percent of respondents are final decision-makers for AI investments. The data is biased towards mid-market enterprises, providing a perspective from those currently adopting agent security measures rather than the largest corporations.

Over half of the respondents, 54%, have experienced or nearly experienced a security incident involving agents. Eighteen percent confirmed an incident, while 36% reported a near-miss. Security teams generally intercept these events at the final control point, but the data underscores the narrow margin of error.

Your agents are sharing credentials

Only 32% of companies assign a unique scoped identity to each AI agent. Nearly half (48%) indicate that some agents have scoped identities, while many still share credentials. Additionally, 32% report that agents primarily operate using shared API keys or borrowed human and service-account credentials. The survey permitted multiple responses, resulting in the three categories totaling 112%. When deduplicated, 74 organizations, or 69%, identified credential sharing in at least one response.

See also  New Discovery of Deep Sea 'Spiders' Is Unlike Anything We've Seen Before : ScienceAlert

This single statistic explains why acquisitions focus on this layer. A compromised agent with shared credentials can lead to multiple breaches. CyberArk’s research shows there are 82 machine identities for every human in global organizations, with agents being the fastest-growing segment. Cisco recognized this issue during its acquisition of Astrix, a company built around API keys, service accounts, and OAuth tokens. Cisco’s statement highlights these credentials as those AI agents are currently “using (and abusing)” to perform tasks at scale.

Adam Meyers, CrowdStrike’s senior vice president of counter adversary operations, explained the process in a VentureBeat interview. Some AI systems have unique identities, while others operate using identities provided by humans, further complicating the situation. When identities are shared, attribution becomes impossible.

Exposure scales with size, and containment does not

Forty-nine percent of enterprises enforce scoped permissions at runtime, and 47% monitor and log agent activities, helping to reduce security incidents. However, only 30% sandbox their highest-risk agents, which limits potential damage when other measures fail. Isolation prevents a single compromised agent from affecting the entire deployment. While enterprises have invested in detection and resistance, the containment layer remains underdeveloped.

The most significant survey finding, absent from vendor reports, emerges when analyzing results by company size. Incident rates are 49% for companies with 101 to 1,000 employees but increase to 63% for those with more than 1,000. Conversely, sandbox isolation decreases from 35% to 20% in larger companies.

The accompanying chart illustrates the same finding in more detail: the 49%/63% split is a binary division at 1,000 employees, while the bars depict incident and isolation rates across four size categories. At organizations with 101 to 250 employees, the two rates are seven points apart, but in companies with over 5,000 employees, the gap widens to 60 points. This top category combines the survey’s two largest groups and includes only 15 respondents, so the number is indicative. Larger enterprises operate more agents across various systems, increasing incidents, while the engineering projects needed for containment, such as sandboxing, remain unfunded. The enterprises with the most agents offer the least isolation.

The deals specifically target these accounts. Palo Alto Networks, Cisco, and CrowdStrike focus on large enterprises, where incident rates are highest and containment is weakest.

Guarded by whoever shipped the model

Model providers serve as the security layer. OpenAI’s guardrails lead with 51%, followed by Google Cloud at 36%, Microsoft Azure’s Purview and Copilot Studio DLP at 35%, and Anthropic’s managed-agent controls at 29%. Eighty-two percent of respondents cited a provider-native or hyperscaler control as their primary agent security layer.

See also  Research shows young adults are more active after starting work, but sleep less—unless working from home

Purpose-built specialists remain in single digits: Palo Alto Networks’ Prisma AIRS at 7%, CrowdStrike at 6%, and Okta for AI Agents at 4%. Zenity and dedicated non-human identity platforms are each at 3%. Microsoft Entra Agent ID, the highest-penetrating identity-specific control at 13%, is the only one from a hyperscaler but still falls outside the top four. Only 5% of enterprises lack dedicated agent tooling, while the remainder have pre-installed tools.

Bundled controls dominate because they are free and enabled by default. Most filter prompts and outputs but do not provide an agent with a unique identity or sandbox. Hyperscalers offer identity-layer products, with Entra Agent ID at 13%, but adoption remains low. The two controls most beneficial for incident data—scoped identity and isolation—are not included in default stacks.

Prompt-and-output filters assess whether a call appears malicious. This is an issue of intent, which cannot be resolved at the language layer. CrowdStrike CTO Elia Zaitsev distinguished this in an RSAC 2026 interview: “Observing actual kinetic actions is a structured, solvable problem,” he said, but “Intent is not.” CrowdStrike’s Falcon sensor traces the process tree on an endpoint and records what agents did, not their apparent intentions. A scoped identity and isolation provide data for the sensor, whereas a shared credential on bundled guardrails does not.

A decade ago, cloud security faced a similar evolution, with Palo Alto Networks, CrowdStrike, and Wiz building multi-billion-dollar businesses on the shortcomings of native cloud controls. Agent security is progressing along the same trajectory more rapidly. A misconfigured storage bucket remained open until human intervention. A misconfigured agent exploits its excessive permissions with every operation, unnoticed by humans. Merritt Baer, Enkrypt AI’s chief security officer and former AWS deputy CISO, told VentureBeat that the default layer is less robust than enterprises assume. “Enterprises believe they’ve ‘approved’ AI vendors, but what they’ve actually approved is an interface, not the underlying system,” Baer said. “The real dependencies are one or two layers deeper, and those are the ones that fail under stress.”

Comfortable, unconvinced, and already shopping

Here is a contradiction worthy of a keynote slide. Enterprises rate their agent security tools highly, with an overall score of 4.2 out of 5, value for money at 4.1, and ease of implementation at 3.9. These ratings would be enviable for most SaaS vendors.

However, only 35% believe their AI-enabled defenses surpass those of AI-enabled attackers, while 32% consider the situation balanced. Twenty-one percent think attackers are ahead, and another 21% are uncertain, indicating that enterprises have more confidence in their tools than their effectiveness.

See also  Study Reveals a Striking Health Disparity Between US And UK Adults : ScienceAlert

Budget allocations support this. Forty-six percent dedicate 6 to 10% of their security budget to agent security, and one-third allocate 5% or less. Despite half of the sample experiencing an incident or near-miss, funding does not match the risk.

Fifty-nine percent plan to adopt, enhance, or replace agent security tools within 12 months, with 29% aiming to do so this quarter. OpenAI leads in future interest at 34%, followed by Google at 30%, Anthropic at 29%, and Azure at 25%. Interest in dedicated vendors surpasses their current single-digit market presence. Customers satisfied with their current stack do not switch this quickly unless they recognize its provisional nature.

Three moves for security directors

1. Inventory every agent’s credentials this quarter. Identify which agents share credentials with others and which use borrowed human or service-account identities. The aim is not one credential per agent. Agents interacting with multiple systems require multiple scoped identities. Eliminate shared credentials between agents and borrowed human identities. Thirteen percent of surveyed enterprises already use Microsoft Entra Agent ID. Okta for AI Agents and non-human identity specialists offer similar solutions. Eliminating shared and borrowed credentials is the first priority.

2. Sandbox the riskiest agents first. Isolation, adopted by 30%, is the only control that limits impact after prevention fails. Rank agents by the sensitivity of the data they access and isolate the most critical ones. In companies with over 1,000 employees, where isolation drops to 20%, this is the highest-return move in the dataset. Sandboxing does not necessitate replacing the agent or platform; it requires a policy decision and an isolation layer.

3. Match the budget to the incident rate. One-third of enterprises allocate 5% or less of their security budget to agent security, despite more than half experiencing an incident or near-miss. Nine percent currently allocate over 25%. The full report details exposure and containment by company size, indicating where risk is highest and protection is lowest.

The board’s question is straightforward. If one of our AI agents were compromised today, which systems would be affected, and whose credentials would it hold? For the 69% of enterprises using shared credentials, the answer is uncertain. The trail stops at the key.

The complete Q2 Agentic Security report, featuring the full vendor matrix, industry insights, and the dataset behind these findings, will debut at VB Transform, held at Hotel Nia in Menlo Park on July 14 and 15. The lingering question is whether enterprises will bridge the agent security gap independently or wait for a confirmed breach to force action.

TAGGED:agentsAPIenterprisesExposefindskeysResearchsharedVentureBeat
Share This Article
Twitter Email Copy Link Print
Previous Article The Longtail of Incarceration Unfolds in Gil Batle’s Surreal Narratives — Colossal The Longtail of Incarceration Unfolds in Gil Batle’s Surreal Narratives — Colossal
Next Article 7 Best Fashion Looks from the 2026 Essence Festival and Beyond 7 Best Fashion Looks from the 2026 Essence Festival and Beyond

Popular Posts

Soldier accused of headbutting, threatening senior after cocktail party

Jimmy Ellingham of RNZ A soldier stands accused of headbutting and threatening to kill a…

June 22, 2026

US imposes restrictions on Thai officials for deporting Uyghurs to China

The White House has taken a strong stance against the forced repatriation of Uyghur Muslims…

March 14, 2025

NYC man stabs neighbor in the chest after broomstick brawl: officials

A 27-year-old man was arrested on Saturday in connection with the fatal stabbing of a…

May 11, 2026

What was food like before the FDA?

Food fraud and safety regulations have come a long way since the mid-to-late 19th century…

May 1, 2025

Jamie Raskin Has The Perfect Response To Pam Bondi Getting Canned

House Judiciary Committee Ranking Member Rep. Jamie Raskin (D-MD) has been a vocal critic of…

April 2, 2026

You Might Also Like

UN space database aimed at easing global tensions is mysteriously down
Tech and Science

UN space database aimed at easing global tensions is mysteriously down

July 10, 2026
This Hidden App Lets you Customise Your Samsung Galaxy Phone
Tech and Science

This Hidden App Lets you Customise Your Samsung Galaxy Phone

July 10, 2026
Android’s 6 Most Battery-Draining Settings
Tech and Science

Android’s 6 Most Battery-Draining Settings

July 10, 2026
A ‘War’ Between Elephants And Humans Is Brewing in Southern Africa : ScienceAlert
Tech and Science

A ‘War’ Between Elephants And Humans Is Brewing in Southern Africa : ScienceAlert

July 10, 2026
logo logo
Facebook Twitter Youtube

About US


Explore global affairs, political insights, and linguistic origins. Stay informed with our comprehensive coverage of world news, politics, and Lifestyle.

Top Categories
  • Crime
  • Environment
  • Sports
  • Tech and Science
Usefull Links
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • DMCA

© 2024 americanfocus.online –  All Rights Reserved.

Welcome Back!

Sign in to your account

Lost your password?