The Announcement
Akeyless, a secrets management and identity security vendor, has published its 2026 State of AI Agent Identity Security report, drawn from a survey of 400 IT and security leaders across the United States and United Kingdom. The headline finding is stark: two-thirds of organizations using AI agents suspect those agents have already accessed data beyond their intended scope. The report documents an average detection time of 14 hours for a compromised agent, nearly a week to contain and remediate, and more than $1 million spent per organization in the past year responding to AI agent identity and security incidents. Only 7% of respondents believe their current controls would prevent a compromised agent from operating undetected.
Analyst Take
The Credential Problem Is Structural, Not Incidental
The core finding here is not that AI agents are being attacked from outside. It’s that they’re being provisioned with static, long-lived credentials that carry broad permissions, then deployed into systems where nobody has real-time visibility into what they’re actually doing. More than four in five organizations surveyed say a single compromised credential could affect multiple major systems. Fewer than half report full visibility into where those credentials are stored. That is a fundamental secrets management failure, compounded by the fact that AI agents operate continuously and autonomously, unlike human users who log in and log out in defined sessions.
The 14-hour detection window is particularly damaging in this context. An AI agent operating with valid credentials can traverse multiple systems in seconds. A 14-hour window isn’t a gap; it’s a chasm. By comparison, ECI Research data shows that 32% of enterprises already take hours to become aware of production issues in conventional application environments, according to ECI Research’s AppDev Done Right survey (2025). Add autonomous AI agents into that visibility deficit, and the exposure compounds significantly.
What This Means for ITDMs
The business cost framing in this report deserves direct attention from IT and security budget owners. More than $1 million in average annual spend on AI agent identity and security incidents is not a rounding error. It’s a material operational line item that most enterprise security programs did not plan for when they authorized AI agent deployments in 2024 and 2025.
The structural problem is that AI agents were approved through change management processes designed for software deployments, not autonomous identity actors. They received credentials the way APIs do: statically, at provisioning time, with permissions scoped broadly enough to function across anticipated use cases. What nobody modeled was the blast radius when those credentials are compromised or misconfigured, because the assumption was that a human would always be in the loop to catch problems. That assumption is wrong at agent scale.
ITDMs should also consider the liability framing here. Nearly three-quarters of surveyed organizations say AI adoption would move faster if these risks were better controlled. That’s not a security team saying they want to slow things down. That’s a business signal that identity security infrastructure has become a bottleneck on AI ROI.
What This Means for Developers
From a technical standpoint, the report exposes a pattern developers have normalized that now carries real production risk: embedding API keys and static secrets in code and workflows because it’s the fastest path to getting an agent working. That practice made sense when the agent was a script running in a controlled environment. It does not make sense when the agent is an autonomous system with real-time access to core business data, capable of acting across dozens of connected systems without human review.
The Akeyless position, ephemeral identities issued at execution time and revoked immediately after, is the correct architectural direction. It mirrors the zero-trust principle applied to machine identity: trust nothing by default, validate continuously, grant least privilege at runtime. The implementation challenge is that most secrets management tooling was designed for human-session models or static service accounts. Extending it to cover agents that spin up, act, and spin down in milliseconds requires a different class of tooling.
ECI Research’s 2025 AI Builder Summit survey found that 44% of enterprise AI leaders have only moderate confidence that AI agents can act autonomously without human intervention. The Akeyless data suggests that confidence level may be optimistic, given how poorly the underlying identity governance infrastructure is prepared for autonomous operation.
Developers building agentic workflows today should treat credential lifecycle management as a first-class architectural concern, not an operational afterthought delegated to the platform team after launch. The shift toward ephemeral, context-aware credentials at the agent layer is not optional as agent deployments scale. It’s the only model that keeps blast radius manageable.
Looking Ahead
The Governance Gap Will Define AI Deployment Velocity
The near-term trajectory is clear. Organizations will not slow AI agent deployment. The economics are too compelling and competitive pressure is too high. What will change is the security requirement attached to agent provisioning. Within 12–18 months, expect enterprises to establish formal AI agent identity policies as a condition of production deployment, similar to how container security policies emerged after Docker adoption scaled.
Vendors who can demonstrate real-time, ephemeral credential issuance with full audit trails will have a measurable advantage in regulated industries, particularly financial services and healthcare, where the compliance cost of a 14-hour detection window on a privileged agent is existential. The market for runtime AI identity security is nascent but growing quickly, and this report is an early data point in what will become a well-documented category.
Detection Must Become the New Perimeter
The longer structural shift is from perimeter-based AI security, controlling what agents can access at provisioning, toward continuous runtime monitoring of what agents are actually doing. That requires integrating AI agent telemetry into existing observability and SIEM stacks in ways that most enterprises have not yet architected. The 14-hour detection lag is not purely a credentials problem. It’s also an observability problem. Organizations that invest in both runtime identity management and agent-level behavioral monitoring will close that window substantially. Those that treat AI agent security as a pure IAM function, without the observability layer, will continue absorbing seven-figure incident costs while remaining largely blind to the activity generating them.
Stay Ahead of Application Development Trends
Get weekly analyst insights, research notes, event coverage, and AppDevANGLE updates delivered directly to your inbox.
Subscribe for Weekly Insights
Join technology leaders, practitioners, and GTM teams following the trends shaping modern software delivery.
Looking for deeper research access?
Explore ECI Research reports, survey insights, and market analysis through the ECI Research Portal.
