AI Agents have hidden security flaws

In a recent interview with Help Net Security, Jacob Ideskog, the Chief Technology Officer of Curity, highlighted the significant risks that AI agents pose to organisations. He expressed concern that the industry is “sleepwalking” into a security crisis as these agents become increasingly integrated into enterprise systems. Ideskog noted that AI agents and other non-human identities are proliferating at an alarming rate, with some organisations reporting that they outnumber human users by more than 80 to 1. Many of these agents are granted broad, persistent access to critical systems and data without the same level of security controls, governance, or monitoring that is typically applied to human accounts. This lack of oversight creates ample opportunities for misuse, including prompt injection, compromised credentials, and the exploitation of insecure code generated by these agents.

Ideskog drew parallels between the current state of AI agent security and the early days of API and cloud adoption, suggesting that organisations are repeating past mistakes. He pointed out that, similar to the 2010s when companies rushed to implement cloud and API solutions without fully understanding the security implications, the same pattern is emerging with AI agents. In the early API era, developers often exposed endpoints without adequate authentication, input validation, or rate limiting, leading to widespread abuse and compromise. The transition to cloud services also saw similar growing pains, characterised by misconfigured storage buckets and overly permissive roles. Ideskog warned that while the capabilities of AI agents are impressive and the pressure to adopt them is mounting, the understanding of how to secure these systems is lagging. Many teams lack a comprehensive threat model for AI, failing to consider how inputs can be manipulated or how over-permissioned agents might inadvertently take harmful actions within production environments.