More than half of organizations (54%) have experienced a confirmed AI agent security incident (18%) or a near-miss caught before harm (36%), according to VentureBeat Pulse Research surveying 107 enterprises with more than 100 employees. The structural weakness beneath those incidents is identity management: only about a third (32%) give every agent its own scoped, managed identity, while the rest report that some agents share credentials or run on shared API keys and human or service-account credentials.

Only three in ten enterprises (30%) isolate their highest-risk agents in sandboxes to bound the blast radius when credentials are compromised. The security stack is overwhelmingly provider-native — OpenAI's guardrails (51%), Google and Microsoft's cloud controls, and Anthropic's managed-agent controls dominate — with average satisfaction at 4.2 out of 5. Despite this comfort, spending remains a thin slice of the security budget, only about a third believe their AI defenses are ahead of AI-enabled attackers, and a clear majority plan to change tooling within the year.

The research identifies an agent security gap — autonomous agents proliferating faster than the identity, isolation, and enforcement controls needed to contain them — with enterprises satisfied with controls they are simultaneously preparing to replace.