企业人工智能智能体安全研究

Acknowledgments Lead Authors Hillary Baron Contributors Marina BregkouJosh BukerRyan Gifford Design Stephen LumpeStephen Smith About the Sponsor Zenity is thefirst security and governance platformpurpose built for AI agents spanning SaaS, homegrown platforms (Cloud) and end user devices(Endpoint). Trusted by Fortune 500 enterprises,Zenity helps security teams confidently adopt AI bydelivering defense in depth with full lifecyclecoverage, from agent discovery and posturemanagement to real time detection, inline preventionand response. With an agent centric approach thatprioritizes how agents behave, what they access andwhich tools they invoke, Zenity eliminates blind spotsand enforces consistent policy and controls acrossenvironments so organizations can innovate with AIwithout compromising security.Learn more atwww.zenity.io. Table of Contents Acknowledgments........................................................................................................................................................3Table of Contents.........................................................................................................................................................4Executive Summary..................................................................................................................................................... 5Takeaway................................................................................................................................................................ 6Key Findings.................................................................................................................................................................. 7Key Finding 1:AI Agent Adoption Is Already Broad and Operational Across Organizations...................... 7Key Finding 2:Shadow AI Agents Are Emerging Early.................................................................................... 9Key Finding 3:AI Agent Scope Violations Are Becoming Operationally Common.....................................11Key Finding 4:Without an AI Agent Security Strategy, Compliance Becomes the Default.....................13Conclusion................................................................................................................................................................... 15Full Results................................................................................................................................................................... 16Adoption and Usage............................................................................................................................................16Security and Risk................................................................................................................................................. 18Governance and Compliance........................................................................................................................... 20Architecture.........................................................................................................................................................23Future Outlook....................................................................................................................................................25Demographics............................................................................................................................................................ 27Survey Methodology.................................................................................................................................................29Goals of the Study............................................................................................................................................. 29 Executive Summary The risk associated with AI agents is no longer theoretical. Surveyfindings indicate that autonomoussystems are already exceeding intended permissions and operating outside intended scope in day-to-dayefforts. In many environments, these behaviors occur at least occasionally, indicating that scope violationsare not isolated events but a routine operational condition. Nearly half of organizations reportexperiencing a security incident involving an AI agent and, when incidents occur, detection and responsecommonly extend into hours or days rather than minutes, expanding potential exposure windows acrossinterconnected systems. These patterns point to meaningful exposure driven not by hypothetical futureadoption, but by autonomous systems already operating at scale—often in environments where real-timeagent inventories, consistent runtime authorization controls, and comprehensive action traceability arestill maturing. Key Finding 1: AI AgentAdoption Is Already Broadand Operational AcrossOrganizations. Key Finding 3: AI AgentScope Violations Are aCommon OperationalCondition. AI agents are already used day to day by largepor