TL;DR: Enterprise AI agents are already operating at scale, often without review or governance, with Fortune 50 environments showing more than 150,000 agent-tied resources and 82% of those agents built by non-professional developers, according to Zenity. The real issue is not future adoption but unmanaged runtime identity sprawl that makes visibility the prerequisite for control.
NHIMG editorial — based on content published by Zenity: Your AI Agent Inventory Is Incomplete. Here's What That Means for Risk
By the numbers:
- Zenity data shows Fortune 50 organizations carrying attack surfaces with more than 150,000 resources tied to agents and automations.
Questions worth separating out
Q: How should security teams inventory AI agents across SaaS, cloud, and low-code platforms?
A: Security teams should inventory AI agents by linking each connected identity to its owner, permissions, data sources, and execution scope across every platform they touch.
Q: Why do AI agents create more identity risk than ordinary automation?
A: AI agents create more identity risk because they can combine access across multiple systems, invoke APIs, and trigger downstream actions within one session.
Q: What breaks when an AI agent is deployed without formal ownership?
A: When an AI agent has no formal owner, review, offboarding, and incident response all become slower and less reliable.
Practitioner guidance
- Inventory every connected agent and automation Create a live register of all agents, the systems they can reach, the credentials they use, and the business owner accountable for each one.
- Classify agent permissions by business action Map each agent to the data it can read, the APIs it can invoke, and the workflows it can trigger so that scope is measured in outcomes, not just entitlements.
- Attach lifecycle triggers to agent credentials Require offboarding, review, and revalidation triggers for every agent secret or token so credentials do not survive project abandonment or ownership change.
What's in the full article
Zenity's full article covers the operational detail this post intentionally leaves for the source:
- How Zenity identifies hidden agents and categorises them into sanctioned, misconfigured, and unknown populations.
- The specific enterprise examples behind the 150,000-resource and 2,000-agent figures.
- The remediation outcomes Zenity reports from assigning ownership and automating high-risk violation handling.
- The board-level roadmap content bundled in the downloadable CISO guide.
👉 Read Zenity's analysis of incomplete AI agent inventory and enterprise risk →
AI agent inventory gaps: what IAM teams need to see now?
Explore further
AI agent sprawl is becoming identity sprawl, not just application sprawl. The article describes agents created through low-code platforms, SaaS defaults, and developer toolchains, all of which produce credentials and permissions that sit inside the identity estate. That means the governance problem belongs with IAM and NHI teams, not only AI platform owners. The practitioner conclusion is straightforward: if the inventory is incomplete, the control model is already incomplete.
A few things that frame the scale:
- 96% of technology professionals identify AI agents as a growing security threat, and 66% believe this risk is immediate, according to AI Agents: The New Attack Surface report.
- Only 44% of organisations have implemented policies to govern AI agents, even though 92% agree this governance is critical to enterprise security, according to the same report.
A question worth separating out:
Q: How can organisations reduce risk from shadow AI agents already inside the enterprise?
A: Organisations should combine continuous scanning, access reduction, and credential revalidation for any agent found outside formal governance. The priority is to move unknown agents into a managed state, then decide whether they are sanctioned, constrained, or removed. That sequence is more effective than waiting for a full platform redesign.
👉 Read our full editorial: AI agent inventory gaps are widening enterprise risk in 2026