Notifications
Clear all
Topic starter
06/06/2026 2:32 am
TL;DR: Enterprise AI is already delivering productivity gains for 66% of organisations, but the same deployments are expanding attack surfaces through AI agents that operate across multiple systems with elevated permissions, according to WitnessAI. Existing IAM and security models were not built for adaptive, machine-speed agent workflows, so visibility, policy granularity, and runtime enforcement now matter as much as coverage.
NHIMG editorial — based on content published by WitnessAI: the guide comparing six LLM security platforms for enterprise AI
By the numbers:
- Two-thirds (66%) of organizations report productivity and efficiency gains from AI adoption.
Questions worth separating out
Q: How should security teams govern AI agents that can access multiple systems?
A: Security teams should govern AI agents as identity-bearing actors with a defined owner, policy boundary, and runtime enforcement path.
Q: Why do AI agents create more risk than traditional automation?
A: AI agents create more risk because they can make runtime decisions across tools and systems, which expands their blast radius beyond a fixed workflow.
Q: What do organizations get wrong about browser-based AI governance?
A: Organizations often assume browser controls cover the full AI surface, but native desktop apps, IDEs, and agent tool chains can sit outside that boundary.
Practitioner guidance
- Map the full AI footprint Inventory where AI is used across browser sessions, native apps, IDEs, embedded copilots, and agent workflows.
- Test bidirectional runtime enforcement Verify that a platform can inspect prompts and responses, not just inputs.
- Require identity attribution for agent actions Ensure every agent action can be linked back to a human owner or governed non-human identity.
What's in the full article
WitnessAI's full research covers the operational detail this post intentionally leaves for the source:
- Deployment-specific architecture details for network-level inspection, browser extension governance, endpoint clients, and SASE-integrated models.
- Feature-by-feature evaluation across prompt inspection, response inspection, route/redact/block actions, and agent or MCP server discovery.
- Vendor-by-vendor strengths and constraints for teams comparing broad coverage against browser-first or infrastructure-aligned deployment models.
- Practical selection guidance for enterprises deciding which platform type fits their AI footprint and rollout constraints.
👉 Read WitnessAI's analysis of six LLM security platforms for enterprise AI →
AI agent security tools: are your IAM controls keeping up?
Explore further
06/06/2026 4:15 am
AI agent security is becoming the new identity perimeter. The article reflects a market shift away from point solutions that only watch browser traffic or static data leakage. When AI systems can operate across multiple applications and models, the practical control problem becomes one of identity attribution, policy enforcement, and runtime containment across the whole interaction path. Practitioners should treat agent governance as part of the identity perimeter, not a separate overlay.
A few things that frame the scale:
- 98% of companies plan to deploy even more AI agents within the next 12 months, despite documented rogue behaviour in 80% of current deployments, according to AI Agents: The New Attack Surface.
- Only 44% of organisations have implemented policies to govern AI agents, even though 92% say governance is critical to enterprise security.
A question worth separating out:
Q: How do security teams choose between network-level and browser-level AI controls?
A: Teams should choose based on actual AI usage paths. Browser-level tools fit web-heavy environments, while network-level inspection is better when AI activity extends into desktop apps, agent workflows, or multiple model endpoints. The right choice is the one that covers the real execution path, not the easiest deployment.
👉 Read our full editorial: AI agent security platforms expose the limits of legacy IAM controls
