TL;DR: AI agents for CNAPP that investigate alerts, triage findings, and trigger workflows using unified cloud context are described by Orca Security, while Gartner reports a 60% increase in security and risk management spending since 2020 and Omdia found 45% of organisations saw four or more cloud incidents in the last year. The governance lesson is that agentic speed only helps if identity, context, and approval boundaries stay visible.
NHIMG editorial — based on content published by Orca Security: AI agents for CNAPP and cloud-native applications
By the numbers:
- Gartner research shows that there’s been a 60% increase in organizational spending on global security and risk management since 2020.
- Omdia confirms this in The State of Cloud Security: Navigating Security Offerings From Cloud Service Providers and Security Vendors with 45% of organizations having experienced four or more security incidents in their cloud environment in the last 12 months.
Questions worth separating out
Q: How should security teams govern AI agents that can trigger remediation workflows?
A: Security teams should separate advisory output from execution authority, then require explicit approval for any workflow that changes state.
Q: Why do AI agents complicate cloud identity governance?
A: AI agents complicate governance because they turn identity from a static permission holder into an operational decision-maker.
Q: What breaks when cloud security automation lacks unified identity context?
A: Automation breaks when the system cannot reliably connect workload state, identity permissions, and alert evidence to the same asset or actor.
Practitioner guidance
- Separate recommendation rights from execution rights Define which AI agent outputs are advisory only and which can trigger tickets, suppress findings, or start remediation workflows.
- Normalize cloud identity context before automation Require cloud control plane data, IAM records, workload metadata, and telemetry to resolve to the same entity before any agent can make a triage decision.
- Audit the human-in-the-loop boundary Document where human approval is mandatory, what evidence the approver receives, and which actions can be reversed after execution.
What's in the full article
Orca Security's full research covers the operational detail this post intentionally leaves for the source:
- How the Unified Data Model maps cloud control plane, IAM, CI/CD, and telemetry sources into one context layer for agent decisions
- What the AI Assistant, Threat Investigation Agent, and AppSec Triage Agent each do in practice across alerting and remediation
- How Orca routes actions into Jira, SIEM, SOAR, and notification systems when a finding moves from analysis to workflow
- Why the vendor frames transparency, reasoning, and human-in-the-loop review as prerequisites for future autonomy
👉 Read Orca Security's analysis of AI agents for CNAPP and cloud-native apps →
AI agents in CNAPP: what changes for cloud security teams?
Explore further
AI agents for CNAPP are not just faster analysts, they are identity-bearing operators. Once an agent can investigate alerts, prioritise risk, and initiate tickets or remediation workflows, it begins to occupy an operational role that traditional IAM and cloud security models were not designed to govern. That shifts the problem from tool adoption to delegated authority. Practitioners should treat the agent as a governed non-human actor with defined scope, approvals, and auditability.
A few things that frame the scale:
- 98% of companies plan to deploy even more AI agents within the next 12 months, despite documented rogue behaviour in 80% of current deployments, according to AI Agents: The New Attack Surface report.
- Our research also found that only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: Should organisations keep humans in the loop for AI-driven remediation?
A: Yes, until the organisation can prove that the agent’s reasoning, scope, and downstream effects are fully auditable and reversible. Human review is still the safest control where agent outputs can trigger system change, because accountability for a machine-delegated action still has to land somewhere the business can govern.
👉 Read our full editorial: AI agent governance for CNAPP still depends on human review
AI agents for CNAPP are not just faster analysts, they are identity-bearing operators. Once an agent can investigate alerts, prioritise risk, and initiate tickets or remediation workflows, it begins to occupy an operational role that traditional IAM and cloud security models were not designed to govern. That shifts the problem from tool adoption to delegated authority. Practitioners should treat the agent as a governed non-human actor with defined scope, approvals, and auditability.
A few things that frame the scale:
- 98% of companies plan to deploy even more AI agents within the next 12 months, despite documented rogue behaviour in 80% of current deployments, according to AI Agents: The New Attack Surface report.
- Our research also found that only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: Should organisations keep humans in the loop for AI-driven remediation?
A: Yes, until the organisation can prove that the agent’s reasoning, scope, and downstream effects are fully auditable and reversible. Human review is still the safest control where agent outputs can trigger system change, because accountability for a machine-delegated action still has to land somewhere the business can govern.
👉 Read our full editorial: AI agent governance for CNAPP still depends on human review