TL;DR: Runtime security moved from theory to operational requirement in 2025 as customers, detections, and research validated execution-time protection across modern software, AI systems, and cloud infrastructure, according to Oligo Security. The broader lesson is that static inventory and pre-deployment assumptions now leave too much of the attack surface invisible once code starts running.
NHIMG editorial — based on content published by Oligo Security: Reflecting on a Breakthrough Year
By the numbers:
- Only 13% of organisations feel extremely prepared for the reality of agentic AI despite the majority racing toward autonomous adoption.
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job.
- When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes.
Questions worth separating out
Q: How should teams govern runtime security for AI systems and cloud workloads?
A: Teams should govern runtime security by focusing on live execution paths, not just pre-deployment approvals.
Q: Why do static scans fail to protect modern applications and AI systems on their own?
A: Static scans fail because they describe code or configuration before the system is exercised, while many attacks only become visible during execution.
Q: What do security teams get wrong about AI runtime risk?
A: A common mistake is treating AI runtime risk as a prompt-safety or model-quality issue alone.
Practitioner guidance
- Audit production paths for identity-bearing runtime risk Inventory where secrets, workload identities, and AI agent permissions are exercised after deployment, then distinguish those paths from build-time-only controls.
- Separate static confidence from runtime evidence Use runtime telemetry to validate whether approved code, packages, and AI workflows behave as expected under live conditions.
- Connect AppSec findings to identity scope When a vulnerability or malicious package is found, determine which identities, service accounts, and tokens can reach it in production.
What's in the full article
Oligo Security's full post covers the operational detail this post intentionally leaves for the source:
- Product-specific breakdown of CADR, AI-SPM, and AI-DR capabilities for teams evaluating runtime protection.
- Detailed discussion of the platform's vulnerable function enrichment approach and how it changes prioritisation.
- Expanded explanation of the AirBorne, ShadowRay 2.0, and Fluent Bit research findings.
- Additional context on the Application Attack Matrix and the runtime sensor observations.
👉 Read Oligo Security's year-end analysis of runtime security in 2025 →
Runtime security in 2025: what changed for practitioners?
Explore further
Runtime security has become the operational layer where identity, code, and infrastructure meet. Static controls still matter, but they no longer define the real security boundary once software is executing. That is why runtime visibility is increasingly a governance issue, not just a tooling category. Practitioners should treat execution-time context as the place where policy either proves itself or fails.
A few things that frame the scale:
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to the 2026 Infrastructure Identity Survey.
- Only 44% of organisations have implemented any policies to manage their AI agents, even though 92% agree that governing AI agents is critical to enterprise security.
A question worth separating out:
Q: How do teams decide whether runtime security should sit with AppSec or identity?
A: Teams should stop treating that as an either-or choice. Runtime security sits at the point where application behaviour and identity use intersect, so ownership has to be shared across AppSec, cloud security, and identity governance. If a flaw can be reached by a credential, token, or workload identity, it is both an application and identity problem.
👉 Read our full editorial: Runtime security became the source of truth in 2025