AI discovery plus red teaming for agentic workloads: what changes?

TL;DR: Visibility alone is no longer enough when AI systems can behave at runtime in ways that static posture tools cannot prove safe, as Pillar Security’s integration with Wiz connects cloud AI discovery to autonomous red-teaming so joint customers can inventory AI workloads, map connected identities and data, and validate risks such as prompt injection, system prompt extraction, and tool-based exfiltration in a single workflow, according to Pillar Security.

NHIMG editorial — what this means for AI and NHI governance

By the numbers:

• 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.

Questions worth separating out

Q: How should security teams govern AI workloads that connect to tools and data sources?

A: Security teams should govern AI workloads as identity-bearing systems with observable privileges, not as isolated applications.

Q: Why do cloud discovery tools fall short for AI security governance?

A: Cloud discovery tools show where AI workloads exist and what they connect to, but they do not prove how those systems behave when tested.

Q: What should teams measure after finding exposed AI endpoints?

A: Teams should measure whether the discovered endpoint can be manipulated, whether it can access sensitive data through tools, and whether the evidence is durable enough for remediation decisions.

Practitioner guidance

• Map AI workloads to identity-bearing connections Track every AI endpoint alongside the service accounts, APIs, tools, and data stores it can reach so exposure is not assessed as a standalone asset problem.
• Validate runtime behaviour with adversarial testing Test for prompt injection, system prompt extraction, safety bypasses, and data exfiltration through tools rather than relying on design-time reviews.
• Feed AI findings into governance workflows Route validated exposure and behavioural evidence into access review, exception handling, and remediation queues so AI risk is managed like other identity-linked controls.

What's in the full announcement

Pillar Security's full blog covers the operational detail this post intentionally leaves for the source:

• How RedGraph probes AI endpoints for prompt injection, system prompt extraction, and tool-discovery behaviour
• How the Wiz Security Graph receives enriched evidence-backed findings from runtime testing
• How joint customers configure scan cadence and credentials to automate recurring validation
• How the integration is positioned across discovery, red teaming, runtime guardrails, and governance

👉 Read Pillar Security's analysis of the Wiz partnership for AI discovery and red teaming →

AI discovery plus red teaming for agentic workloads: what changes?

Explore further

View Full Forum →  |  NHI Foundation Course →