Autonomous agents spark 2026's biggest security crisis, warns ExtraHop

The enterprise has shifted from prompt-and-response AI to autonomous agents that act on behalf of users, moving data and executing multi-step workflows without human intervention. Jamie Moles of ExtraHop argues this transition has created a critical trust gap because traditional security tools fail to differentiate between legitimate automated workflows and malicious exploits. The attack surface expands with every new Model Context Protocol server or API, leading to Shadow AI 2.0 — unsanctioned agents that spin up on the network and access sensitive internal systems outside standard identity management. Without a dynamic inventory of all AI assets, blind spots become permanent.

To defend against these threats, organizations must adopt real-time monitoring at the network level. Standard firewalls and endpoint solutions are insufficient for tracking internal agent movements, especially when a sequence of actions appears normal in isolation but signals a breach collectively. Deep network observability, including decryption and correlation of AI traffic across the stack, can reveal privilege escalation or data exfiltration. Additionally, adversaries increasingly use prompt injection to manipulate agents into ignoring security constraints. By focusing on data behavior rather than just user identity, teams can detect when an agent deviates from its intended purpose.