Phantom Labs Analysis of BeyondTrust’s Identity Security Insights Data Finds Enterprise AI Agents Growing 466.7% Year Over Year

BeyondTrust researchers warn of a rapidly expanding “shadow AI workforce” creating new identity security risks, based on data uncovered through Identity Security Insights®
Some organizations operate well over 1,000 AI agents, many of which security teams were not aware existed within their environments

SAN FRANCISCO, March 23, 2026 (GLOBE NEWSWIRE) -- RSAC 2026 — BeyondTrust, the global leader in privilege-centric identity security protecting Paths to Privilege™, today released new research from its Phantom Labs™ team revealing a 466.7% year-over-year increase in AI agents operating inside enterprise environments. The findings, surfaced through BeyondTrust’s Identity Security Insights® on the Pathfinder Platform, point to the rapid emergence of what researchers call a “shadow AI workforce”—AI-driven identities deployed across cloud services and enterprise applications without centralized governance or clear visibility into the privileges they hold.

“Organizations are introducing thousands of new machine identities through AI agents, often without realizing the level of access those agents inherit,” said Fletcher Davis, Director of Research for BeyondTrust Phantom Labs. “In many environments we studied, AI agents were operating with privileges comparable to human administrators. As organizations move from chatbot use cases to more autonomous agentic AI, the identity attack surface will only expand.”

Key Findings

Phantom Labs researchers identified several concerning patterns across assessed environments:

Shadow AI agents operating outside formal IT governance, often deployed through low-code platforms or embedded enterprise applications
AI agent identities that appear appropriately governed in static reports but can elevate privileges in unexpected ways during use
Machine and AI identities outnumbering human identities by orders of magnitude, with the ratio accelerating
Long-lived API keys and static credentials used by AI agents without rotation policies or lifecycle controls

This growth is being driven by rapid adoption of AI-enabled enterprise platforms, including Microsoft Copilot and Azure AI Foundry, AI capabilities embedded in Salesforce and ServiceNow, AI-powered coding assistants, and AI features within collaboration tools such as Jira and Confluence. Some organizations already operate well over 1,000 AI agents, many of which security teams were not fully aware existed.

Unlike traditional service accounts, AI agents can inherit permissions from users or service roles, interact with APIs and enterprise tools, and act autonomously across systems. That combination of autonomy and privilege creates attack paths that traditional security tools were not designed to detect. BeyondTrust’s Identity Security Insights is purpose-built to uncover these hidden identity relationships, map real-world attack paths, and provide actionable guidance to reduce risk.

Building on Ongoing Phantom Labs Research

These findings build on a growing body of Phantom Labs research into how AI platforms introduce identity and privilege risks:

In earlier work, researchers demonstrated a real-world breach scenario involving Microsoft Copilot Studio where AI agents leaked secrets and granted unauthorized access to cloud infrastructure despite existing security controls (see webinar).
Separate research into AWS Bedrock uncovered how long-term API keys can automatically create IAM users with overly broad permissions (read blog), and the release of bedrock-keys-security, an open-source tool for detecting and blocking those exposures (available on GitHub).

Free AI Security Posture Assessment

BeyondTrust’s Identity Security Risk Assessment (ISRA), powered by Identity Security Insights, gives organizations visibility into AI agent risk as part of a broader identity security posture analysis. The assessment connects across enterprise identity systems and AI agent infrastructure to identify unmanaged AI identities, detect shadow AI, and map cross-domain privilege paths with prescriptive remediation guidance aligned to MITRE ATT&CK.

Learn more or request a complimentary assessment at https://www.beyondtrust.com/products/identity-security-insights/assessment, or visit BeyondTrust at RSA Conference 2026, Booth #S-1327.

About Phantom Labs

Phantom Labs™ researchers “think like attackers” to expose privilege escalation paths and identity attack vectors, helping defenders proactively uncover misconfigurations and detect threats in complex hybrid and cloud environments.

About BeyondTrust

BeyondTrust is the global leader in privilege-centric identity security protecting Paths to Privilege™. Identity alone doesn’t create risk. Privilege does. As human, machine, and AI agent identities explode across every environment, BeyondTrust is the only company built to discover, control, and secure privilege across all of them from a single platform. Trusted by 20,000 customers, including 75 of the Fortune 100, and recognized as a multi-category leader by Gartner, Forrester, and KuppingerCole, BeyondTrust turns identity security from a management problem into a strategic advantage.

Learn more at www.beyondtrust.com.

Follow BeyondTrust:
X: https://twitter.com/beyondtrust
Blog: https://www.beyondtrust.com/blog
LinkedIn: https://www.linkedin.com/company/beyondtrust
Facebook: https://www.facebook.com/beyondtrust

For BeyondTrust:
BeyondTrust Public Relations
P: (516)-521-5582
E: BeyondTrust@icrinc.com

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.