Skip to content
Tech News
← Back to articles

AI Agents Broke the Security Playbook. Here's What Replaces It.

read original more articles

For most of the last two decades, enterprise security ran on a workable assumption: the environment was knowable. Security teams could buy tools, inventory users, map systems, define policies, and rely on vendor-built dashboards and workflows to manage most of what happened next.

The model was imperfect, but it worked because the environment changed at human speed.

AI agents broke that assumption, and with it, the playbook.

Agents are not ordinary applications. They act autonomously, invoke tools, acquire access across systems, and change behavior based on context. Some are sanctioned and run in SaaS platforms. Others are unsanctioned and run locally. They can borrow human access and disappear before the next inventory scan.

They also vary enormously in what they can reach; Token Security research on how enterprises are actually deploying agents found everything from human-triggered chatbots to autonomous production services, with more than a fifth of local agents already holding direct access to production data sources.

The build-vs-buy conversation in cybersecurity has now fundamentally changed. The old question was simple: should we buy a tool or build one ourselves? In the agentic era, that framing is too narrow.

Security teams do not need to rebuild the entire stack, but also can’t rely on fixed workflows someone else created months earlier.

The better question is: which layer should security teams own?

The Limits of Fixed Security Workflows

AI agents make environments more specific, more dynamic, and harder to anticipate. A vendor can build a dashboard for common risks: overprivileged service accounts, stale credentials, dormant admin users, excessive permissions, and identities with access to production systems.

... continue reading