Shared API keys for AI agents: a 69% credential-sharing risk now shaping enterprise security
venturebeat.com

Shared API keys for AI agents: a 69% credential-sharing risk now shaping enterprise security

Tech News
4 min read

Published by AINave Editorial • Reviewed by Ramit

TL;DRNew VentureBeat Pulse Research finds 69% of enterprises share AI agent credentials, expanding blast radius and complicating attribution. Only 32% give every agent its own scoped identity, and sandboxing adoption is low. The article covers what happened, why it matters for AI builders, and practical steps to close the exposure-to-containment gap.

A single compromised AI agent can reach every workflow its shared API key touches, and the forensic trail goes cold at the credential level. That is the reality for 69% of enterprises running AI agents with credential sharing, according to VentureBeat's June 2026 Pulse Research wave of 107 organizations. The finding explains why Palo Alto Networks, CrowdStrike, and Cisco have collectively spent more than $22 billion on agent security acquisitions in the past year.

What happened

VentureBeat's Pulse Research surveyed 107 qualified respondents at organizations with more than 100 employees. 45% are final decision-makers for AI purchases. The data reveals a fundamental security design flaw: shared credentials convert a single compromised agent into many, and attribution becomes impossible.

Key findings include:

The exposure-to-containment gap widens sharply with company size. The incident rate is 49% for companies with 101 to 1,000 employees, but jumps to 63% for companies with more than 1,000. Sandbox isolation moves the opposite direction, falling from 35% to 20% at larger companies.

Major security vendors are moving to fill the gap. Palo Alto Networks completed its acquisition of CyberArk for $21.1 billion. CrowdStrike closed its $740 million acquisition of SGNL and shipped Continuous Identity for AI Agents. Cisco announced its intent to acquire Astrix Security for a reported $400 million.

Why AI builders should care

For teams building and deploying AI agents, credential sharing is not just a compliance checkbox. It directly affects blast radius, forensics, and incident response.

When an agent runs on a shared API key, a single compromise gives an attacker access to every workflow that key touches. CyberArk's research puts machine identities at 82 for every human in organizations worldwide, with agents as the fastest-growing category. CrowdStrike CTO Elia Zaitsev framed the problem clearly: "Observing actual kinetic actions is a structured, solvable problem. Intent is not." A scoped identity and an isolation boundary give security tools something to track. A shared credential on a bundled guardrail does not.

Practical implications

The survey data points to three concrete actions for AI builders and security teams:

  1. Inventory every agent's credentials this quarter. Map which agents share credentials with other agents and which run on borrowed human or service-account identities. The goal is zero shared credentials between agents and zero borrowed human identities. 13% of surveyed enterprises already run Microsoft Entra Agent ID. Okta for AI Agents and non-human identity specialists sell equivalents.

  2. Sandbox the riskiest agents first. Isolation is the least-adopted control at 30% and the only one that contains blast radius after prevention fails. Rank agents by the sensitivity of what they touch and isolate the top of the list. Above 1,000 employees, where isolation falls to 20%, this is the single highest-return move in the dataset.

  3. Match the budget to the incident rate. A third of enterprises fund agent security at 5% or less of the security budget, even though more than half have already had an incident or near-miss. 59% plan to adopt, add, or replace agent security tooling within 12 months, and 29% plan to move this quarter.

Caveats

The data comes from VentureBeat's Pulse Research wave of 107 enterprises, which skews mid-market. The top size band (above 5,000 employees) holds only 15 respondents, so treat those numbers as directional. The survey measures self-reported practices, not observed configurations. The full Q2 Agentic Security report, with the complete vendor matrix and industry cuts, debuts at VB Transform on July 14-15.

FAQs

What are AI agent credentials and why do they matter?

AI agent credentials are API keys, service accounts, OAuth tokens, or human identities that agents use to access systems and data. When credentials are shared across multiple agents, a single compromised agent can reach every workflow that key touches, and attribution becomes impossible. CyberArk's research puts machine identities at 82 for every human, with agents as the fastest-growing category.

How does credential sharing increase risk in AI agent deployments?

Shared credentials convert a single compromised agent into many. An attacker immediately benefits from the accumulated permissions of every workflow that the key touches. The forensic trail goes cold because multiple agents on one account leave no record of which agent did what. 69% of enterprises run agents with credential sharing somewhere in their deployments.

What percentage of enterprises reportedly share AI agent credentials?

According to VentureBeat's June 2026 Pulse Research wave of 107 enterprises, 69% of organizations run AI agents with credential sharing somewhere in their deployments. Only 32% give every AI agent its own scoped, managed identity.

What steps can organizations take to inventory and map agent credentials?

The Pulse Research guidance recommends inventorying every agent's credentials this quarter and mapping which agents share credentials or borrow human and service-account identities. The goal is zero shared credentials between agents and zero borrowed human identities. 13% of surveyed enterprises already run Microsoft Entra Agent ID, and Okta for AI Agents and non-human identity specialists sell equivalents.

Sources

Latest Tech News