#United States #San Francisco #AI Security #agentic AI #Akto

Overview of Akto's 2025 State of Agentic AI Security Report

On December 8, 2025, Akto, a leader in Agentic AI and MCP Security, released its first State of Agentic AI Security Report, providing crucial insights into how businesses are integrating AI agents and the risks that accompany such rapid adoption. Based on comprehensive survey data from security leaders across diverse sectors such as finance, healthcare, and e-commerce, the report lays out a crucial benchmark for organizations deploying AI agents.

Findings and Key Insights

The findings point toward an urgent concern: momentum in the adoption of Agentic AI is outpacing security efforts, leaving organizations vulnerable to risks.

Key Statistics:

• - 31.7% of enterprises are actively experimenting with AI agents.
• - 23.8% of respondents are in pilot programs, while 38.6% have already launched agents at scale.

Despite this rapid adoption, the report reveals a concerning lack of oversight. Only 21% of organizations reported having full visibility into the actions of their AI agents, signifying substantial blind spots in operational workflows.

The Growing Risks

The quote from Bala Thripura Akasam, an Application Security Manager at Tapestry, encapsulates the situation: "The speed of adoption creates challenges for security teams trying to assess and manage associated risks." The data reflects that AI has integrated forcefully into enterprise workflows, yet the foundational controls to govern their deployment are alarmingly insufficient.

Ankita Gupta, CEO and Co-Founder of Akto, emphasizes this gap: "Developers have successfully integrated AI agents into daily operations, yet security teams are not provided with the tools or insight necessary to respond effectively. This disconnect represents a significant risk for enterprises moving into 2026."

Major Trends Identified

The report outlines three critical trends:
1. Widespread Adoption with Minimal Protection: Companies are integrating AI at rapid paces, yet a vast majority remain unprotected against potential risks.
2. Visibility and Governance Gaps: A notable 79% of companies cannot fully track the actions of their agents or the data potentially at risk, emphasizing an urgent need for better observability.
3. Lack of Guardrails: While 65% of companies recognize the importance of safeguards, only half have implemented effective action-level guardrails or monitoring systems, relying instead on outdated practices that do not align with the autonomous nature of AI agents.

Suhel Khan, CISO at Chargebee, states poignantly, "Without visibility into agent actions, governing their behavior is a guessing game."

Predictions for Agentic AI Security in 2026

Looking ahead, the report anticipates several essential requirements for advancing AI Security:

• - Shared Ownership: Formal roles in security will need to integrate Application Security and Platform Engineering efforts.
• - Standardized Permissions: Establishing clear permissions for all AI tools is critical.
• - Action-Level Logging: Mandatory tracking for all agent activities is necessary.
• - Continuous Red Teaming: Ongoing evaluations of agent security should become standard practice.
• - Risk Classification: A structured classification system for agents based on their risk and data access will be essential.

Conclusion

As enterprises head into 2026, the report signals a shift where Agentic AI Security must become as essential as traditional Cloud Security. Akto, through this study, aims to highlight the severe readiness gaps in security frameworks and calls for strategic enhancements to protect businesses as they embrace autonomous AI.

For more detailed insights, the full report can be accessed on Akto's website.