Only 21% of enterprises have formal decommissioning processes for AI agents.

82% of enterprises have unknown AI agents running in their IT infrastructure.

65% of enterprises have experienced at least one AI agent-related incident in the past 12 months.

15% of enterprises identify adversarial AI attacks as their top AI security challenge.

17% of enterprises identify AI code security as their top AI security challenge.

86% of enterprises are using AI-generated code in production.

88% of enterprises believed AI could significantly enhance their security visibility in 2025.

35% of enterprises report limited or no visibility into their AI-generated code.

19% of enterprises identify agentic AI risk as their top AI security challenge.

39% of enterprises identify over-trust in AI-generated outputs as a leading anticipated risk.

69% of security practitioners at mid-sized organizations report growing difficulty keeping up with increased code volume.

49% of enterprises feel slightly or not at all prepared for upcoming AI-related regulations.

13% of enterprises feel highly prepared for upcoming AI-related regulations.

43% of enterprises report that more than half of employees use AI agents regularly.

47% of enterprises experienced a security incident involving an AI agent in the past year.

53% of enterprises have had AI agents exceed their intended permissions, leaving them vulnerable to increased risk.

54% of enterprises report having between 1 and 100 unsanctioned AI agents.

16% of enterprises report high confidence in their ability to detect AI agent-specific threats.

8% of enterprises say AI agents never exceed their intended permissions.

34% of enterprises report ownership visibility for just 26–50% of their AI agents.