In this Help Net Security video, Amit Gautam, CTO at Abluva, explains the security risks that autonomous AI agents bring into enterprise environments.
He opens with a real case: a reconciliation agent at a financial services firm had legitimate access to a customer database. A poison instruction from upstream changed its behavior, and it scanned the entire table, extracting six million records and posting them to a Slack webhook that sent them outside the company. Every step was permitted. That is the core problem.
Gautam walks through three patterns driving this risk, employee co-pilots, sanctioned agentic workflows, and MCP integrations, and explains why agents differ from old service accounts: they are non-deterministic, easy to manipulate, and growing fast. He then lays out four pillars for governing them: discovery, permission scoping, exfiltration controls, and audit trails.
Download: The IT and security field guide to AI adoption
