BeyondTrust's Phantom Labs research team published findings revealing that the number of AI agents operating inside enterprise environments grew 466.7% year-over-year, based on analysis of the company's Identity Security Insights platform. The research, released at RSA Conference 2026 on 23 March, paints a picture of a rapidly expanding 'shadow AI workforce' — AI-driven identities deployed across cloud services and enterprise applications without centralised governance or clear visibility into the privileges they hold.
The scale is striking. Some organisations are running well over 1,000 AI agents, many of which security teams were not fully aware existed within their environments. As Phantom Labs Director of Research Fletcher Davis put it: 'Organisations are introducing thousands of new machine identities through AI agents, often without realising the level of access those agents inherit.' Unlike traditional service accounts, AI agents can inherit permissions from users or service roles, interact with APIs and enterprise tools, and act autonomously across systems — creating attack paths that conventional security tooling was never designed to detect.
The specific risks identified include shadow AI agents bypassing formal IT governance through low-code platforms, AI identities operating with administrator-level privileges, long-lived API keys lacking rotation policies or lifecycle controls, and autonomous agents capable of unexpected privilege escalation. Machine and AI identities now vastly outnumber human identities in many enterprise environments, fundamentally changing the identity security landscape.
For context engineers, this research is directly relevant to how we build and deploy agentic systems. Every MCP server connection, every Claude Code session with file system access, every automated workflow that interacts with production APIs represents exactly the kind of autonomous agent identity that BeyondTrust is flagging. As the community moves from experimental agent deployments to production-scale orchestration, understanding identity governance for AI agents is becoming as fundamental as understanding authentication for human users. The 466.7% growth rate suggests most organisations are deploying agents far faster than they are securing them.
