AI Agents Break Security Playbooks: The New Strategy

▼ Summary
– AI agents have broken the security model based on a knowable, static environment because they act autonomously, borrow human access, and change behavior dynamically.
– The gap between identifying risks and executing specific remediation has widened because agent behavior is too fast and environment-specific for generic vendor workflows.
– Building custom security tools is now faster with AI, but the real challenge is integrating live, normalized data from diverse enterprise systems, not just generating code.
– Security teams should buy a foundation of complex, shared capabilities like discovery and identity mapping, and then build their own operational layer of workflows and automations.
– Identity is the essential foundation for agent security because it governs what agents can access, controls blast radius, and provides context for ownership and intent.
For nearly two decades, enterprise security operated under a predictable premise: the environment was knowable. Teams could purchase tools, catalog users, map systems, set policies, and depend on vendor-built dashboards to manage most incidents. The approach had flaws, but it worked because changes unfolded at human speed.
AI agents have shattered that assumption. The old security playbook no longer applies.
These are not standard applications. AI agents operate autonomously, calling tools, gaining cross-system access, and adapting based on context. Some are sanctioned and live inside SaaS platforms. Others are unsanctioned, running locally. They can borrow a person’s credentials and vanish before the next inventory scan. Their reach varies dramatically. According to Token Security research on real-world enterprise deployments, agents range from human-triggered chatbots to fully autonomous production services, with over a fifth of local agents already holding direct access to production data.
The classic build versus buy debate in cybersecurity has fundamentally shifted. The old question was simple: should we buy a tool or build one? In the agentic era, that framing is too narrow. Security teams do not need to rebuild the entire stack, but they also cannot rely on fixed workflows created by someone else months ago. The better question is: which layer should security teams own?
The Limits of Fixed Security Workflows
AI agents make environments more specific, more dynamic, and harder to predict. A vendor can build a dashboard for common risks: overprivileged service accounts, stale credentials, dormant admin users, excessive permissions, or identities with production access. That is useful, but the most critical questions are often unique to a single environment.
Which agents created in the past two weeks can reach production through inherited human credentials? Which local coding agents still have active tokens after a project ended? What is a potential attack path from one system to another using AI agents? These questions do not fit neatly into a generic workflow. They depend on an organization’s cloud footprint, SaaS stack, development practices, ownership model, compliance requirements, and AI adoption patterns. No vendor roadmap can anticipate every combination.
This is the operationalization gap. Security teams can often identify risk categories, but they cannot always translate them into the exact remediation path their environment requires. AI agents widen this gap because they move faster than traditional tooling cycles. Waiting two quarters for a vendor feature while agents continue accumulating access is not an effective security strategy. It is a queue.
Why “Just Build It” Is Not the Answer
AI-assisted development has transformed what teams can build. Retool’s 2026 Build vs. Buy report found that 35% of teams had already replaced at least one SaaS tool with something they built themselves, and 78% expected to build more this year. This trend has real security implications, since AI has made building custom tools far faster and easier. Work that once took weeks of engineering can now be prototyped in hours.
But cybersecurity has a harder problem than most business functions: the data layer. A useful security workflow is only as good as the identity, access, permission, ownership, and activity data underneath it. Building a custom app is one thing. Connecting it safely to live enterprise systems is another. Security teams should not have to rebuild integrations across AWS, Azure, GitHub, Salesforce, Okta, secret managers, CI/CD pipelines, SaaS platforms, agent frameworks, and on-prem systems. They should not have to normalize every schema themselves or maintain fragile scripts that break when an upstream API changes.
That is the hidden cost of “just build it.” The hard part is not generating code but building on data that is live, normalized, secure, and complete enough to support real decisions.
Buy the Foundation to Own the Operational Layer
The future of cybersecurity is not pure build or pure buy. It is building on the right foundation. Security teams should invest in the layers that are structurally complex and widely adopted across organizations: continuous discovery, integrations, normalization, identity correlation, access mapping, governance controls, auditability, and secure execution boundaries. Those capabilities require depth, scale, and constant maintenance. They are not where most security teams should spend their scarce engineering time.
But teams should own the operational layer: the workflows, applications, reports, reviews, and automations that reflect their specific environment. That is where differentiation lives. That is where security teams encode how their organization actually works: who owns which agents, which systems matter most, what access is acceptable, which exceptions are allowed, how risk is prioritized, and what remediation should happen next.
The winning model is not “buy everything” or “build everything.” It is “buy the foundation, build the operating layer.”
Identity is the Layer That Holds
For AI agents, the foundation has to be identity. Every meaningful agent eventually requires access. It authenticates, uses credentials, invokes tools, and reaches data. Often, it does not even have an identity of its own and instead borrows one from an employee. That is why the agents already running within enterprises can be indistinguishable from the people they impersonate in your audit logs.
That is why identity is the only control plane that actually governs agentic AI, and why it is the foundation on which to build. It is the one place your team can see and enforce discovery, ownership, access, and lifecycle for every agent at once. Guardrails, prompt filtering, and behavior controls act on what an agent says. Identity governs what an agent can reach, and reach is what determines blast radius.
A live identity foundation gives security teams the context they need to ask and answer the questions that matter: Who owns this agent? What is it supposed to do? Which identities does it use? What systems can it reach? Does its access match its intent? What happens when it is abandoned, compromised, or changed?
Without that foundation, custom workflows sit on sand. They rely on stale exports, partial inventories, and one-off scripts. With it, security teams can build operational logic that stays connected to the real environment as agents appear, change, and disappear.
The Teams That Stay Effective
The security playbook built for a knowable environment is not coming back. AI agents made sure of that. The next playbook is more adaptive. It assumes the environment will keep changing. It assumes no vendor can prebuild every workflow. It assumes security teams need the ability to compose controls, reports, reviews, and remediation paths that fit their own reality.
But it also recognizes that teams should not rebuild the foundation themselves. The teams that stay ahead will not be the ones with the longest tool list or the most generic dashboards. They will be the ones who know which layer to own. For agentic AI, the answer is clear: build on a live identity foundation and own the operational layer that must adapt. In the agent era, that is how security teams move fast without losing control.
(Source: BleepingComputer)




