AI agents are quickly becoming autonomous digital actors embedded in enterprise workflows. Unfortunately, as organizations scale from dozens to hundreds of agents across clouds, platforms, and business units, the identity foundations inherited from human IAM are beginning to strain under new demands.
If you’re already experimenting with autonomous AI agents (or your business units are doing it for you), this topic from CSA’s Securing Autonomous AI Agents survey report (commissioned by Strata) should snap to the top of your priority list: discovery and traceability are clear blind spots.
Even as organizations expand their use of AI agents, most lack the visibility needed to manage them safely. Tooling is immature, and only 21% of organizations maintain a real-time registry or inventory of their agents. Another 32% rely on non-real-time records, 32% plan to build one within the next year, 8% have no registry at all, and 9% are unsure.
A real-time inventory is the starting point for basic security questions:
If you can’t answer these reliably, you’re flying blind in a threat environment where agents can operate continuously and at scale.
Even when organizations do track agents, they tend to have a patchwork approach that delivers partial visibility. Organizations can see some agents some of the time, but rarely in one place or in real time.
This should sound familiar. It’s the same story we’ve lived through with cloud asset inventories, shadow SaaS, and machine identity sprawl, except now the “thing” you’re tracking can take actions, make decisions, and trigger workflows.
The survey report also highlights that agents are already highly distributed across environments. They run in public clouds (66%), on-prem (37%), in private clouds (36%), and in hybrid configurations (38%). So if your registry is “somewhere in a spreadsheet,” or “kind of in the IdP,” or “in a service catalog that only covers one platform,” the result is predictable: drift, gaps, and governance by guesswork.
Discovery is step one. Traceability is step two, where governance turns into accountability. Traceability is the ability to map what agents do and who they act on behalf of.
Only 28% of respondents can reliably trace agent actions to a human or system across all environments. 46% can do so only in some, 9% cannot at all, and 16% are unsure. This means that most organizations can’t consistently answer basic questions of accountability,
Without unified tracing, enterprises struggle to answer basic questions of accountability. That undermines regulatory expectations around auditability and forensics.
When visibility is weak, organizations compensate with manual controls. 68% of respondents rate human-in-the-loop (HITL) oversight as ‘essential’ or ‘very important’ (20% and 48%, respectively).
This is a rational response: if you can’t consistently see or trace what an agent is doing, you add a person to reduce risk.
But HITL doesn’t scale cleanly. It becomes a bottleneck, a short-term safeguard that slows adoption. Agent governance has not yet reached continuous, auditable maturity.
Many organizations are in a ‘Time-to-Trust’ phase. Full autonomy is still the goal, but most organizations are still building the visibility, auditability, and control mechanisms necessary to reach it.
This is a useful framing because it de-escalates the hype without dismissing the value. It acknowledges that agent systems are moving from concept to operational reality, but governance has to catch up.
To safely unlock the potential of agents, organizations must invest in unified identity orchestration spanning discovery, authentication, authorization, and continuous traceability.
A mature agent identity governance program should be able to:
Agents aren’t all the same. Some are internally built, some are third-party vendor agents, and some are public SaaS agents introduced by users.
A registry needs to be more than a list. It should answer who owns the agent, what environment it runs in, what it’s allowed to access, and how it authenticates.
Without an authoritative registry, your governance becomes reactive and fragmented.
Many organizations cannot reliably map an agent’s actions back to a human sponsor, leading to accountability gaps.
Every meaningful action should be attributable to the:
“End-to-end session tracing” and “context-aware audit logging” show up as key capabilities.
But audit-friendly means logs aren’t just voluminous—they’re structured, retained, and tied to identity decisions and approvals.
AI agents act on behalf of humans, accessing data and making autonomous decisions that carry real business impact. That’s why discovery and traceability are prerequisites for:
Without continuous discovery and traceable identity orchestration, agent ecosystems will remain opaque: difficult to govern and impossible to fully trust.
The full survey report connects discovery and traceability to broader agent identity issues like static credentials, fragmented controls, and why IAM systems designed for human workflows are ill-suited to govern autonomous agents.
If you’re building (or inheriting) an agent program in 2026, Securing Autonomous AI Agents is worth a download and internal share.
Share this content on your favorite social network today!
Monthly updates on all things CSA - research highlights, training, upcoming events, webinars, and recommended reading.
Monthly insights on new AI research, training, events, and happenings from CSA’s AI Safety Initiative.
Monthly insights on new Zero Trust research, training, events, and happenings from CSA's Zero Trust Advancement Center.
Quarterly updates on key programs (STAR, CCM, and CAR), for users interested in trust and assurance.
Quarterly insights on new research releases, open peer reviews, and industry surveys.
Subscribe to our newsletter for the latest expert trends and updates
We value your privacy. Our website uses analytics and advertising cookies to improve your browsing experience. Read our full Privacy Policy.
Analytics cookies, from Google Analytics and Microsoft Clarity help us analyze site usage to continuously improve our website.
Advertising cookies, enable Google to collect information to display content and ads tailored to your interests.
© 2009–2026 Cloud Security Alliance.
All rights reserved.