Autonomous agents are rapidly redefining how enterprise systems operate, exposing new security gaps as machine-driven activity begins to outpace the infrastructure designed for human users.

Systems built around human identity and predictable workflows are struggling to keep up as autonomous agents operate continuously and move across environments with little friction. That shift is forcing enterprises to rethink architecture and security models to handle a faster, less predictable risk landscape, according to Ramin Farassat (pictured), chief product and strategy officer of Menlo Security Inc.

“Companies are still building and they’re securing their environment for human employees,” Farassat said. “They need to desperately re-architect their environment because there’s going to be this big army of AI agents that are going to be coming up. Of course, we all want this massive speed and the scale that these agents are bringing to the table. The reality is that these agents, unfortunately, lack human intuition. If a hacker throws a zero-day exploit or if they want to do prompt injection to an AI agent, it doesn’t have that gut feeling that we as humans have to know that it’s being tricked. What happens is that it would just basically execute what it’s being told.”

Farassat spoke with theCUBE’s John Furrier for the Google Cloud AI Agents in Action Series on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how autonomous agents are transforming enterprise security, infrastructure design and real-time threat management. (* Disclosure below.)

Autonomous agents reshaping enterprise security models

As autonomous agents scale, security is shifting from reactive controls to real-time analysis of behavior and intent. Traditional defenses built around known threats are no longer sufficient when agents operate at machine speed and interact with dynamic content, Farassat explained. This forces organizations to adopt architectures that can interpret context rather than rely on static rules.

“The only way that we could build this architecture such that it can be resilient and be able to scale was that we couldn’t just react to known threats. We had to actually analyze the intent behind the website content in real time,” Farassat said. “That lets us be able to instantly block things like zero-day exploits, social engineering attacks and things that no one has seen before.”

The operational model is also changing as security becomes embedded directly into agent workflows. However, the true shift isn’t just about implementing AI into the enterprise workflow, but integrating it directly into your security stack, which is exactly the philosophy behind HEAT Shield AI. Solutions leading the AI era focus on bringing AI to the initial point of defense: the browser. This allows AI to visually “see” what the user sees while simultaneously “reading” the underlying HTML and DOM to identify highly evasive threats. Instead of relying on manual intervention, systems are increasingly designed to allow agents to communicate, enforce policies and respond to threats autonomously. This introduces a new layer of automation that extends beyond detection into coordinated response, Farassat added.

“It’s machine-to-machine defense, it’s in real time and it’s completely automated, without a human ever having to click a button,” he added. “Then on top of all of that automation and the defense, the agent’s still continuously running in the background and it can provide additional information to the human team.”

Platforms evolve to meet agent-driven deployment

The rise of autonomous agents is also reshaping how security tools are delivered and adopted. Instead of long deployment cycles, organizations are looking for immediate integration within the environments where AI is already being built. This is pushing vendors toward platform-based distribution models that reduce friction and accelerate adoption, Farassat emphasized.

“As we move into this new fast-paced agentic era, the way that we deploy security has to evolve,” he said. “It has to be instant, and it cannot require long integration projects. That’s exactly why we put our HEAT Shield agent on Google [Cloud] Agent Marketplace. It completely removes the friction.”

This shift extends into how organizations operationalize security at scale. AI interfaces are replacing traditional dashboards, enabling administrators to interact with systems through natural language and automated workflows. The result is a more fluid model where policies can be updated and enforced in real time without manual configuration, Farassat pointed out.

“Using this AI technology, the security admin can now just interact directly with the Menlo agent and ask it things like, ‘Show me the current blocklist,’ or they can go and actually change a policy,” he said. “They say, ‘Switch this threat response from logging to blocking,’ and AI just handles it for you.” 

Managing risk in a world of unseen AI activity

The proliferation of autonomous agents is also amplifying challenges around visibility and control. Shadow AI is no longer limited to isolated tools but is embedded across nearly every digital surface, making traditional tracking methods ineffective. This forces organizations to rethink how they identify and manage unseen AI activity.

“Every site that you go to has AI. Every site is shadow AI, and every application is potentially a shadow AI,” Farassat said. “The lists almost become obsolete the second they come up. Using a list is really not the way, in our opinion, to be able to discover and deal with shadow AI.”

Rather than attempting to contain agents at the perimeter, the emerging approach is to embed governance directly into their lifecycle. This includes defining policies at creation and continuously monitoring behavior as agents execute tasks. It reflects a broader move toward dynamic control models that scale with the agents themselves, according to Farassat.

“Instead, what we believe needs to be done is to start from the beginning,” he said. “As the agents are being built, set up specific policies within the agents. Make sure that you have control rights. But then, as the agents perform the task that they’re performing and going to our platform, we’re still making sure that we’re providing the means for being able to look for things like prompt poisoning, be able to address different types of rights and access controls and set different policies that manage those agents at the scale of the agents themselves.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the Google Cloud AI Agents in Action Series:

(* Disclosure: TheCUBE is a paid media partner for the Google Cloud AI Agents in Action Series. Neither Google Cloud, the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Image: SiliconANGLE