'We're letting thousands of interns run around in our production environment'

Corporate use of AI agents in 2026 looks like the Wild West, with bots running amok and no one quite knowing what to do about it - especially when it comes to managing and securing their identities.

Organizations have been using identity security controls for decades to ensure only authorized human users access the appropriate resources to do their jobs, enforcing least-privilege principles and adopting zero-trust-style policies to limit data leaks and credential theft.

"These new agentic identities are absolutely ungoverned," Shahar Tal, the CEO of agentic AI cybersecurity outfit Cyata, told The Register. Agentic identities are the accounts, tokens, and credentials assigned to AI agents so they can access corporate apps and data.

"We're letting things happen right now that we would have never let happen with our human employees," he said. "We're letting thousands of interns run around in our production environment, and then we give them ...