- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Enterprises More Confident, Tooled, Yet Breached Than Ever
Vorlon's CISO survey finds organizations are well-armed but still experiencing SaaS and AI security incidents
Mar. 30, 2026 at 2:19pm
Got story updates? Submit your updates here. ›
As enterprises deploy more AI agents and SaaS tools, the 'agentic ecosystem' has become a growing security blind spot, exposing organizations to a rising tide of breaches.Mountain View TodayA recent survey of 500 CISOs by startup Vorlon found a 'troubling contradiction' in enterprise security - 99.4% of organizations experienced at least one SaaS or AI security incident last year, yet 89.2% said they have strong OAuth token governance and 77% claimed comprehensive behavioral monitoring. Enterprises are deploying an average of 13 security tools, showing they are well-armed and confident, but still getting hit with incidents. Vorlon says the problem is the security architecture most are running, which can't see or contain issues in the 'agentic ecosystem' of SaaS apps, AI agents, and API integrations.
Why it matters
The report highlights a growing gap between enterprises' security confidence and the reality of ongoing breaches, especially as AI and SaaS tools proliferate. This disconnect poses serious risks, as security teams struggle to gain visibility and control over the new 'agentic ecosystem' that has become the fastest-growing attack surface. Addressing this requires new security approaches focused on AI agent behavior and impact.
The details
Vorlon's survey found that while enterprises are well-armed with security tools, they are still experiencing a high rate of SaaS and AI security incidents. The company says the problem is that traditional security tools 'weren't built for this' new ecosystem of SaaS apps, AI agents, and API integrations, which operate 'in the engine room' rather than through the 'front door' of applications. AI agents can rapidly touch multiple systems, move sensitive data, and trigger workflows, often without visibility.
- The report was released last week by Vorlon, just as the RSAC 2026 conference was taking place in San Francisco, where AI and agent-based security were a key focus.
The players
Vorlon
A startup that provides a SaaS and AI security platform. The company released the report and two new security products, the AI Agent Flight Recorder and AI Agent Action Center, to help enterprises gain visibility and control over their 'agentic ecosystem'.
Amir Khayat
The co-founder and CEO of Vorlon, who stated that the problem is not a lack of awareness, but rather the security architecture most enterprises are running, which cannot see or contain issues in the new SaaS and AI-driven environment.
Netta Drimer
The head of product at Vorlon, who wrote that the company's new tools give 'security teams a complete forensic record of every AI agent action and a coordinated path to fix what's wrong'.
Rob Enderle
The principal analyst with The Enderle Group, who stated that security always runs behind technology-leading threats like those appearing with AI, and that organizations typically fund security to respond to threats, not to anticipate or proactively prepare for them.
What they’re saying
“Most organizations are running an ecosystem without the ability to see what's happening, investigate when something goes wrong, or contain it before the damage spreads.”
— Amir Khayat, Co-founder and CEO, Vorlon
“The agentic ecosystem is the converged layer of SaaS applications, AI agents, API integrations, and non-human identities. It's now the fastest-growing attack surface in the enterprise. The tools most security teams have weren't built for this.”
— Netta Drimer, Head of Product, Vorlon
“AI came in really fast, and the industry is struggling to figure out what to do about it because the broad spectrum of AI capabilities makes it into a genuine boogey man.”
— Rob Enderle, Principal Analyst, The Enderle Group
What’s next
Vorlon has released two new products, the AI Agent Flight Recorder and AI Agent Action Center, to help enterprises gain visibility and control over their 'agentic ecosystem' of SaaS apps, AI agents, and API integrations. These tools provide a forensic audit trail of agent actions and a coordinated response system to detect and remediate security incidents.
The takeaway
This report highlights the growing disconnect between enterprises' security confidence and the reality of ongoing breaches, especially as AI and SaaS tools proliferate. To address this, security teams need new approaches focused on monitoring and controlling the 'agentic ecosystem' that has become the fastest-growing attack surface. Tools like Vorlon's can provide the visibility and response capabilities needed to mitigate these emerging risks.
