Key Risks & Use Cases
These are the most common AI-related risks SailPoint Entro surfaces in real customer environments. Each one is detectable out of the box - no configuration required.
Overprivileged Agentic Access
An AI agent inheriting an admin role or production-scoped credential originally assigned to a human is one of the most common findings. The agent can perform destructive operations - at scale, autonomously, without human review.
Note
What to look for: Agents with admin-level or production access flagged under the Privileged and Production quick filters in the inventory.
Shadow and Unregistered Agents
Agents connected to corporate systems through personal accounts, developer tools pointing at production credentials, or AI builder workflows that never went through security review — none of these appear in a CMDB, but all of them appear in SailPoint Entro.
Note
What to look for: Agents with AI Origin classified as Third-party or Undetermined, and owners attributed to personal or non-corporate accounts.
Former-Employee Access
An AI agent or workflow created by an employee who has since left, still calling production APIs using their token. A direct offboarding gap.
Note
What to look for: The "AI Connection owned by former employee" insight on agents in the inventory.
Unverified Third-Party AI Applications
An AI application connected to a corporate SaaS service published by an unverified or unknown vendor - carrying data residency and trust risks that most security teams aren't aware of.
Note
What to look for: The "App by unverified external publisher" insight in the inventory.
Idle Agents
Agents that have been dormant for over 45 days still hold active credentials and access. They represent unnecessary risk with no business justification.
What to look for: The Idle quick filter, or the "Idle AI Agent" insight on individual agents.
Malicious or Destructive Prompt Activity
Prompts requesting sensitive or destructive operations — deleting records, exfiltrating credentials, accessing systems outside the agent's normal scope. Detected automatically by the Agentic Plugin for instrumented agents.
What to look for: Sessions classified as Malicious or Destructive in the AI Agents Inventory for Monitored Agents.
Use Cases by Team
Security & SOC Identify agents accessing production with privileged credentials, investigate malicious session activity, and get alerted when new unsanctioned agents appear.
IAM / IGA Full inventory of AI agent identities alongside your NHI and human inventories, with ownership attribution on every connection. Feed into SailPoint or other IGA platforms for lifecycle governance.
AppSec Surface AI agents created during development carrying over-permissive credentials before they reach production.
AI & Platform teams Visibility into which agents are running, where, and with what access. Use policies to define guardrails without blocking legitimate development.