Salt Safety has launched its 1H 2026 State of AI and API Safety: Navigating the Agentic Period report, revealing a widening hole between the fast deployment of AI brokers and the safety packages designed to guard them. The analysis finds that whereas autonomous AI brokers are being deployed at enterprise scale, 92% of organisations lack the superior safety maturity required to defend these environments.
AI is reliant on APIs with the intention to work correctly and perform autonomous actions. APIs are quick turning into the execution layer for AI methods, powering each motion taken by brokers, massive language fashions (LLMs), and Mannequin Context Protocol (MCP) servers. Due to this, the variety of APIs in use in organisations right now have exploded, with two-thirds (66%) reporting development of over 50% within the final yr.
Nevertheless, as organisations scale AI-driven automation, safety is failing to maintain tempo, creating what Salt Safety defines because the “Agentic Safety Hole”. The safety of contemporary AI environments now requires visibility and management throughout all the agentic AI stack, not simply particular person APIs.
Roey Eliyahu, Co-Founder and CEO at Salt Safety, stated: “You can not safe AI brokers with out securing each layer they contact, together with the APIs they name, the MCP servers they route by means of, and the information they entry. Danger within the agentic period doesn’t sit in a single place. It lives in how all of these items work together in actual time.”
The analysis, primarily based on a survey of 327 safety leaders, reveals that whereas AI adoption is accelerating, safety maturity is struggling to maintain tempo. Almost half (47%) of organisations have delayed manufacturing releases on account of API safety considerations, and nearly one third (32%) skilled an API safety incident up to now yr. Regardless of this, solely 8% report having superior API safety maturity, leaving the bulk underprepared. On the similar time, two-thirds (66%) reported API development of greater than 50% up to now yr, largely pushed by elevated automation and AI adoption.
Moreover, 79% of boards and government groups have elevated scrutiny of AI safety dangers, but solely 18% are extraordinarily assured of their means to detect assaults leveraging Generative AI, a confidence hole that displays the inadequacy of legacy instruments in agentic environments.
The findings additionally spotlight a major shift within the risk panorama, with attackers now not forcing entry however as an alternative working inside trusted methods, usually through AI-driven processes. In keeping with the information, almost all (99%) assault makes an attempt analysed by Salt Labs originate from authenticated sources, more and more involving rogue brokers utilizing professional credentials however missing human oversight, fee limiting or behavioural guardrails. As well as, nearly two-thirds (65%) of assaults exploit safety misconfiguration (OWASP API8), a vulnerability that’s considerably amplified when over-permissioned APIs are linked to AI brokers able to querying, chaining and exfiltrating knowledge at machine pace.
The report concludes that API safety is now not a subset of software or cloud safety, however a foundational self-discipline in its personal proper. As APIs now account for almost all of net visitors and energy all AI agent exercise, they symbolize a definite and significant assault floor that current safety pillars weren’t designed to guard.
To handle this shift, Salt Safety is advancing a brand new mannequin for enterprise safety referred to as the Agentic Safety Graph, which maps the relationships between LLMs, MCP servers and APIs. Collectively, these parts kind the agentic stack, offering the context wanted to grasp not simply what AI methods generate but additionally what they do throughout enterprise environments.
“Salt Safety was based on the assumption that APIs are essentially the most essential and most ignored assault floor within the enterprise. As AI brokers have emerged, it has grow to be clear that APIs are only one pillar in a a lot bigger, deeply linked system,” stated Roey Eliyahu, Co-Founder and CEO at Salt Safety. “In the present day, we safe all the agentic setting, the llm, brokers, MCP servers, APIs and the information they entry. Our 1H 2026 analysis confirms that this isn’t a future drawback, it’s occurring now, and most organizations usually are not prepared.”
