ANALYSTS are confirming what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them, with Gartner noting in its Market Guide for Guardian Agents that enterprise adoption of AI agents is accelerating and outpacing governance policy maturity. According to Orchid's analysis, roughly half of enterprise identity activity already occurs outside centralized IAM visibility, because identities and controls live inside applications as well as in central directories.
AI agents run continuously, span multiple applications, acquire permissions opportunistically, and operate at machine speed, creating what Orchid calls identity dark matter. Orchid’s approach aims to close this gap by observing identity activity inside applications, at the binary and configuration layer, providing automatic discovery of AI agents, a visibility gap analysis, and a remediation roadmap.
The piece also highlights three questions security teams are asking—what AI agents are running, how compliant we are with NIST identity requirements, and whether static credentials should be rotated immediately—each answered by Orchid’s observability and credential-management capabilities.