Salt Security released its 1H 2026 State of AI and API Security report on Wednesday, surveying 327 security leaders across technology, financial services, healthcare, and manufacturing. The headline number: 48.9% of organizations have zero visibility into machine-to-machine traffic. That is the communication layer where autonomous AI agents operate. Nearly half of enterprises deploying agents into production cannot see what those agents are doing on the network.
The Numbers
The report paints a picture of rapid deployment outrunning security fundamentals. Two-thirds (66%) of surveyed organizations reported API growth exceeding 50% in the past year, driven by automation and AI adoption, according to Salt Security’s press release. Only 8% report advanced API security maturity. Almost a third (32%) experienced an API security incident in the past year. And 47% have delayed production releases specifically because of API security concerns.
The threat landscape data is equally stark. Salt Labs analysis found that 99% of attack attempts now originate from authenticated sources, which the report describes as “rogue agents operating with legitimate credentials but no human oversight, no rate limiting, and no behavioral guardrails.” Nearly two-thirds (65%) of attacks exploit security misconfiguration (OWASP API8), a vulnerability that Security Boulevard notes is “dramatically amplified when over-permissioned APIs are connected to AI agents that can query, chain, and exfiltrate data at machine speed.”
The Confidence Gap
Despite 79% of boards increasing scrutiny of AI security risks, only 18% of organizations are “extremely confident” in their ability to detect attacks leveraging generative AI. Less than one in four (24%) maintain a fully automated API inventory; the rest rely on partial or manual tracking. Salt Security CEO Roey Eliyahu framed the challenge in the press release: “You cannot secure AI agents without securing every layer they touch, including the APIs they call, the MCP servers they route through, and the data they access.”
This aligns with a broader pattern identified by Forbes yesterday, which argued that AI agents moving from trial to mainstream in enterprise IT demand entirely new network-based, real-time defense models that legacy perimeter security was not designed to provide.
The Agentic Stack Problem
Salt Security is positioning what it calls the “Agentic Security Graph,” a model that maps relationships between LLMs (reasoning layer), MCP servers (execution layer), and APIs (action layer). The argument: securing any one of these in isolation misses the point. Risk in agentic environments lives in how these layers interact in real time, not in any single component.
For teams deploying agents in production, the practical takeaway is uncomfortable. If your organization falls into that 48.9% without M2M visibility, your agents are operating in infrastructure you functionally cannot audit. The report is available for download from Salt Security.