Obsidian Security: Agent Activity Grew 300x, 40% Carry Critical Risk, Security Tools Are Blind
Enterprise agent activity grew 300x in 2025 with nearly 40% carrying medium-to-critical risk. Obsidian details five scenarios where agents bypass access controls through over-permissioning, chain prompt injections across workflows undetected, and persist as 'ghost' admin processes after employee departure. Existing SIEM, CASB, and EDR tools cannot correlate agent activity with identity.