Misbehaving and malicious autonomous AI agents could wreak havoc as they rampage through a data estate, unless they are controlled and regulated – which Cohesity intends to do – and remedied by recovery agents.
Imagine a deranged employee with system-level or privileged access to your applications and data. That person could destroy data, siphon it outside your systems, and generally cause a lot of damage. Fortunately we all have user identification and authorization, access controls, and backups so that the source of data corruption and theft can be identified and the data estate changes rewound back to a known good state.
But autonomous AI agents are coming, and there is no agent-focused identification, security, and protection infrastructure. Envisage the damage that an AI agent could do if it started hallucinating customer orders, product dispatch notes, or invoice payments.
Data protection and security business Cohesity is well aware of these looming dangers, and CEO Sanjay Poonen told us about its approach: “We think about identity. We’ve been focused since we announced identity resilience this year on human and non-human identity… We’re definitely anticipating that everything we’re doing [in] identity resilience will have a human and a non-human factor.”
Cohesity is aware of this problem although it has not yet occurred in its customer’s IT environments: “It’s not yet the case where I think our customers have seen major attacks from non-human identities as yet. But it’s a full expectation that the framework we’ve been building out for identity resilience will cover human and non-human identities.”
There are stages to this, with pre-attack and post-attack phases: “We have a detection prevention view of it and then a recovery remediation view.” We could say there’s an identity-focused aspect to agent security and also a malicious action tracking aspect.
Cohesity will inspect bad agent actors: “In places where they’re malicious, we expect to basically track them. Certainly if they have a human or non-human [agent] identity; that’s part of our identity resilience story – to be able to track them and catch them if they are malicious.”
Poonen said that working with partners was going to be an important aspect of this: “We think there’s going to be a number of security companies and big players who are going to be all building out agent infrastructures that can track agents in their entirety. For example, Microsoft at Ignite announced Agent 365.”
He mentioned that AWS announced AI security agents at Re:Invent 2025 as well, saying: “We want to integrate with the best agent cloud infrastructures that are going to be out there and we expect Microsoft, AWS, many of the security players [like] Palo Alto; their intent is to have a security infrastructure.” In fact, “I expect CrowdStrike and Palo Alto to have agent infrastructures to track security agents.” He reckons ServiceNow will probably be active in this area as well.
Therefore: ”I don’t believe it’s our place to be the agent control center for all of the security controls, because there’s going to be bigger companies building them. Our job is to integrate with them.”
Poonen was emphatic: “I don’t know that we can offer more value-added than Agent 365, which is Microsoft’s infrastructure, [so we’ll] integrate well with it. Same with AWS. It would be a mistake for Cohesity to build its own agent cloud that competes with them.”
On the post-attack side he had more to say: “Gaia, as you know, is our app or agent to be able to have conversational AI. We can run it as an app or an agent.”
“We announced a recovery agent; a way to be able to run an entire recovery process, including clean room, with an AI agentic framework. I think agents could be used in a positive fashion, and that’s the way in which we will proactively build agents.”
In effect, the best way to clean things after a misbehaving agent is to use a clean-up agent, to unwind what the bad actor agent has done and reinstate the good data. And the best way to identify and manage agent identities is to use Cohesity’s existing, human-centric identity resilience features and integrate them with agent infrastructure and control clouds being set up by Microsoft, AWS, CrowdStrike, Palo Alto, ServiceNow, and whomever else might emerge as a significant player.
Cohesity wants to be, intends to be, cohesive with the growing agent identity and control infrastructure ecosystem.
