Salt Future of Agentic AI Report 2025

Keypoints

• Annual cybersecurity reports of this type usually begin with an executive summary that highlights the most important findings, followed by an introduction that explains the topic, scope, and methodology of the research.
• They typically include sections on how the technology or threat works, key risks and attack surfaces, current security challenges, defensive best practices, emerging trends, and future outlooks or recommendations.
• In this report, the central theme is that agentic AI is becoming mainstream in business and consumer environments, but trust and security controls are lagging behind adoption.
• Survey data shows 64% of consumers are encountering AI chatbots more often than a year ago, and 81% of those users have entered personal details into them.
• Despite high usage, trust remains low: 50% of consumers feel uncomfortable entering personal information into chatbots, and 44% say they have felt pressured to do so to complete a task.
• Consumers strongly prefer human interaction for sensitive data, with 54% comfortable sharing personal details in person and 37% by phone, compared with only 22% via chatbot.
• The report underscores the importance of APIs as the foundation of AI agent capability, enabling access to databases, CRMs, ERPs, e-commerce platforms, logistics systems, and third-party services.
• Organizations are deploying AI agents across multiple use cases, with analysis/content creation at 61%, automation at 60%, customer interaction at 53%, decision-making at 44%, fraud detection at 37%, and supply chain management at 32%.
• AI adoption is broad and complex: 48% of organizations use 6–20 types of AI agents, 19% use 21–50 types, 37% have 1–100 active agents, and 18% host 501–1000 agents.
• A major security finding is that AI agents expand the API attack surface, increasing exposure through authentication weaknesses, excessive privileges, insecure token handling, prompt injection, and third-party API flaws.
• Monitoring and detection are under pressure because AI-generated API traffic is high-volume and dynamic, making it harder for traditional tools to distinguish normal behavior from anomalies.
• API risk assessment practices are uneven: 32% of organizations assess API risk daily, 26% do so several times per week, but 7% do so monthly or less often, showing a gap between awareness and consistency.
• Privacy controls vary, with the most common being monitoring AI decision-making (44.4%), regular audits (43.2%), clear privacy policies (42.4%), and AI governance frameworks (42.0%).
• Only 37.2% report using a dedicated API security solution, suggesting many organizations still treat API protection as a secondary control rather than a core privacy safeguard.
• Best-practice themes repeat throughout the report: least privilege, MFA/OAuth 2.0, input sanitization, API gateways, rate limiting, TLS, encryption at rest, penetration testing, and CI/CD security scanning.
• The future threat landscape is expected to become more difficult due to AI-powered attacks, adversarial machine learning, decentralized microservices and serverless architectures, and AI-specific issues such as prompt injection, model inversion, and data poisoning.
• Innovations highlighted include AI-driven security monitoring, blockchain-based tamper-proof audit logs, and homomorphic encryption for processing sensitive data without exposing it.
• The report’s core takeaway is that secure, well-governed APIs are not just a technical requirement but the basis for consumer trust, regulatory compliance, and safe scaling of agentic AI.