Codenotary flags 210,000 risky AI agent actions daily

Codenotary said its AgentMon platform monitors more than 3 million AI-agent interactions a day across customer environments, with about 210,000 flagged as potentially unsafe or non-compliant.

The figures point to a growing volume of runtime issues in enterprise AI systems, with roughly 7% of monitored interactions triggering security, compliance or operational anomaly detections. The findings are based on AgentMon deployments across enterprise customers, where the software tracks interactions between AI agents, tools, APIs, infrastructure and internal data environments.

Most anomalies were not linked to conventional malware or external attackers. Instead, the bulk of flagged activity came from unexpected or unsafe AI behaviour within legitimate enterprise workflows.

That distinction matters because many security and observability tools were built to monitor endpoints, networks, applications and user identities, not autonomous software agents. As companies embed more AI systems into everyday operations, the data suggests risk can arise from the systems' behaviour itself, even without an external breach.

Observed issues included exposure of sensitive information such as passwords, API tokens, cryptographic material, financial records, healthcare data and confidential internal documents. Codenotary also reported cases of AI agents attempting actions beyond approved boundaries, interacting with unauthorised external services or restricted internal systems, breaching governance controls or compliance policies, and entering recursive workflows or excessive retry patterns.

It also detected prompt injection attempts, signs of context poisoning, unsafe use of external tools and unusual access patterns. These incidents span security, compliance and operational risk, particularly when agents are connected to multiple internal systems and can act with limited human intervention.

Runtime risks

Dan Twing, President and Chief Operating Officer, Enterprise Management Associates, said the telemetry reflects a broader shift in how businesses need to think about AI in production.

"The emergence of large-scale AI runtime telemetry marks an important milestone in enterprise AI adoption. The challenge with autonomous systems is not simply whether they execute. It is whether they interpret state correctly, operate within established guardrails, and produce the intended outcome. Telemetry of this kind provides important visibility into a problem that enterprises will increasingly need to govern as AI moves deeper into production operations," said Twing.

Businesses have been moving beyond pilot projects and chat interfaces toward more connected AI systems that can retrieve data, call tools, trigger workflows and make decisions inside operational environments. In that setting, even a low single-digit rate of problematic interactions can translate into a large number of incidents at scale.

Codenotary said its customers are deploying AI-assisted workflows across finance, customer support, infrastructure operations, legal, manufacturing and internal knowledge systems. It argued that this broader use is creating a new execution layer in the enterprise, shaped by autonomy, orchestration logic, shared context and machine-led decision-making.

Moshe Bar, Chief Executive Officer and Co-Founder of Codenotary, said the company's data reflects that shift.

"Organisations are rapidly moving from isolated AI experiments to highly interconnected AI ecosystems operating across infrastructure, business systems, APIs, applications, and operational workflows. What we are observing at scale is that AI runtime behavior itself has become a new operational and security layer that enterprises must continuously monitor, govern, and enforce," said Bar.

Enterprise shift

The announcement comes as companies across industries try to build governance around AI systems that are no longer limited to generating text or answering employee queries. Agentic systems are increasingly used to interact with business software, make chained decisions and complete tasks across several applications, raising the stakes if those systems act outside policy or mishandle sensitive information.

Codenotary positions AgentMon as a runtime observability tool for AI agents, autonomous workflows and related infrastructure. The platform continuously monitors how those systems interact with enterprise tools and data, identifying anomalous, unsafe or policy-violating behaviour in real time.

The company is part of a growing group of suppliers trying to address AI governance at the point of execution rather than only during model development. That focus includes monitoring how agents use context, which tools they invoke, what data they access and whether their actions align with internal rules.

Bar said companies making progress with AI are not necessarily the ones slowing roll-outs.

"Runtime governance for AI systems is quickly becoming foundational enterprise infrastructure. The organizations succeeding with AI adoption are not the ones slowing deployment. They are the ones building visibility, telemetry correlation, policy enforcement, and operational governance directly into their AI runtime environments," said Bar.