HiddenLayer in the News
See how our research, leadership, and innovations are shaping the global conversation on AI security.
min read
HiddenLayer Releases the 2026 AI Threat Landscape Report, Spotlighting the Rise of Agentic AI and the Expanding Attack Surface of Autonomous Systems
HiddenLayer secures agentic, generative, and predictAutonomous agents now account for more than 1 in 8 reported AI breaches as enterprises move from experimentation to production.
March 18, 2026 – Austin, TX – HiddenLayer, the leading AI security company protecting enterprises from adversarial machine learning and emerging AI-driven threats, today released its 2026 AI Threat Landscape Report, a comprehensive analysis of the most pressing risks facing organizations as AI systems evolve from assistive tools to autonomous agents capable of independent action.
Based on a survey of 250 IT and security leaders, the report reveals a growing tension at the heart of enterprise AI adoption: organizations are embedding AI deeper into critical operations while simultaneously expanding their exposure to entirely new attack surfaces.
While agentic AI remains in the early stages of enterprise deployment, the risks are already materializing. One in eight reported AI breaches is now linked to agentic systems, signaling that security frameworks and governance controls are struggling to keep pace with AI’s rapid evolution. As these systems gain the ability to browse the web, execute code, access tools, and carry out multi-step workflows, their autonomy introduces new vectors for exploitation and real-world system compromise.
“Agentic AI has evolved faster in the past 12 months than most enterprise security programs have in the past five years,” said Chris Sestito, CEO and Co-founder of HiddenLayer. “It’s also what makes them risky. The more authority you give these systems, the more reach they have, and the more damage they can cause if compromised. Security has to evolve without limiting the very autonomy that makes these systems valuable.”
Other findings in the report include:
AI Supply Chain Exposure Is Widening
- Malware hidden in public model and code repositories emerged as the most cited source of AI-related breaches (35%).
- Yet 93% of respondents continue to rely on open repositories for innovation, revealing a trade-off between speed and security.
Visibility and Transparency Gaps Persist
- Over a third (31%) of organizations do not know whether they experienced an AI security breach in the past 12 months.
- Although 85% support mandatory breach disclosure, more than half (53%) admit they have withheld breach reporting due to fear of backlash, underscoring a widening hypocrisy between transparency advocacy and real-world behavior.
Shadow AI Is Accelerating Across Enterprises
- Over 3 in 4 (76%) of organizations now cite shadow AI as a definite or probable problem, up from 61% in 2025, a 15-point year-over-year increase and one of the largest shifts in the dataset.
- Yet only one-third (34%) of organizations partner externally for AI threat detection, indicating that awareness is accelerating faster than governance and detection mechanisms.
Ownership and Investment Remain Misaligned
- While many organizations recognize AI security risks, internal responsibility remains unclear with 73% reporting internal conflict over ownership of AI security controls.
- Additionally, while 91% of organizations added AI security budgets for 2025, more than 40% allocated less than 10% of their budget on AI security.
“One of the clearest signals in this year’s research is how fast AI has evolved from simple chat interfaces to fully agentic systems capable of autonomous action,” said Marta Janus, Principal Security Researcher at HiddenLayer. “As soon as agents can browse the web, execute code, and trigger real-world workflows, prompt injection is no longer just a model flaw. It becomes an operational security risk with direct paths to system compromise. The rise of agentic AI fundamentally changes the threat model, and most enterprise controls were not designed for software that can think, decide, and act on its own.”
What’s New in AI: Key Trends Shaping the 2026 Threat Landscape
Over the past year, three major shifts have expanded both the power, and the risk, of enterprise AI deployments:
- Agentic AI systems moved rapidly from experimentation to production in 2025. These agents can browse the web, execute code, access files, and interact with other agents—transforming prompt injection, supply chain attacks, and misconfigurations into pathways for real-world system compromise.
- Reasoning and self-improving models have become mainstream, enabling AI systems to autonomously plan, reflect, and make complex decisions. While this improves accuracy and utility, it also increases the potential blast radius of compromise, as a single manipulated model can influence downstream systems at scale.
- Smaller, highly specialized “edge” AI models are increasingly deployed on devices, vehicles, and critical infrastructure, shifting AI execution away from centralized cloud controls. This decentralization introduces new security blind spots, particularly in regulated and safety-critical environments.
The report finds that security controls, authentication, and monitoring have not kept pace with this growth, leaving many organizations exposed by default.
HiddenLayer’s AI Security Platform secures AI systems across the full AI lifecycle with four integrated modules: AI Discovery, which identifies and inventories AI assets across environments to give security teams complete visibility into their AI footprint; AI Supply Chain Security, which evaluates the security and integrity of models and AI artifacts before deployment; AI Attack Simulation, which continuously tests AI systems for vulnerabilities and unsafe behaviors using adversarial techniques; and AI Runtime Security, which monitors models in production to detect and stop attacks in real time.
Access the full report here.
About HiddenLayer
ive AI applications across the entire AI lifecycle, from discovery and AI supply chain security to attack simulation and runtime protection. Backed by patented technology and industry-leading adversarial AI research, our platform is purpose-built to defend AI systems against evolving threats. HiddenLayer protects intellectual property, helps ensure regulatory compliance, and enables organizations to safely adopt and scale AI with confidence.
Contact
SutherlandGold for HiddenLayer
hiddenlayer@sutherlandgold.com
min read
HiddenLayer Launches the First Security Solution to Protect AI-Powered Products
AUSTIN, Texas, July 19, 2022 HiddenLayer, the developer of a unique security platform that safeguards the machine learning models enterprise organizations use behind their most important products, today emerged from stealth mode to launch its flagship product, purpose-built to detect and prevent cyberattacks that target machine-learning-powered systems. The HiddenLayer Platform’s primary product is the industry’s first and only Machine Learning Detection & Response (MLDR) solution that protects enterprises and their customers from this emerging attack vector.
Startup emerges from stealth mode after raising $6 million in seed funding led by Ten Eleven Ventures
AUSTIN, Texas, July 19, 2022 - HiddenLayer, the developer of a unique security platform that safeguards the machine learning models enterprise organizations use behind their most important products, today emerged from stealth mode to launch its flagship product, purpose-built to detect and prevent cyberattacks that target machine-learning-powered systems. The HiddenLayer Platform’s primary product is the industry’s first and only Machine Learning Detection & Response (MLDR) solution that protects enterprises and their customers from this emerging attack vector.
Organizations across virtually all industries are incorporating artificial intelligence (AI) technology into their hardware and software products that make machine learning (ML) inputs and outputs available to their customers, and bad actors have taken notice. Gartner predicts that 30 percent of all AI cyberattacks in 2022 will leverage training-data poisoning, model theft, or adversarial samples to attack machine learning-powered systems.
When ML inputs and decisions are publicly exposed, attackers can reverse-engineer the IP to steal trade secrets and tamper with production systems. These state-of-the-art attacks can destroy multi-million dollar investments, delay product releases, and leave victim organizations legally and financially liable.
According to HiddenLayer (founders Chris “Tito” Sestito, Tanner Burns, and James Ballard) companies unknowingly create vulnerabilities in their ML models for which there are no known commercially-available security controls. It’s a lesson they learned first-hand while working together at Cylance, an endpoint security software developer that pioneered the application of machine learning in anti-virus.
“We led the relief effort after our machine learning model was attacked directly through our product, and realized this would be an enormous problem for any organization deploying ML models in their products,” said Chris Sestito, CEO of HiddenLayer. “We decided to found HiddenLayer to both educate enterprises about this significant threat and help them defend against it.”
HiddenLayer’s MLDR solution uses a patent-pending ML-based approach to analyze billions of model interactions per minute to identify malicious activity without any access to or prior knowledge of the user’s ML model(s) or sensitive training data. It detects and responds to attacks against ML models to protect intellectual property and trade secrets from theft or tampering and ensure users are not exposed to attacks.
HiddenLayer’s MLDR is a non-invasive and easy-to-use security solution that does not require access to raw data or algorithms. It identifies patterns in ML model traffic through contextless vectorized data points to provide comprehensive defense from adversarial attacks targeting the deployed ML model in production.
HiddenLayer is using the MITRE ATLAS framework to structure their platform to align with the industry’s leading authority on adversarial threats targeting artificial-intelligence systems. “AI assurance and security is critical for consequential uses of AI and broader adoption,” said Christina Liaghati, a leading team member of MITRE ATLAS. “Collaboration between the government, academia, and industry will lead to a healthy ecosystem and unique perspectives to address these crucial challenges.”
“Machine learning algorithms are rapidly becoming a vital and differentiating aspect of more and more of the technology products we depend on every day. As dedicated cybersecurity investors, we know that protecting the algorithms at the very center of a company’s competitive advantage will become an essential part of a company’s cyber defenses - these algorithms will become the new “crown jewels.” Tito, Jim, and Tanner have the unique experience and skill set to solve this growing problem, making HiddenLayer the company best positioned to lead this important new category of security,” said Todd Weber of Ten Eleven Ventures.
To learn more and request a demonstration of the solution, visit HiddenLayer’s website and follow the company on LinkedIn or Twitter.
About HiddenLayer
HiddenLayer helps enterprises safeguard the machine learning models behind their most important products with a comprehensive security platform. Only HiddenLayer offers turnkey AI/ML security that does not add unnecessary complexity to models and does not require access to raw data and algorithms. Founded in March of 2022 by experienced security and ML professionals, HiddenLayer is based in Austin, Texas, and is backed by cybersecurity investment specialist firm Ten Eleven Ventures. For more information, visit www.hiddenlayer.com and follow us on LinkedIn or Twitter.
Let’s Secure AI Together
Join HiddenLayer in shaping the standards, defenses, and future of AI security. Whether you’re a researcher, partner, or enterprise innovator, we’re stronger together.