The Press Weighs in on Oso and Cyera's Permissions Research

A recent study by Oso and Cyera revealed that 96% of enterprise application permissions granted to employees remain unused, highlighting a significant operational risk as AI agents gain prominence in managing these permissions. Unlike human workers, who often overlook or ignore these permissions, AI agents utilize them to their full extent, potentially causing security vulnerabilities. This issue, which has persisted under layers of accumulated roles, is now receiving attention due to the rapid adoption of AI technologies. Various media outlets such as InfoWorld, Puck News, and Techstrong TV have covered this study, emphasizing the need for improved identity and authentication tools to address the dormant attack surfaces created by unused permissions. Oso CEO Graham Neray discussed with Alan Shimel on Techstrong TV how the authorization, traditionally a low-priority area, is becoming a focus for executives aiming to safely deploy AI agents. The primary concern is not malicious agents but well-intentioned ones inadvertently accessing systems beyond their intended scope due to unchecked permissions.