Groowe Groowe BETA / Newsroom
⏱ News is delayed by 15 minutes. Sign in for real-time access. Sign in

The Invisible Enterprise AI Jungle: Nokod Survey Finds Security Teams Only See 44% of Apps, Agents, and Automations Built By Business Users

prnewswire.com
MSFT Microsoft Copilot Studio is mentioned as one of the enterprise AI tools sparking a 'shadow engineering' revolution, leading to security gaps due to business users building applications outside traditional IT oversight. The article highlights the challenge of visibility and governance with these tools. PATH UiPath is identified as an enterprise AI tool enabling business users to build applications, which contributes to the 'shadow engineering' phenomenon. The article emphasizes the resulting security risks and lack of visibility for IT teams.

A new survey of 200 enterprise CISOs reveals a massive governance gap - while 90% of enterprises are working to standardize AI tool security, 80% of teams lack full visibility into the agents powering their core business.

BOULDER, Colo., April 27, 2026 /PRNewswire/ -- Nokod, the cybersecurity platform securing AI apps built by business users, today released its 2026 State of Security in Business-Built Applications and AI Agents Survey. The report serves as a stark reality check for C-suite executives on what is being automated and built by citizen developers and business users within their organizations. It reveals that Enterprise AI tools, including Microsoft Copilot Studio, ServiceNow, Power Automate, and UiPath, have sparked a "shadow engineering" revolution where business users now outnumber professional developers by as much as 10:1, leaving security teams blind to the majority of AI agents and automations running critical infrastructure.

Organizations are facing a growing risk from citizen developers and business users creating their own applications and AI tools using business automation and AI platforms. While these platforms boost productivity and innovation, they also expand attack surfaces, creating significant security gaps that many enterprises either don't even know exist or are struggling to close.

The data confirms that the "Enterprise AI Jungle" is no longer a metaphor, but a structural reality. As business users leverage AI to build autonomous agents and complex workflows, they are bypassing traditional AppSec controls. Currently, 80% of security teams admit they lack full visibility into these assets, with most organizations only able to track 44% of the AI tools currently handling sensitive company and user data.

As business users take on a greater role in building tools that support critical business workflows, security teams are struggling to keep pace with the growing number of applications and AI agents being created outside traditional development processes.

Key findings: The Scale of the Invisible Jungle

"Security teams are losing a race they don't even realize they are running. Entire layers of enterprise logic are emerging outside traditional oversight, creating a jungle of untracked risks," said Yair Finzi, CEO and Co-Founder of Nokod. "Our survey highlights that these enterprise AI tools are now supporting the most critical workflows in the company, often with zero governance. Nokod provides the map and guide, enabling security teams to automatically remediate vulnerabilities like data leakage and prompt injection while allowing employees to innovate at full speed. Organizations need a way to manage this new layer of software while still enabling employees to build, streamline, and innovate. Nokod enables security teams to monitor how business-built applications and AI agents interact with enterprise data, identify vulnerabilities, and automatically remediates risks while allowing employees to continue building and innovating with confidence."

The survey results underscore the need for security solutions like Nokod is more urgent than ever, as business users increasingly build applications that are integral to business operations. By providing a platform that ensures full visibility, governance, and risk detection for business-built tools, Nokod helps organizations safeguard their digital transformation efforts.

Visit here to read the full report detailing the survey results.

About Nokod

Nokod is the leading application security platform dedicated to securing the growing jungle of AI apps and automations built by business users. The company provides complete visibility, risk detection, and automated remediation to secure this often overlooked attack surface. By proactively detecting and remediating hidden threats while enforcing continuous, automated guardrails, Nokod enables organizations to govern their digital transformation safely without slowing down productivity.

Trusted by Fortune 500 companies, Nokod turns hidden risks into secure, governed innovation. For more information, visit www.nokodsecurity.com

Press Contact

Mike Katznelson

Headline Media

[email protected]

+1 914 233 5302

SOURCE Nokod