Token Security used the week to sharpen its positioning as a specialist in identity-centric cybersecurity, with a particular focus on AI agents and non-human identities. The company repeatedly framed recent incidents at Vercel and McKinsey as OAuth token and access path compromises, arguing they have been miscast as generic “AI hacks.”
Claim 55% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
By emphasizing compromised non-human identities, Token Security underscored that machine and service accounts can carry broad, persistent access to corporate systems. This messaging suggests that mislabeling such events as AI failures may obscure core identity and access management weaknesses inside enterprises.
The firm also highlighted joint survey research with the Cloud Security Alliance covering 418 IT and security professionals. According to the findings, 65% of organizations experienced an AI agent-related security incident in the past year, and 61% reported data exposure or mishandling of sensitive information.
Token Security noted that only a small minority of respondents maintain real-time monitoring or formal decommissioning processes for AI agents. It warned that these agents, which span SaaS platforms, LLM tools, and developer workflows, often accumulate privileged access faster than governance controls can keep up.
Across its communications, the company urged enterprises to treat AI agents as identities requiring full lifecycle governance. That includes discovery, ownership mapping, least-privilege enforcement, and continuous oversight rather than ad hoc, tool-centric controls that may leave hidden gaps.
To reinforce this theme and raise its profile, Token Security sponsored the SINET Silicon Valley cybersecurity event at the Computer History Museum. The sponsorship positioned the firm alongside CISOs and security leaders focused on securing “agentic AI” in enterprise environments.
Participation in SINET signals an effort to build brand recognition and influence emerging best practices around AI identity security. While such marketing investments can weigh on near-term costs, they may help Token Security shape buying criteria as organizations formalize AI security strategies.
Overall, the week’s activity suggests Token Security is concentrating on thought leadership and ecosystem engagement in AI agent and OAuth identity security. If enterprises continue to experience AI agent-related incidents and seek specialized controls, this focus could support the company’s long-term commercial prospects.