TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources СLOUD SECURITY APPLICATION SECURITY THREAT INTELLIGENCE CYBERSECURITY OPERATIONS NEWS AI Agents 'Swarm,' Security Complexity Follows Suit As AI deployments scale and start to include packs of agents autonomously working in concert, organizations face a naturally amplified attack surface. Alexander Culafi,Senior News Writer, Dark Reading February 13, 2026 4 Min Read SOURCE: MAXIMUM FILM VIA ALAMY STOCK PHOTO The maturing AI landscape increases the likelihood that multiple models, and agents, will need to work alongside each other. And this type of "swarm" orchestration introduces a host of additional security concerns that need to be addressed to ensure the integrity of an organization's security. AI agents have become an increasing force in LLM-powered deployments in the workplace. Autonomous AI agents, which are sold under the premise that they can work in a mostly self-directed fashion and make "decisions" about what to use next, are used in data analysis, build process automation, software development (to create and manage code), and more. As businesses make the decision to lean more into this technology, it becomes increasingly likely that multiple agents used for different processes will come into contact with each other. This becomes an even greater concern as open-source self-hosted agents like OpenClaw (aka MoltBot) hit the scene — a concern which has come to somewhat humorous fruition in the form of quasi-social-media platform Moltbook. This has led to the rise of orchestration products such as GitHub's Agent HQ for software development, which includes features like code review and a single command center to manage multiple agents simultaneously. Countless other vendors such as Zapier and IBM offer orchestration tools for various swarm use cases as well. Related:TeamPCP Turns Cloud Infrastructure Into Crime Bots Roey Eliyahu, CEO and co-founder of Salt Security, tells Dark Reading that while agent orchestration can enable agents to work on parallel tasks simultaneously and specialize, the practice introduces multiple security risks, such as credential sprawl, over-privileged access to tools, and more integrations that may be connected to sensitive data. "Multi-agent orchestration is powerful because it parallelizes work, but it also parallelizes risk," he says. "The security job is to keep every agent narrowly scoped, heavily audited, and blocked from high-impact actions without explicit approval." Multiple Agents Means Multiplied Security Risks It almost goes without saying, but if having one agent in one's environment introduces security risks, multiple agents enhance said risk when data security is not put front and center. That's because, while AI agents aren't human employees, they still need the privilege and access of humans, including tokens and credentials for servers or other tools. That also means, potentially, high-level permissions. LLMs can still be manipulated via prompt injection (even agents), so every integration with some instance or product is another opportunity to divulge sensitive data. Related:'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption Agents can also make a large number of outputs in a short period of time depending on the task. If not properly audited, Eliyahu explains, that can mean secrets get exposed in outputs or logs, or at the very least, there are more opportunities to make mistakes (which LLMs are prone to when left to their own devices). And if software developers are trying to "swarm code" (i.e., using a fleet of agents to code, debug, and test at the same time), it's easy to see how those risks can compound. Ram Varadarajan, CEO at security vendor Acalvio, says that while there are many benefits to properly applied multi-agent architectures, "they unfortunately also expand the attack surface, creating a 'trust cascade' where compromising a single node can lead to incredibly high success rates in poisoning the entire pipeline." How to Multi-Agent Securely As is so often the case in AI, the most secure deployments require making sure that proper data-security hygiene and access-management policies are in place. That means taking a complete inventory of your agents and orchestration tools, as well as the integrations, permissions, and data those agents have access to. It also means making sure agents have the least privilege and access to sensitive data they can possibly have while still being able to do the work. Related:8-Minute Access: AI Accelerates Breach of AWS Environment Salt Security's Eliyahu recommends using short-lived credentials, no shared tokens, default denial of applications with explicit allow-lists separated by identity, and segmenting agents into isolated execution environments. A human should also remain in the loop for high-risk actions. Collin Chapleau, senior director of security and AI strategy as well as field CISO at Darktrace, explains that visibility is front and center. "The foundation of securing agentic LLM systems is visibility: knowing what each agent is doing and detecting when it drifts from its intended purpose. This includes logging and evaluating the risk of prompts across all agents, understanding each agent's access and privilege boundaries, and monitoring for unusual or emergent behaviors," Chapleau says. "Comprehensive oversight ensures that misalignment or unexpected interactions among agents can be identified and mitigated early." Rich Mogull, chief analyst at not-for-profit cloud security education organization the Cloud Security Alliance, says the presence of parallel agents does not inherently introduce new security risks, and can actually reduce risk through the use of security-focused agents and specialized frameworks integrated with secrets management. But, Mogull advises organizations to "standardize on one framework or platform to start and make sure it’s enterprise capable." OpenClaw, he says, just isn't there yet. "Don’t try and build [an AI agent] yourself." About the Author Alexander Culafi Senior News Writer, Dark Reading Alex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere. In his spare time, Alex hosts the weekly Nintendo podcast Talk Nintendo Podcast and works on personal writing projects, including two previously self-published science fiction novels. More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Ransomware and the Supply Chain: A Fireside Chat with the CISOs Who Literally Wrote the Book on Third-Party Risk The Hidden AI Attack Surface: How GenAI Tools Expand Data Exposure Risk Beyond the Model: The Expanded Attack Surface of AI Agents AI-Powered Threat Hunting: Staying Ahead of Evolving Attack Patterns AI-Powered Cloud Security Posture Management More Webinars You May Also Like СLOUD SECURITY Fake AI Chrome Extensions Steal 900K Users' Data by Alexander Culafi JAN 08, 2026 СLOUD SECURITY Critical 'MongoBleed' Bug Under Attack, Patch Now by Jai Vijayan, Contributing Writer JAN 05, 2026 СLOUD SECURITY Google Gemini Flaw Turns Calendar Invites Into Attack Vector by Elizabeth Montalbano, Contributing Writer JAN 20, 2026 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Editor's Choice THREAT INTELLIGENCE EnCase Driver Weaponized as EDR Killers Persist byRob Wright FEB 5, 2026 5 MIN READ CYBERSECURITY OPERATIONS Extra Extra! Announcing DR Global Latin America byTara Seals FEB 4, 2026 2 MIN READ CYBER RISK TransUnion's Real Networks Deal Focuses on Robocall Blocking byJeffrey Schwartz FEB 9, 2026 2 MIN READ Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Ransomware and the Supply Chain: A Fireside Chat with the CISOs Who Literally Wrote the Book on Third-Party Risk THURS, FEB 19, 2026 AT1PM EST The Hidden AI Attack Surface: How GenAI Tools Expand Data Exposure Risk ON-DEMAND WEBINAR Beyond the Model: The Expanded Attack Surface of AI Agents THURS, FEB 26, 2026 AT 1PM EST AI-Powered Threat Hunting: Staying Ahead of Evolving Attack Patterns THURS, FEB 12, 2026 AT 11AM ET AI-Powered Cloud Security Posture Management WED, FEB 18,2026 AT 1:00PM EST More Webinars White Papers The Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks. Assessing Security Architectures: Zero Trust vs. Network-Centric Models 5 Steps to Stop Ransomware With Zero Trust 10 Ways a Zero Trust Architecture Protects Against Ransomware Why Removing Admin Rights Is the Key to Better Cyber Insurance Rates eBook Explore More White Papers GISEC GLOBAL 2026 GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills. 📌 BOOK YOUR SPACE Discover More Black Hat Omdia Working With Us About Us Advertise Reprints Join Us NEWSLETTER SIGN-UP Follow Us Copyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers