
Shadow Agents: When Your AI Workforce Has No Boss
From Cyberside Chats: Cybersecurity Insights from the Experts by Chatcyberside
May 26, 2026 · 29 min · Episode 74
About this episode
This episode discusses the risks associated with shadow AI agents in organizations and provides actionable security strategies.
Your organization is already running an AI workforce and almost nobody knows who they report to, what they can touch, or how to shut them down. In this episode, Sherri Davidoff and Matt Durrin break down the shadow AI agent problem: what makes an agent a "shadow" agent, how real breaches are already happening because of them, and what security leaders can do about it this week. Using three case studies: Anthropic's Claude Dispatch as a canonical product example, the April 2026 Vercel breach (the cleanest illustration yet of the OAuth supply chain attack model), and Meta's internal Sev-1 incident (when the agent itself is the failure mode). Sherri and Matt walk through the four layers where shadow agents accumulate risk and close with five concrete, actionable takeaways for security teams at any size. Key takeaways 1. Start with discovery, not policy. You can't govern what you can't see. The right question to ask your team isn't "are you using unauthorized AI tools?" — it's "what AI tools are you using to do your job?" Check OAuth grants in Google Workspace and Microsoft Entra, and look at expense reports. The real number of agents in your environment is typically two to five…
People in this episode
Guests: Sherri Davidoff, Matt Durrin
Topics covered
- shadow AI agents
- cybersecurity
- OAuth supply chain attack
- AI workforce management
- security best practices
Keywords
- shadow agents
- AI workforce
- cyber breaches
- OAuth scopes
- security teams
Mentioned in this episode
Organizations: Vercel, Meta
Products: Anthropic's Claude Dispatch
More episodes of Cyberside Chats: Cybersecurity Insights from the Experts
- Damaged Goods: When your new hire is already compromised · June 9, 2026 · 15 min
- The CRM Goldmine: Inside the Salesforce Breach Wave · June 2, 2026 · 17 min
- Better Than Google, Still Risky: The OpenEvidence Story · May 19, 2026 · 15 min
- Finals Week Fallout: The Canvas Hack That Shook Education · May 12, 2026 · 11 min
- 9 Seconds to Zero: Misbehaving AI · May 5, 2026 · 17 min
- Security Debt: The Risk Nobody is Reporting · April 28, 2026 · 29 min
Explore listener stats, chart rankings, contacts and more on the Cyberside Chats: Cybersecurity Insights from the Experts podcast page.