Why IDC Believes the Next Billion Users Aren't Human (And How to Secure Them)

What is the future of enterprise users according to IDC?

According to a newly published IDC Spotlight report, From Browsers as a Risk to Browsers as Security Control Planes, the next billion users in the enterprise will not be human—they will be AI agents.

The enterprise browser has evolved from a simple productivity tool into the de facto operating system of the modern workplace, hosting over 85% of enterprise workflows. As organizations aggressively integrate "agentic AI"—AI that can independently initiate actions and navigate web UIs without human input—the very definitions of "user" and "access" are fundamentally changing. This dynamic demands a radical re-examination of how we secure both human and non-human identities operating at machine speed.
‍

Why are AI agents considered the new insider threat?

While the agentic model promises unprecedented automation and scalability, it introduces severe new risks, including identity sprawl, privilege escalation, prompt injection attacks, and data exfiltration.

These AI agents operate at incredible speeds, and many currently lack adequate monitoring or audit trails, which significantly complicates incident response and compliance. Because they can act autonomously and mimic human workflows, highly productive agents operating without strict governance and observability can rapidly become the ultimate insider threat.
‍

Why is the shift from endpoint-centric to session-centric security necessary?

Traditional security architectures—such as firewalls, proxies, and Endpoint Detection and Response (EDR)—were designed for a perimeter-centric world and are fundamentally unequipped to handle high-speed AI interactions. They protect the physical device but lack visibility into the live browser session.

To secure a workforce composed of both humans and AI agents, organizations must transition from an endpoint-centric model to a session-centric security model. In a session-centric framework, the browser session itself becomes the primary locus for risk assessment, policy enforcement, and auditability. This allows security teams to identify risky behaviors and enforce dynamic policies at runtime, regardless of whether the activity originates from a human or an automated agent.

How does the Menlo Browser Security Platform secure AI agents?

The Menlo Browser Security Platform (BSP), powered by the Menlo Agent Runtime Security (MARS) engine, is specifically engineered to provide session-based protection for both human users and AI agents.

By recognizing the browser as the primary execution layer for enterprise workflows, the Menlo platform addresses the two critical challenges of the agentic enterprise:

1. Solving Data Starvation: MARS acts as a secure bridge, giving AI agents policy-governed access to trapped enterprise applications and data without exposing sensitive information or breaching compliance boundaries.
2. Stopping Insider Threats: The platform enforces strict governance, observability, and Data Loss Prevention (DLP) controls over all human- and agent-initiated browser activity. Every agent transaction is governed, logged, and fully auditable.

By processing all web and file content within a secure runtime environment, Menlo eliminates embedded threats, applies data detection and response controls before and after AI processing, and ensures that organizations can innovate safely.
‍

Read the Full IDC Spotlight Report

The front door to the enterprise is no longer the network—it’s the browser. To learn more about the shift to session-centric security and how to safely govern your human and silicon workforce, download the full IDC Spotlight report today.

--------------------------------------------------------------------------------

Why do traditional security controls fail to govern AI agents? 

Traditional enterprise security controls were built around human behavior, relying on user training, visual warnings, and human-centric controls like Multi-Factor Authentication (MFA). AI agents fundamentally break these assumptions because they operate autonomously at machine speed and execute instructions without human judgment or hesitation. To secure these non-human identities, organizations must adopt a session-centric policy framework that governs agent access and actions directly at the browser layer.

Why are AI agents considered the new insider threat? 

Autonomous AI agents operate at machine speed and scale without human guardrails, which introduces severe risks like identity sprawl, privilege escalation, prompt injection attacks, and data exfiltration. Without proper observability, monitoring, and audit trails, these highly productive agents can quickly become high-risk internal vulnerabilities.

Why must organizations shift from endpoint-centric to session-centric security? 

Traditional endpoint-centric tools (like EDR and Antivirus) protect the physical device, but they lack visibility into the live browser session where high-speed AI interactions actually happen. A session-centric model makes the browser session itself the primary control plane for risk assessment, allowing security teams to dynamically enforce policies (like copy/upload restrictions) for both human and agent users at runtime.

How does the Menlo Browser Security Platform secure AI agents? 

The platform utilizes the Menlo Agent Runtime Security (MARS) engine to provide a secure browser runtime environment that protects both human and agent workflows. It applies Data Loss Prevention (DLP) and data detection and response controls both before and after AI processing to enforce data policies and prevent leakage. This ensures that every agent transaction is fully governed, logged, and auditable without breaking compliance.

--------------------------------------------------------------------------------

‍Secure your enterprise workflows with Menlo Security. Schedule a demo here.