Back to Blog

Every Engineer Has an AI Agent. Nobody Can See What It's Doing

15 June 2026
10
 words
8
 min
Written by
Nir Segal

Every Engineer Has an AI Agent. Nobody Can See What It's Doing.

The model compliance API tells you what the agent decided. You need that. What it doesn't tell you is what happened on the endpoint, the network, or in the cloud. That's the gap.

Agentic AI adoption is already a SecOps problem - and fundamentally, the model isn't the biggest problem.

Vega recently met with a Fortune 100 company rolling out an AI coding agent to their entire engineering organization. The goal was to let every engineer use agents to write code, execute shell commands, and hit production APIs.

Their security team had zero visibility into what the agent was doing. No logs. No trail. No way to know what it touched, what it triggered, or what changes were made. This is the agentic AI security gap. It exists at almost every enterprise deploying AI today. Most organizations do not know it is there.

They needed it fixed in days. We got them there.

What agentic AI adoption actually looks like from a security perspective

When a developer runs an AI coding agent, they are not just writing a prompt. The agent is doing all of this at once:

  • Executing shell commands on the developer's machine
  • Reading and writing files
  • Making API calls to internal and external services
  • Spawning subprocesses
  • Taking multi-step actions across sessions

Each of those actions is an event with security implications. Today, these actions are not logged, correlated, or assessed for risk in any coordinated way. This is a target-rich environment for any attacker who can compromise a developer's system or their agent. Without sufficient detection coverage, that compromise is either invisible or detectable in hindsight. Neither is acceptable.

This is also where the Post-SIEM argument becomes concrete. Legacy SIEM architectures were built for human-speed, human-volume event streams. Agentic workflows generate a fundamentally different category of telemetry: higher volume, non-deterministic sequences, and multi-surface correlation requirements that break every assumption baked into the Legacy SIEM data model.

This is not an AI governance problem

The first instinct for many security teams is to reach for AI governance tooling. Model observability platforms, AI audit logs, LLM-specific monitoring. Some teams go straight to the source - the compliance and audit APIs the model provider exposes. Claude has one. OpenAI has one. They tell you what the model did: what prompt came in, what response went out, what tools it called.

That is one really valuable signal. It is not security coverage.

When an agent executes a shell command, that is an endpoint event - and the model API does not see it. When it makes an outbound API call, that is a network event - not in the model logs. When it tunnels through a corporate proxy, that is a VPN event. When it invokes a cloud service, that is cloud infrastructure telemetry. The model compliance API tells you the agent decided to act. It does not tell you what happened next, on the endpoint, on the network, in the cloud, or inside your SIEM.

The telemetry surface spans model behavior, endpoint, network, cloud workload, and secure access simultaneously. No model provider API - and no AI governance product built on top of one - owns that surface.

These are security data sources living in your EDR, your NDR, your CNAPP, your data lakes, your legacy SIEM, your cloud object storage. Solving this requires a security analytics layer that federates across all of them at once and reasons across them in real time. That is a fundamentally different architecture than anything the model provider ships. It is a SIEM-class problem. And Legacy SIEM cannot solve it either.

What Vega's Security Analytics Mesh does here

Vega's Security Analytics Mesh (SAM) enables federated, in-place analytics across the full telemetry stack without ingestion, migration, or a pipeline rebuild. The data never moves. The queries go to where the data lives.

For agentic AI security coverage, SAM federates across:

  • Model compliance and audit APIs from the frontier AI provider
  • Endpoint security data from EDRs on developer machines
  • Network security data from NDR, VPN, and SSE platforms
  • Cloud security data from CNAPP and cloud AI infrastructure
  • Legacy SIEM data already in place

SAM's federated normalization layer means those sources do not need to be homogenized or centralized before you query them. You get a unified investigation surface showing what the agent did, what the endpoint recorded, what the network saw, and what cloud workloads registered. All in one view. Without touching the underlying data stores.

That architecture runs three layers against the agentic telemetry surface:

Analytics. Detection. Triage. All three, against a telemetry surface no Legacy SIEM reaches.

What this looks like in practice

With the Fortune 100 company mentioned above, Vega deployed SAM across their agentic AI stack within days. No rip-and-replace. No data migration. The existing Legacy SIEM stayed in place as one of many federated sources.

Before Vega, the security team had no detection coverage for agent activity. After deployment, they instantly unlocked the ability to enable correlated detections running across model telemetry, endpoint, and network. They could see agent tool calls alongside the EDR events they triggered. They could investigate incidents across the full chain in a single query rather than pivoting between four disconnected tools.

This mirrors what Vega sees across enterprise deployments more broadly. Teams working with Vega have reported:

  • MTTR reduction from 25 minutes to 8 minutes on correlated detections
  • Approximately 35 percent reduction in false positive volume through federated context
  • 76 to 83 percent total cost reduction versus equivalent Legacy SIEM coverage at the same data volume
"Vega is the only thing that solves this."
-Security leadership, Fortune 100 company

That is not a positioning claim. It is what happens when you try to solve the agentic AI security problem with existing tools and they do not reach. Point products triage on ingested data. They cannot correlate across the telemetry surface that agentic workflows create. Legacy SIEM built for human-generated events cannot reason over agent-generated ones at this volume and velocity.

Why Legacy SIEM cannot keep up with agentic workloads

Every telemetry source in an agentic AI stack speaks a different language and may live in a different location. Add the new volume of agentic AI logs and you also face a storage economics problem. Without the ability to index data in cloud object storage, that volume causes even the most generous Legacy SIEM contract to become cost-prohibitive.

Without federation, you move data into a central store before you can query it. At the volume and velocity that agentic workflows generate, that is a losing race. The ingestion bill alone will push teams toward coverage tradeoffs they should not be making.

The second hard part: agentic workflows are non-deterministic. The agent decides what to do next. Traditional detection logic assumes a known sequence of events. When that sequence is generated at runtime by a model, the detection layer has to reason about intent across the full telemetry surface, not match on a static pattern. Legacy SIEM was not built for that. SAM's Agentic Triage layer was.

This is the core Post-SIEM argument made concrete. The telemetry surface has changed. The threat model has changed. The architecture has to change with it.

This gap exists at every enterprise deploying AI today

Every company rolling out AI coding agents right now has this coverage gap. Most of them do not know it yet. The question is not whether your agents are doing something unexpected. The question is whether you would know if they were.

Talk to the team that built this. Vega will walk through your agentic AI stack and show you exactly what the Security Analytics Mesh sees that your current tools do not.

Book a demo

Frequently asked questions

Is the Security Analytics Mesh a Legacy SIEM replacement or an augmentation?

SAM works as both. For teams replacing Legacy SIEMs, Vega's federated in-place analytics eliminates ingestion costs and the architectural bottlenecks that make replacement painful. For teams augmenting an existing Legacy SIEM, SAM extends visibility to data sources the SIEM cannot reach, including cloud AI infrastructure, frontier model telemetry, and cross-stack agentic workflows, without migration.

Why do AI governance tools not solve the agentic AI security problem?

AI governance tools see what the model did. They do not see what happened on the endpoint, network, or cloud infrastructure as a result. EDR, NDR, CNAPP, and VPN events are security data sources that no AI governance platform owns or federates. You need a security analytics layer that spans all of them. That is a Legacy SIEM-class problem, not a governance problem.

How does Vega's Security Analytics Mesh reduce SIEM cost for agentic AI workloads?

Traditional Legacy SIEMs charge by ingestion volume. SAM federates in place: data never moves, so you do not pay ingestion fees on agentic AI log volume. At the scale agentic workflows generate, that difference is significant. Enterprises at 5TB per day have reported 76 to 83 percent total cost reduction. SAM was built for exactly this economics problem.

What telemetry does SAM federate for agentic AI security coverage?

SAM federates events from the model's own compliance and audit APIs, endpoint security products (EDR), network security platforms (NDR, VPN, SSE), cloud security platforms (CNAPP), and cloud AI infrastructure. All simultaneously, in place, without moving the data.

What makes agentic AI security different from traditional security analytics?

Agentic workflows are non-deterministic. The agent decides what to do next at runtime. Traditional detection logic assumes a known sequence of events. When the sequence is generated by a model, you need a detection layer that reasons about intent across the full telemetry surface, not just pattern-matches on known sequences. That is what SAM's Agentic Triage layer was built for.

How is this different from the Post-SIEM Era Vega describes elsewhere?

Agentic AI security is one of the clearest reasons the Post-SIEM transition is accelerating. Legacy SIEM was designed for human-generated event streams. Agentic AI generates a fundamentally different telemetry category: higher volume, non-deterministic sequences, multi-surface correlation requirements. Every enterprise deploying AI coding agents is discovering this gap in real time. SAM is the first platform built to close it.

Text Link

Related blog posts

Detection-ready in minutes: How Vega AI automates your data onboarding pipeline

Vega's AI onboarding pipeline turns weeks of manual parser writing and field mapping into under an hour of fully automated, detection-ready data - a breakthrough that makes every new connector instantly usable, consistently normalized, and ready to power reliable detections from day one.

27 May 2026
6
 min
Or

Vega + Cyera: Bringing Data Sensitivity Into Every Detection and Investigation

Vega's integration with Cyera brings real-time data sensitivity and identity context into every detection and investigation. SOC teams can prioritize alerts tied to sensitive data and high-risk identities, without duplicating data or pivoting between tools. The result: faster investigations and decisions grounded in real risk.

25 May 2026
5
 min
Noa Farbman

Federated search meets the context layer: Organizational Context and Dynamic Lookup Tables

Vega's Organizational Context makes identity, asset, cloud, and business metadata queryable alongside telemetry in a single KQL flow. Dynamic Lookup Tables let teams define that logic once and reuse it across detections, dashboards, and AI workflows without recomputing it every time.

18 May 2026
8
 min
Maya Raz
What can SAM do for you
Find out
What can SAM do for you
Find out
What can SAM do for you
Find out
What can SAM do for you
Find out
What can SAM do for you
AI in SOC
security analytics mesh
federated analytics
SIEM replacement
agentic AI security
Legacy SIEM
agentic triage
agentic detection

Cookie Preferences

Necessary Cookies

These cookies are essential for the website to function properly and cannot be disabled.

Functional Cookies

These cookies enable enhanced functionality and personalization, such as videos and live chat.

Performance & Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting anonymous information.

Marketing Cookies

These cookies are used to track the effectiveness of our marketing campaigns.

Save and accept
Reject All

We value your privacy

We use cookies to enhance your browsing experience, serve personalised ads or content, and analyse our traffic. By clicking "Accept All", you consent to our use of cookies.

Accept all
Reject all
Customise