Only 1 in 10 Organizations Are Deploying AI Securely. DivisionHex Launches AI Threat Hunting to Close the Gap

CHICAGO — Coalfire, an industry-leading cybersecurity services and solutions company, today announced a new AI Threat Hunting capability from its DivisionHex practice. It’s designed to uncover hidden AI risks inside enterprise environments, including shadow AI, compromised AI agents, and a newly emerging threat category: agentic insider risk.

As organizations rapidly deploy generative and agentic AI tools across business workflows, security teams are struggling to maintain visibility into how these systems are being used, and misused. A recent survey from Richmond Advisory Group found that 63% of security teams have a primary mandate to use AI to reduce costs, yet 90% of surveyed organizations have faced an AI-driven incident in the last 18 months. Coalfire’s new service extends traditional threat hunting methodologies to actively search for signs that AI systems are introducing new attack paths or acting outside their intended permissions.

Neil Wyler, Vice President of Defensive Services for DivisionHex at Coalfire, said: “AI agents are quickly becoming highly privileged actors inside corporate environments. They can access sensitive data, perform automated tasks, and interact with core systems. If those agents are manipulated, compromised or misconfigured, they not only behave like a malicious insider, they become one – exfiltrating data or enabling further compromise without anyone realizing it.”

While many organizations are familiar with the risks of shadow AI, the industry is overlooking a deeper issue: trusted AI agents that can be influenced or exploited. Agentic AI systems can be vulnerable to several forms of manipulation, including:

• Prompt injection attacks
• Data poisoning
• Unauthorized credential usage
• Privilege escalation through automation
• External influence that alters AI behavior

In these scenarios, AI systems may unintentionally access sensitive information, perform unauthorized actions, or assist attackers already present in the environment.

DivisionHex’s elite team of hackers conduct deep investigative reviews across enterprise environments to uncover:

• Shadow AI usage introduced by employees without security oversight
• Unauthorized AI integrations using corporate credentials or sensitive data
• AI agents accessing data or systems beyond their intended scope
• Indicators that threat actors are leveraging AI systems to expand access or persistence
• Signs that AI models or agents have been manipulated or influenced

The approach provides security teams with both visibility and remediation guidance, helping organizations safely adopt AI without introducing unseen vulnerabilities.

Christina Richmond, Principal Analyst, Richmond Advisory Group said: “AI adoption in the workplace is moving faster than most organizations’ ability to monitor and govern it. Without visibility into how employees use generative and agentic AI tools, companies risk creating a new wave of shadow AI and potentially unknown identities. Adoption without governance and monitoring introduces unexpected operational costs. Employing proactive AI threat hunting ensures organizations can harness AI safely while avoiding the downstream risks that come from unmanaged use.”

Coalfire’s AI Threat Hunting capability is available immediately through the DivisionHex practice and can be delivered as a standalone engagement or integrated with broader security assessments.
 

Media Contact 

Corey Eldridge 
Force4 Technology Communications  
Corey@force4.co  

Coalfire
PR@coalfire.com