For nearly two decades, IT departments have tried to regain control of a phenomenon that has become familiar: Shadow IT. Behind this expression hid a simple reality. Employees adopted cloud tools, applications or services without prior validation from IT teams. Companies then discovered that a growing part of their digital infrastructure was slipping away from them.
History today seems to be repeating itself, with one difference: it is no longer applications that proliferate in the organization, but artificial intelligence agents.
The rapid growth of agentic platforms is gradually transforming the very nature of information systems. After conversational assistants, companies are now deploying agents capable of accessing databases, interacting with business software, launching automated processes or even making certain decisions autonomously. These systems no longer just answer questions, they act.
This development opens up new prospects for productivity, but it also reveals a growing gray area. In many organizations, no one is today able to precisely identify all the agents deployed, their access, their privileges or their actual behavior.
The phenomenon is reminiscent of the early days of cloud computing, as teams adopted new SaaS services, IT departments gradually lost visibility into their digital assets. This loss of control had given rise to an entire industry dedicated to inventorying, governing and securing cloud environments.
AI agents appear to be following a similar trajectory, but with added complexity. A SaaS application executes a relatively defined functional scope. An autonomous agent can modify its behavior depending on the context, use several tools, access different data sources and interact with other systems without direct human intervention.
The problem therefore no longer lies only in access to data, but in the ability to understand the decisions taken by these new digital players.
This change is already observable in the field. Artificial intelligence biotechnology company Owkin recently found that its internal inventories massively underestimated the presence of agents within its technology environment. During a pilot project, more than three times as many agents were identified than initially counted. The operation also detected several critical vulnerabilities, including command injection risks, credential leaks and potential exposures of confidential data. According to the company, the risks avoided represented an estimated exposure of $13 million.
These figures illustrate the emergence of a new challenge for businesses. As agents multiply, the question is no longer just which AI models to use, but how to supervise systems capable of acting autonomously inside critical infrastructure.
This problem could quickly become a governance issue as much as a cybersecurity one. European regulations, starting with the AI Act, already impose increasing requirements in terms of traceability, auditability and control of artificial intelligence systems. Companies will need to be able to demonstrate not only which tools they use, but also how they make decisions and interact with data.
For general management, the question now goes beyond the simple technological framework. Organizations that can deploy agents at scale while maintaining complete visibility into their actions could benefit from a major competitive advantage. Conversely, those who allow these new systems to proliferate without appropriate governance could discover, too late, the extent of the accumulated risks.
It is on this observation that Geordie AI intends to build its growth. The British startup is developing a platform dedicated to the inventory, security and governance of AI agents within companies. Its objective is to provide real-time visibility into existing agents, their access, their behaviors and associated risks, while allowing organizations to supervise their actions without slowing down deployments. To accelerate its development, strengthen its platform and expand its presence in the United States, Geordie AI has just raised $30 million in Series A from Balderton Capital, with the participation of Crosspoint Capital as well as its historic investors General Catalyst and Ten Eleven Ventures. This transaction brings the company’s total funding to $36.5 million.
