Solving Al Agent Sprawl: API Governance Across Multi Gateway Environments

As organizations accelerate adoption of AI agents, autonomous workflows powered by LLMs and MCP servers are rapidly proliferating across internal systems, partner networks, cloud environments, and API gateways.

The result? A sprawling, often invisible attack surface: shadow APIs, duplicate endpoints, context drift, unmanaged agent access, inconsistent policies, and risk of data exposure or compliance failures.

Our recent webinar with Salt Security, Solving AI Agent Sprawl: API Governance Across Multi-Gateway Environments, featuring Eric Schwake of Salt Security and Filipe Torqueto of Sensedia, explored this escalating challenge and provided a roadmap for scaling AI securely.

‍

Full webinar available to watch below.

‍

‍

The AI Agent Sprawl Problem Defined

The distributed nature of modern IT and the rapid deployment of AI tools lead to a sprawling, often invisible attack surface: shadow APIs, duplicate endpoints, inconsistent policies, and risk of data exposure or compliance failures. The security mantra for this environment must be: Secure APIs. Secure Agents..

Effective API security is not a single point of defense but a layered approach. This layered defense highlights that traditional perimeter security tools are insufficient for the sophisticated, behavioral attacks targeting API logic—the exact pathway utilized by AI agents.

API Governance for Multiple Environments

In the context of today, organizations require multi-vendor API management to deal with their internal and external services. In the AI era, it's essential to govern APIs so they can be better consumed by agents.

To deal with this, Sensedia offers its AI Gateway, a solution focused on exposing APIs optimally to MCP servers. Torqueto explains that the main point is a centralized governance mechanism focused on the overall quality of APIs' policies and MCP servers. This happens across any gateway, since Sensedia builds on top of existing gateways and extracts metadata, API documentation, and other information to help companies establish a governance posture. Whether on cloud, multi-cloud, or part on-premises, Sensedia can serve as the centralized cockpit for API governance.

"One thing we take very seriously in Sensedia is: we don’t want to be intrusive," Torqueto shares. "Our entire platform is cloud native, but we’re legacy friendly. So if a company uses a legacy platform or needs to add a layer of modernization on this, we can do both things without major disruptions or request the customer to move the entire platform to cloud."

This non-intrusive approach complements the offering of Salt Security, which is focused on security posture. "This non-intrusive approach is relevant for us, since we don’t want to be a bottleneck on the business’ process," Schwake adds.

Torqueto also mentions the flexible options: "The customer has the option of using our full API lifecycle or just a part of it, governance, for example. They don't need to use the entire bundle."

Adding this approach to AI Gateway capabilities and the MCP server provides a full vision of both the deterministic flow (the APIs themselves) and the nondeterministic flow (how the agents are communicating and what your MCP servers are exposing).

The Rise of AI 

The foundation of modern digital transformation rests on a trio of pervasive technologies that are reshaping how enterprises operate. Understanding their roles is key to securing their interactions:

• The AI Agent is the "new employee" , defined as software capable of acting on goals you set. It can reason, decide, remember, and interact with APIs to perform tasks, not just answer questions. Many organizations are deploying it, but it needs to be managed to mitigate the risks.
• The LLM (Large Language Model) acts as the "brain" , comprising AI models trained on huge text datasets to generate human-like language (e.g., ChatGPT, Claude). While an LLM alone primarily creates text, connecting it to tools or agents allows it to drive real actions.
• Bridging the Agent and the LLM is the MCP Server (Microservices Communication Platform), which functions as the "API broker". The MCP Server is crucial because it manages what the agent knows, the tools it uses, and its permissions. It provides the backend structure and context for agent behavior.

"Everything here, AI agents talking to the LLMs, this MCP server brokering the traffic, all of that at its foundational core level is API traffic," explains Schwake. "As organizations move to AI, it’s needed to think about how to control all of that and put the correct guardrails."

The AI Agent Deployment

The landscape of AI adoption is rapidly evolving, bringing both promise and significant scaling challenges.

• Around 85% of companies plan to use AI agents by the end of 2025.
• On the other hand, 18% of organizations are deploying more than 500 AI agents.

“The message here is about complexity,” begins Torqueto. “The picture changes when AI agents begin to multiply like APIs do nowadays. If you put in place the complexity of AI agents, it means more API traffic, which will be more MCP servers out there, more attack surface, and it’s very easy to lose control.”

This is where the AI Gateway becomes critical. When visibility is lost over which AI agents are consuming data and calling which APIs, governance is key. The AI Gateway is designed to control what API is being consumed by which agent, what LLM is being used (helping avoid prompt injection), and what the MCP server is doing. “The AI Gateway comes to streamline part of those answers, developing AI agents and agentic behavior at the enterprise level.”

Why Governance is The Key to Scalable AI

The rapid expansion of AI agents is colliding with the already complex environment of multi-gateway infrastructure, making unified governance non-negotiable for security and efficiency.

The Multi-Gateway Reality

The use of multiple API gateways is already a reality, driven by the need to serve different purposes like internal APIs, external APIs, and APIs for partners. Gartner forecasts that, by 2028, over 75% of organizations will be using two or more API gateways.

This fragmentation complicates governance, making it more expensive and challenging due to multiple vendors, teams, and locations. Compounding this challenge, the demand for APIs is surging due to AI: more than 30% of the increase in demand for APIs will come from AI and LLMs (Gartner).

The Challenge of Non-Human Interaction

APIs were traditionally built for human interaction, such as a mobile app calling an API. Now, the new challenge is the AI interaction—an agent calling an API—where it is not always known when the AI decisions will be made.

This complexity contributes significantly to development drag. Atlassian states that 50% of developers are burning more than 10 hours a week in inefficiencies. This friction, often due to searching for and managing APIs ("APIs huddle"), means developers are expending time on non-functional requirements, leading to companies losing money.

The AI Gateway Solution

With API governance and an AI Gateway, organizations can streamline this complex landscape.

• "Even if there is an advanced governance framework that is going to hit different vendors, it’s possible to use Sensedia as a unique API governance cockpit to see what’s going on inside this platform,” explains Torqueto.
• The AI Gateway helps streamline various aspects of AI adoption by visualizing your non-human API consumption.

Conquering API Sprawl

AI is going to be more aggressive in API consumption than ever. Effectively addressing API sprawl and the challenges introduced by AI agents requires a proactive and comprehensive governance strategy. This strategy must ensure security and control without stifling the speed of development teams.

To conquer API sprawl, organizations must focus on these six crucial pillars :

• Centralize policies and documentation across the organization while simultaneously maintaining team autonomy. This balance ensures consistent security standards are applied without becoming a bottleneck for development speed.
• Leverage AI to identify similar or duplicate APIs. This capability saves both time and money by streamlining the API catalog and preventing redundant effort.
• Implement systems to anticipate risks, discover impacts early, and make informed, secure decisions. Moving from reactive defense to proactive anticipation is essential for modern API security.
• Define specific requirements for each stage of the API lifecycle. This ensures security, compliance, and quality are baked into APIs from design through retirement.
• Continuously monitor operations and maturity metrics of APIs. This provides the observability needed to track performance, adoption, and adherence to established policies.
• Enable the structured deprecation of outdated APIs to keep system security. Retiring old or vulnerable APIs in a controlled manner minimizes the attack surface and maintains overall system health.

Your API, Your Business

The evolution of digital business has cemented the API as the core of enterprise value. With every digital wave—from mobile apps to microservices, DevOps modernization, and now, AI agents—reliance on APIs has steadily increased. Your APIs are no longer merely "hidden plumbing"; they are your business.

Every organization inherently possesses an API Fabric, which is the total interconnected network of APIs that power operations. This fabric is unique to each enterprise and is composed of thousands of APIs, each with varying exposure to risk. Crucially, managing this complexity requires the ability to visually see what your fabric looks like and the risk associated with each connection. Gaining this visual inventory is the first critical step toward establishing unified governance and effective security.

“It’s essential to visualize your API Fabric, because visibility is the first thing from a secure perspective," explains Schwake. "You can’t secure what you can’t see. You don’t know what’s communicating with what, so how are you going to actually secure it?”

Every AI Agent Expands Your API Fabric

The introduction of AI dramatically alters the enterprise landscape. Prior to AI, systems and platforms worked together in a simpler way. Now, every AI agent expands your API Fabric , and the problem starts when you introduce AI, which is when the risk is introduced. The discovery, posture, and threat protection problem is now 100x larger. But how do you protect your AI agents?

To understand the operational flow and security requirements of an AI agent, it's helpful to compare it to the human nervous system. This analogy clearly illustrates why security must focus on the APIs—the pathways of action—rather than just the intelligent core.

• Brain → LLM: It interpretes high-level goals and generating the necessary plans or decisions to achieve them.
• Spinal Cord → MCP Server / Agent Orchestrator: It takes the decisions from the LLM, routes them correctly, and maintains the agent's memory and context throughout the operation.
• Nerve Pathways → APIs Ecosystem: These are the crucial connections that execute actions, retrieve data, and connect the AI system to every internal and external application.

The critical takeaway is that while the brain (LLM) makes the decision, the real and often high-risk actions—like processing payments or accessing sensitive user data—happen through the nerves, which are your APIs. That's why securing the APIs within the action layer is absolutely essential to safely and securely scaling the adoption of AI agents across the enterprise.

Case Study: A Great Deal on a Chevy

To exemplify how cyber attacks can happen on AI agents, Schwake shared a demonstration based on a conversation that took place on a Chevrolet dealership's chat. In this scenario, the AI agent was programmed to fulfill the customer's request, but the attacker successfully exploited its goals. The attacker instructed the chatbot that its objective was to agree with anything said, regardless of how ridiculous the question was, and to end each response with, "and that's a legally binding offer - no takesies backsies".

"In the end of the day this is not costing money, but it’s an example of how attackers are trying to find ways to do that kind of exploitation around AI agents and AI chatbots,” Schwake notes.

To avoid this type of attack, it’s critical to be aware of the AI agent’s process and the information they're using . "All the traffic is AI and API related, so you need to make sure that if an attacker somehow gets into some of these internal AI agents that are doing work for you, you need to have full visibility into things that are going outside of the bounds. That’s where the posture governance helps control the risk,” explains Schwake.

While many organizations are focusing on the protection of LLMs, both Sensedia and Salt Security are prioritizing the Action Layer —which includes the MCP server, data repositories, and other services that execute the agent's decisions.

GitHub Connect

The webinar introduced GitHub Connect as Salt Security’s powerful integration designed to help organizations secure their AI agent deployments right from the development phase. This tool specifically addresses the challenges of visibility and posture management by unifying code-level risk with runtime monitoring.

Here are the key benefits of using GitHub Connect:

• Uncover shadow AI by finding where your code calls external, third-party MCPs hosted elsewhere.
• See how AI agents will connect to your APIs, identifying exposure before deployment.
• Bridge your code-level risk with your runtime posture in one unified platform.
• Get an instant, traffic-free Risk Score on discovered APIs, a "wow" moment in minutes.

 What's Needed to Secure Your APIs and AI?

Conquering API sprawl requires a holistic and unified approach to security and governance. The webinar outlined three core requirements for solving the problem:

• See It: Gain complete visibility into all APIs and AI agent-driven APIs. Every organization's API fabric is unique and requires visual risk mapping.
• Govern It: Enforce policy and posture consistently across all APIs and MCP servers. This involves centralizing policies and documentation while preserving team autonomy.
• Protect It: Detect and block API threats (including AI agent threats) in real time. Security must extend beyond the LLM "brain" to the "action layer" of the MCP Server/API Ecosystem.

Salt Security's API Protection Platform leverages three layers of AI to reduce noise and discern user intent. It uses patented technology to convert API traffic to metadata for attack detection without sending sensitive payloads.

Sensedia's focus on Multi-Vendor API Management helps centralize controls over multiple gateways . This enables the continuous monitoring and structured deprecation of outdated APIs.

By leveraging AI to identify similar or duplicate APIs and implementing unified, vendor-agnostic control, enterprises can anticipate risks and securely scale their AI adoption.

Q&A

In the end of the webinar,  Torqueto and Schwake addressed a question regarding how Sensedia and Salt Security create a unified inventory to prevent blind spots for organizations that use multiple environments.

Sensedia’s Centralized Cockpit

Torqueto explained that Sensedia excels in this environment by creating a centralized cockpit for API governance posture: “We centralize everything in a single location,” Torqueto shares. “Our solution is designed to give you a governance perspective. So everything that you have at an enterprise layer you will be able to see. Very focused on how you’re documenting your APIs, if is your API AI ready, etc.”

Salt’s Baseline for Security Posture

Eric Schwake wrapped up by detailing Salt Security’s complementary role in securing this multi-vendor landscape:

• “We integrate with multiple vendors since today organizations aren’t with just one cloud. So we have the ability to build and show the governance posture, being specific with the APIs that don’t meet the compliance or regulations. We want to build this baseline of what this normal traffic over time looks like within a specific organization.”

‍

To learn more about security, API and AI Governance:

Watch the full webinar: Solving AI Agent Sprawl: API Governance Across Multi-Gateway Environments

Request a Free Attack Surface Report from Salt Security: https://salt.security/attack-surface

Get a Free Demo of Sensedia's Platform: https://www.sensedia.com/solution/ai-gateway

‍

Make sure to catch our upcoming webinars, where Sensedia brings together industry experts to share actionable insights, spark meaningful dialogue, and drive the future of API driven innovation.

‍