Google's Agent Executor extends agentic AI into enterprise software development at scale. Sonatype's field CTO argues the security challenges that come with it are already arriving, not waiting in the future.
Google last week introduced Agent Executor, a framework designed to bring AI agents into production software development environments. The pitch is straightforward: AI agents that generate code, orchestrate workflows and make decisions continuously, 24/7, compressing development cycles in ways batch-process tooling cannot match.
Ilkka Turunen, Field CTO at Sonatype, does not dispute the efficiency gains. "Google's Agent Executor launch paints the picture of a far more agentic software development lifecycle, where AI agents generate code, orchestrate workflows and make decisions continuously, 24/7. While that promises huge gains in speed and efficiency, it also creates new challenges around managing attack surfaces and securing software supply chains," he said.
Sonatype has already logged the adversarial response to earlier agentic deployments. "At the same time, attackers are adopting the same technologies. We're already seeing an increase in CVEs and malicious open source packages designed to target these agents directly," Turunen said. That observation narrows the window organisations typically assume they have between deploying new capability and securing it.
The deeper issue is one of tempo. Agentic pipelines run continuously; traditional security reviews do not. Tooling and governance designed for periodic code releases may not translate cleanly into environments where AI agents operate around the clock, integrating packages and making decisions without a human review cycle in the loop.
Turunen points to the DevSecOps transition as a reference point. "Although it's encouraging to see these capabilities becoming more widely accessible, organisations shouldn't forget the lessons learned from the last decade of DevSecOps. Strong governance, visibility and secure-by-design practices will be just as important in an AI-driven development environment."
For teams already managing sprawling cloud estates and multi-vendor CI/CD pipelines, Agent Executor adds another integration surface requiring inventory, monitoring, and policy. The security principles are familiar. The timescales are not.
