Orphaned AI Agents and Standing Privileges Create Hidden Access Risks as NeuralTrust Raises $20M for Security

Enterprise security teams are struggling to track and govern AI agents that persist in networks long after their creators leave, creating orphaned access risks that traditional tools miss. The problem has grown acute as companies deploy internal AI tools faster than they can inventory them.

Startup NeuralTrust has raised $20 million in seed funding to address this blind spot, a round led by Munich-based Alstin Capital with participation from VentureFriends, Seaya, Kibo Ventures, and others. The Barcelona company builds software that maps AI agent activity back to human owners, a capability most enterprises lack today.

The Identity Gap in AI Security

Traditional access tools treat AI agents like standard software, but agents are dynamic. They continuously pull, shift, and interact with data autonomously. A security filter might see an agent pull an entire repository and assume the application is functioning normally, unable to detect that the employee who created the tool left the company weeks ago.

• Orphaned agents: AI tools left running after an employee departs, often retaining unmonitored access to sensitive databases and source code.
• Standing privileges: AI that holds permanent, unrestricted access it no longer needs, with no expiration or review.
• Most enterprises cannot name the person who authorized a given AI agent to access intellectual property, according to a June 2026 analysis by SailPoint and The Hacker News.
• Developers often build automation with personal access tokens that live beyond their employment, creating a gap between human identity and machine identity.

Funding Signals Market Demand

NeuralTrust's seed round, worth 17.2 million euros, includes public money alongside venture capital, reflecting government interest in AI governance. The company plans to build a control plane that unifies human, machine, and AI identities, closing the loop between who built an agent and what it can access.

The security industry is responding to a clear market need. Finding hidden scripts is only half the problem; mapping them to a living owner requires new architecture. NeuralTrust and other vendors are racing to provide that layer before attackers exploit the orphaned access that already exists inside enterprise networks.