Leading Global Research and Advisory Firm Recommends Against Using AI Browsers

I recommended against using an AI browser unless you wanted to participate in a global experiment in security. My recommendation did come with a caveat:

But probably don’t listen to me. I’m not a security expert

Well, now the experts (that you pay for) have weighed in.

Gartner, the global research and advisory firm, has come to the conclusion that agentic browsers are too risky for most organizations.

Ground breaking research.

But honestly, credit where it’s due: they’re not jumping on the hype train. In fact, they’re advising against it.

I don’t have access to the original paper (because I’d have to pay Gartner for it), but the reporting on Gartner’s research says this:

research VP Dennis Xu, senior director analyst Evgeny Mirolyubov, and VP analyst John Watts observe “Default AI browser settings prioritize user experience over security.”

C’mon, let’s call a spade a spade: they prioritize their maker’s business model over security.

Continuing:

Gartner’s fears about the agentic capabilities of AI browser relate to their susceptibility to “indirect prompt-injection-induced rogue agent actions, inaccurate reasoning-driven erroneous agent actions, and further loss and abuse of credentials if the AI browser is deceived into autonomously navigating to a phishing website.”

And that’s just the beginning! It gets worse for large organizations.

The real horror of these AI browsers is that they can help employees to autonomously complete their mandatory trainings:

The authors also suggest that employees “might be tempted to use AI browsers and automate certain tasks that are mandatory, repetitive, and less interesting” and imagine some instructing an AI browser to complete their mandatory cybersecurity training sessions.

The horror!

In this specific case, maybe AI browsers aren’t the problem? Maybe they’re a symptom of the agonizing online instructional courses that feign training in the name of compliance?

But I digress. Ultimately, the takeaway here is:

the trio of analysts think AI browsers are just too dangerous to use

Imagine that: you take a tool that literally comes with a warning of being untrustworthy, you embed it as foundational in another tool, and now you have two tools that are untrustworthy. Who would’ve thought?