SAP Moves to Block OpenClaw and Other Unauthorized AI Agents

2026-05-04 · Source: The Information · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Fundamental Awareness, quick

Summary

SAP is actively developing and deploying measures to prevent unauthorized AI agents, such as OpenClaw, from accessing and manipulating its enterprise resource planning (ERP) systems. This initiative comes as companies increasingly integrate AI into their operations, raising concerns about data security, compliance, and system integrity. SAP's strategy involves technical safeguards and policy updates to ensure that only approved AI applications interact with its core business software. The company aims to maintain control over how AI agents process sensitive corporate data and execute critical business functions, thereby mitigating risks associated with unvetted AI integrations.

Key takeaway

For CTOs and VPs of Engineering evaluating AI integration strategies, SAP's proactive stance highlights the critical need for robust governance. You should prioritize implementing strict access controls and clear policy frameworks for all AI agents interacting with your core enterprise systems to prevent unauthorized data access and maintain compliance. This approach will mitigate significant security and operational risks.

Key insights

SAP is implementing technical and policy controls to block unauthorized AI agents from its ERP systems.

Principles

• Maintain control over AI agent interaction with core systems.
• Prioritize data security and compliance in AI integration.

Method

SAP's method involves developing technical safeguards and updating policies to restrict AI agent access to ERP systems, ensuring only approved applications interact with sensitive data.

In practice

• Implement technical access controls for AI agents.
• Establish clear policies for AI integration.

Topics

• SAP
• AI Agents
• OpenClaw
• System Security
• Unauthorized Access

Best for: CTO, VP of Engineering/Data, Executive, AI Security Engineer, Director of AI/ML, Consultant

Related on AIssential

• Hackers exploit vulnerabilities in OpenClaw to control 28,000 systems — Insecure AI agents with excessive permissions pose significant remote code execution risks.
• Building an open ecosystem for AI governance with Unity AI Gateway — Databricks' Unity AI Gateway ecosystem extends AI governance to runtime interactions, integrating security and identity solutions for enterprise-scale AI.
• Nothing To Detect — Agentic AI's primary security threat is authorized malicious action, shifting focus from detection to governance of permission models.
• The end of 'shadow AI' at enterprises? Kilo launches KiloClaw for Organizations to enable secure AI agents at scale — KiloClaw for Organizations provides enterprise governance and secure deployment for autonomous AI agents, addressing "shadow AI" risks.
• Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds — Enterprises lack critical enforcement and isolation controls for advanced AI agent security threats.
• OpenClaw and Claude Opus 4.6: Where is AI agent security headed? — AI agents and rapid development necessitate stringent security, zero-trust principles, and comprehensive inventory management.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by The Information.