The impact of agentic AI on SaaS and partner ecosystems

As an architect, it became abundantly clear to me over the last decade that an enterprise’s capacity to support interoperability between application and data ecosystems has been the dominant theme in achieving competitive differentiation and time to market. Industry channel partners and software-as-a-service (SaaS) OEMs alike understood this some time ago and built ecosystems that enabled it across the spectrum of other partner networks and channels.

Early implementations of application programming interfaces (APIs) were predicated on the notion of exposing interoperable interfaces to functionality and data outside the “black box” of proprietary software for integration with other heterogeneous systems. The ability to have access to functionality and data with open interfaces and common data interchange models fueled the Darwinian evolution of software and data architectures from client-server to n-tier, cloud and SaaS.

Clearly, the capacity to integrate within and between software ecosystems enabled capabilities, partner relationships and market advantage. If you can’t enable interoperability, you can’t compete and evolve quickly. There is no shortage of mature integration patterns, tooling, standards and styles to support it. The architectural prerequisites have indeed been mature, predictable and reliable strategies — that is, until now.

Enter agentic AI, stage left

The enterprise technology landscape is entering a critical pivot point as agentic artificial intelligence transforms partner ecosystems from human-mediated, application integration networks into autonomous, self-orchestrating and intelligent ecosystems. Bain and Company’s recent Technology Report says, “In three years, any routine, rules-based digital task could move from ‘human plus app’ to ‘AI agent plus application programming interface (API).’”

This evolution introduces game-changing implications for SaaS business models, partner ecosystem strategies and security architectures that organizations can no longer afford to ignore.

Agentic AI represents an existential challenge to traditional SaaS business models while introducing unprecedented opportunities for platform enhancement. Bain’s research reveals that “generative and agentic AI — tools that can reason, decide and act” are fundamentally disrupting SaaS by automating tasks and replicating workflows that currently require human operators interfacing with SaaS applications.

SaaS ecosystem players are scrambling to adopt and embrace agentic workflows and feature sets that are redefining what SaaS means — by default if not by design. Capability models and what it means to compete and differentiate in the age of intelligent ecosystems are less about accelerated time to insight and more about time to action and reducing OPEX overhead in the process.

The transformation is rooted in a fundamental shift in how software delivers value. As Bain analysts note, when evaluating which workflows AI can disrupt, organizations must consider “the potential for AI to automate SaaS user tasks and the potential for AI to penetrate SaaS workflows.”

Traditional SaaS platforms provide tools that users operate manually, but agentic AI identifies tasks, makes decisions and carries out workflows autonomously without human intervention. It is also non-deterministic in its interactions with models and data and is rapidly gaining traction as the new basis of competition. Current industry data reflects the urgency as the cost commoditization of foundation models is heading downward even as accuracy improves. According to Bain, the cost-curve trajectory of OpenAI’s recent reasoning model (o3) fell 80% in just two months. This hyper-accelerated commoditization of AI capabilities means competitive advantages must come from strategic positioning rather than technology alone.

What are the architectural and scale implications?

As an integration architect during the API-first era, I recall just how impactful availability and resilience characteristics are in terms of API endpoint performance and demand patterns. High consumption and high latency in slow or unresponsive systems could bury mission-critical applications that relied on them. The implications for architectural resilience and availability are equally dramatic and troubling when we consider the age of legacy core systems that implement the API endpoints that agents will consume.

According to an analysis of agentic system requirements by Tyler Jewell in The New Stack, “In the current mobile computing era, large-scale SaaS systems typically handle around 10,000 transactions per second. In the agentic era, with potentially dozens of AI assistants continuously operating on behalf of each user, transaction volumes could increase by two orders of magnitude to approximately 1 million transactions per second.” This is even more troubling when you consider the anticipated growth in agentic enterprise applications.

There is an obvious mandate here to architect intelligent ecosystems with deliberateness and real intentionality. It requires fundamental architectural changes. As Jewell’s analysis explains, “traditional SaaS applications are built on stateless business logic executing CRUD operations against relational databases. Agentic services, by contrast, must maintain state within the service itself and store each event to track how the service reached its current state — a fundamentally different paradigm.”

The semantic layer battle

Interoperable agentic inter- and intra-ecosystem communication standards are the next competitive frontier. Standard industry ontologies are yet another ecosystem basis of competition. As models have become more diverse, specialized and powerful, communication across layers and across vendors has become the success barrier.

While Anthropic’s Model Context Protocol (MCP) and Google’s Agent2Agent (A2A) protocol standardize technical interactions, they don’t provide standard and shared ontologies for business concepts. Just as data interchange standards like XML enabled data format interchange and interoperability, the first ontology model that implements an industry-wide standard to enable a conversation between a payables agent and a receivables agent, for example, will mold the AI ecosystem and become the new gold standard for interoperability within that ecosystem and driving the basis of competition.

For SaaS OEMs the direction is clear: Build partner ecosystem coalitions around ontologies. This will enable them to own the life cycle of the transaction within and across channel ecosystems and drive adoption by leading the standard within and across verticals just as Microsoft, IBM and Oracle have done for decades.

The evolving role of partner ecosystems

Within this transformation, partner ecosystems face their own profound evolution. Ernst and Young’s recent analysis on SaaS and agentic AI indicates that “with agentic AI, SaaS companies will automate significantly more configuration and deployment processes within their platforms, but partners will simultaneously play more critical roles in areas where human judgment, industry expertise and strategic oversight remain essential.”

What are the new partner value propositions? The ecosystem transformation demands new evaluation criteria. As an ISV industry analysis by Bart Schrooten notes, “Traditional evaluation criteria focused on software features, architecture maturity and deployment models no longer suffice.” Organizations acquiring or partnering with agentic AI solution providers must now evaluate autonomous boundaries (what decisions agents can make independently), safety and control mechanisms, ethical guardrails, explainability standards and real-world performance in dynamic environments.

Perhaps the most business-critical risk and underestimated impact involves ecosystem security ramifications. As Akamai’s security analysis of agentic risk by Maxim Zavodchik suggests, “Agentic AI delivers greater autonomy, but at the cost of increased complexity and unpredictability.”

The Akamai analysis reveals that “semi-independent agents go beyond conventional generative artificial intelligence (GenAI) risks by chaining through memory, tools and other agents, which expands the attack surface, blurs trust boundaries, increases the blast radius and introduces new classes of attack.” What does this mean for information security architects? In a nutshell, more attack surfaces and more risk.

Unlike traditional AI systems, agentic AI systems can operate across fluid, autonomous patterns of interaction, including communications, human-mediated interactions and human-to-agent exchanges. And because these interactions are non-deterministic and probabilistic, observability and simulation will be critical to designing, developing and deploying agentic ecosystem architectures.

In Rewriting the rules of enterprise architecture with AI agents, I proposed that agent behavioral simulations with digital twin environments will be key to managing enterprise risk. The risk of underestimating how impactful this really is can occur to the detriment of large enterprises that choose to ignore or minimize its significance.

Recent security research by RiskInsight identifies three distinct risk categories: “traditional cybersecurity threats (data extraction, supply chain attacks), general generative AI risks (hallucinations, model poisoning) and a new category relating specifically to agents’ autonomy in executing real-world actions.”

Akamai’s research also highlights a critical vulnerability: Agent protocols, such as the previously mentioned MCP, were designed to support process outcomes — not security. Basic security mandates such as identity binding, authentication, validation and policy enforcement are as yet missing or elective in nature. This opens significant vulnerabilities for impersonation, spoofing and unauthorized access.

Security researchers warn that agentic systems often operate with far-reaching mandates and too much autonomy. Without clear boundaries, bad actors can hijack agentic behavior — enticing actions and reinforcement learning their designers never intended. According to Zavodchik’s research, “a subtle prompt injection can turn a helpful planner into a dangerous proxy.”

The consequence of unintended agentic reinforcement learning is the cascading failure effect of a compromised agent and its ability to poison dependent ecosystems. Most concerning with this systemic risk of cascading failure is the potential domino effect that encourages misinformation or even destructive goals in multi-agent interactions.

The blast radius on damage in this case spreads across ecosystems and broadens contained issues into core system collapse.

Zavodchik also identifies an emerging threat called vibe scraping — where “attackers can now deploy autonomous agents that execute adaptive, large-scale attacks with minimal oversight.” Rather than relying on rigid scripts, they set high-level goals — like acquiring proprietary inventory data or extracting competitive intelligence — and let AI agents navigate ecosystems autonomously to accomplish those goals.

A paradigm shift to mitigate threats (or, fighting autonomy with autonomy)

So, what is the path forward and how should enterprise business and technology leaders navigate both the risk and the opportunities in intelligent partner ecosystems? The convergence of agentic AI, SaaS business model disruption and pivotal security landscape changes indicates that successful organizations will need to build partner ecosystems fundamentally different from those that dominated the last decade.

The shift is not incremental — it represents a paradigm change from human-operated tools to autonomous, self-improving networks of intelligent agents collaborating across organizational boundaries. Leaders must contemplate the implications of managing portfolios of agentic hyper-automation capabilities defined by data architectures, industry ontologies and dynamic pivots.

Observability and simulation are the best safeguards for non-deterministic systems that react to probabilistic models, as opposed to the predictable transactional and non-transactional request and response patterns that have dominated the enterprise application landscape for decades.

Organizations that recognize this transformation early, invest in security-first architectures, rethink business models and develop partner ecosystems optimized for autonomous collaboration will define competitive dynamics for the next era.

Those that treat agentic AI as merely another feature to bolt onto existing systems risk being made irrelevant by competitors who rebuild from the ground up with foundational next-generation architectures for intelligent ecosystems.

The age of intelligent ecosystems has arrived and partner ecosystems are at the heart of this transformation. Impactful leaders should spend less time debating the impact of agentic capabilities on partner, channel and SaaS ecosystem interoperability and more on how quickly organizations can navigate the architectural, business model and security implications that will determine winners and losers in the autonomous era.

This article was made possible by our partnership with the IASA Chief Architect Forum. The CAF’s purpose is to test, challenge and support the art and science of Business Technology Architecture and its evolution over time, as well as grow the influence and leadership of chief architects both inside and outside the profession. The CAF is a leadership community of the IASA, the leading non-profit professional association for business technology architects. 

This article is published as part of the Foundry Expert Contributor Network.
Want to join?