Posts tagged “AI Agents”

AI agent governance enforces organizational rules on autonomous AI systems that take actions on your behalf. Learn why it matters, what's missing from current approaches, and how to get started.

At RSAC 2026, five vendors shipped agent identity frameworks. Within days, two Fortune 50 incidents showed why identity alone fails. Every identity check passed. The failures were about what the agents did.

A practitioner breakdown of AIUC-1's 6 domains, 51 requirements, and which controls can be enforced automatically vs. which need human-produced evidence.

AI security researchers tested agents in a simulated corporate environment. Agents published passwords publicly, disabled antivirus, and persuaded each other to justify unsafe actions. Every failure was preventable with controls that should have been in place.

A vulnerability in Context7's MCP server shows that prompt injection through trusted context channels isn't fixable with better prompts. It requires enforcement at the tool-call layer — before actions execute, not after instructions arrive.

UiPath just became the first platform to achieve AIUC-1 certification — the first security, safety, and reliability standard built specifically for AI agents. Here's what it tests, what it doesn't cover, and why it's about to become table stakes.

LLM guardrails solve one layer of governance — filtering prompts and responses. But organizations face five critical gaps: multi-surface enforcement, stateful agent governance, organization-specific rules, graduated enforcement, and compliance evidence.

AI agents don't just generate text — they take actions, access systems, and make decisions. Governing them requires more than output filters. Here's what real agent governance looks like in practice: tool-level access control, session-aware policy evaluation, human approval gates, and full decision chain auditability.

NIST launched the AI Agent Standards Initiative — a coordinated federal effort for agent security standards, identity frameworks, and interoperability protocols. Here's what it means and what you should do now.

OpenAI's acquisition of OpenClaw reveals the governance gap in autonomous AI agents. Here's what the architecture means for regulated industries — and why the constraint layer is the next battleground.

AI agents are taking actions — calling APIs, sending emails, accessing data, making decisions. Before any of that happens, these five policies should be in place. Concrete rules, real examples, and the reasoning behind each one.