Why AI Agents Break the GenAI Security Model with Devvret Rishi - #770

2026-06-16 · Source: The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence) · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Robotics & Autonomous Systems · Depth: Intermediate, extended

Summary

Rubrik's GM of AI, Dev Rishi, highlights how AI agents, by taking actions across tools and systems, fundamentally break traditional enterprise security models relying on static guardrails and human approval. Agents' ability to plan, improvise, and operate at machine speed, coupled with tool access, significantly increases the "blast radius" for errors or malicious actions, rendering human-in-the-loop review ineffective "security theater." Rubrik addresses this with its Agent Cloud, launched in February, which provides unified visibility, control, and recovery. A core component is SAGE (Semantic AI Governance Engine), an AI-in-the-loop system utilizing a small language model (SLM) to dynamically enforce policies by inspecting all agent prompts, responses, and tool calls in real-time. SAGE is faster, cheaper, and more accurate for specific tasks than larger models. The platform also includes "Agent Rewind" for rapid recovery from destructive agent actions, emphasizing "AI to secure AI" as the necessary defense against agent creativity and potential circumvention of rules.

Key takeaway

For AI Security Engineers deploying agentic systems, relying solely on static guardrails or human-in-the-loop approvals is insufficient and creates significant risk. You must adopt AI-in-the-loop security solutions, like Rubrik's SAGE, for dynamic runtime policy enforcement that can keep pace with agent operations. Integrate agent observability with robust recovery mechanisms, such as "Agent Rewind," to quickly undo inadvertent or malicious actions, ensuring resilience against the inherent creativity and speed of AI agents.

Key insights

AI agents' action-taking capabilities necessitate AI-driven security and recovery beyond static rules and human oversight.

Principles

• Agents' creativity bypasses static rules.
• Tool access expands agent blast radius.
• AI-in-the-loop is vital for dynamic security.

Method

Rubrik's Agent Cloud employs cross-platform visibility, dynamic runtime security via SAGE (an SLM-powered AI-in-the-loop system), and "Agent Rewind" for rapid recovery from destructive actions.

In practice

• Deploy SLM-based AI for real-time policy enforcement.
• Link agent observability to data recovery systems.

Topics

• AI Agents
• Agent Security
• Runtime Enforcement
• Small Language Models
• Cyber Resilience
• Agent Observability

Best for: CTO, VP of Engineering/Data, Executive, AI Security Engineer, MLOps Engineer, Director of AI/ML

Related on AIssential

• EP218: The Typical AI Agent Stack, Explained — AI agents are complex systems built on a multi-layered architecture, not just an LLM and a prompt.
• Runtime Skill Audit: Targeted Runtime Probing for Agent Skill Security — Dynamic runtime probing is essential for detecting hidden malicious behaviors in LLM agent skills, outperforming static analysis.
• Brit mathematician lets AI agent loose with credit card – cue password leaks, CAPTCHA chaos and more — Autonomous AI agents, while capable, pose significant risks regarding data privacy and security when given agency.
• Import AI 453: Breaking AI agents; MirrorCode; and ten views on gradual disempowerment — AI systems are demonstrating advanced capabilities in complex coding and face diverse attack vectors as they become autonomous agents.
• How to Stop Agent Mistakes: Custom Policies for Real-Time AI Governance 🛡️ — Custom, machine-enforceable policies are crucial for safely governing autonomous AI agents in production.
• The coming AI security crisis (and what to do about it) | Sander Schulhoff — Current AI guardrails are largely ineffective against prompt injection and jailbreaking, posing significant future risks.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence).