Agent Risk Manager Enhances AI Security
On April 14th, KnowBe4 introduced the Agent Risk Manager, an innovative AI risk management solution aimed at securing and governing the behaviour of autonomous AI agents. This launch aligns with Identity Management Day, emphasizing the importance of securing both human and AI identities in today’s digital landscape.
KnowBe4’s Agent Risk Manager is an integral part of the KnowBe4 HRM+ platform. It addresses a critical security gap as workflows increasingly shift from AI-assisted to agent-managed systems. The platform focuses on preventing unauthorised actions, such as sharing sensitive information and detecting prompt injections.
Greg Kras, Chief Product Officer at KnowBe4, explained, “The industry has spent years securing the human element, but today, AI agents are the newest members of our workforce. However, securing the prompt is only half the battle. Our Agent Risk Manager focuses on the output and actions of these agents, ensuring that as they move through your network, they do not become the ultimate shadow IT or a backdoor for sophisticated prompt injection attacks.”
The Agent Risk Manager offers real-time operational layers that monitor and govern AI agent behaviour once deployed. This ensures that the agents act within predefined behavioral guardrails, preventing unauthorised data exfiltration or jailbroken autonomous execution.
Key Features and Capabilities of Agent Risk Manager:
Behavioral Guardrails: Real-time monitoring of agent actions to prevent unauthorised data exfiltration or jailbroken autonomous execution. Agentic Identity Governance: Identifies access permissions and tools that the agent has access to. Adversarial Simulation for Agents: Stress-tests AI agents against the latest prompt injection and social engineering tactics used by hackers.
The platform’s prompt injection detection utilises machine learning-powered analysis to identify jailbreaks, logic overrides, and indirect injections across user messages and tool outputs. Sensitive information detection is achieved through more than 20 classifiers, which scan for personally identifiable information (PII) and credentials, automatically redacting sensitive data before it reaches the audit log.
Unbounded consumption detection monitors for resource abuse and runaway agents to prevent excessive API calls, data queries, and compute costs. The system’s agent inventory feature automatically catalogues agents and tools across the network, providing organisations with a comprehensive view of their AI deployment.
Built from industry-leading data collected over 15 years, the Agent Risk Manager can predict when an agent deviates from safe operating parameters. This predictive capability is crucial in maintaining the integrity of AI operations within organisations.
The introduction of the Agent Risk Manager by KnowBe4 marks a significant advancement in AI risk management, providing businesses with the tools necessary to safeguard against emerging threats in the digital world. For further details, visit KnowBe4’s website.
