6 posts on problem-aware.
AI agent security is the operational practice of constraining autonomous agents to act only within delegated authority and producing per-decision audit records that survive regulatory review. The NIST three-pillar framework names the architecture. Application logs and model guardrails do not satisfy it.
Six agentic AI architecture patterns dominate production deployments today: ReAct, plan-and-execute, multi-agent crews, retrieval-augmented agents, code-executing agents, and tool-using single agents. The security architecture differs across each. The enforcement layer always sits at the HTTP AI request boundary.
LangChain, LangGraph, AutoGen, CrewAI, and the OpenAI Assistants API each ship a different agent loop. The security properties of each framework determine what an enforcement layer can see and what it cannot. The architectural divergence matters at the AI request boundary.
Generative AI returns a response to a human-issued prompt and waits for the next instruction. Agentic AI issues prompts on its own initiative, applies the response, and chains the next call. The architectural divergence has direct consequences for identity, policy enforcement, and audit trails.
Agentic AI security is the practice of constraining what autonomous agents can request, what data they can include in prompts, and what evidence each decision leaves behind. Static credentials, model guardrails, and application logs fail the test. The enforcement layer has to sit at the HTTP AI request boundary.
IBM Cost of Data Breach data shows that organizations breached through unsanctioned AI tools pay an average of $670,000 more per incident than the cross-industry baseline, take 247 days to detect, and lose customer PII in 65% of cases.