Definitions for CISOs, SOC managers, and security engineers deploying AI agents in production. Each term explained with security context, compliance implications, and how it maps to the OWASP Agentic AI threat model.
Policy enforcement, monitoring, and audit for AI agents operating in production environments.
Read definition →An intercept layer between agent code and LLM APIs that enforces policy on every tool call before execution.
Read definition →An immutable, append-only record of every action an AI agent takes, with policy decisions and timestamps.
Read definition →An emergency mechanism to terminate an AI agent session immediately when a policy breach is detected.
Read definition →An attack that manipulates an AI agent's instructions to redirect it toward unauthorized actions.
Read definition →Inspecting and enforcing policy on every tool call an AI agent makes before the call executes.
Read definition →The OWASP taxonomy of 17 distinct threat categories specific to AI agents with tool access.
Read definition →An approval workflow requiring explicit human authorization before an AI agent takes high-risk actions.
Read definition →Real-time allow, deny, and escalate decisions applied to AI agent actions based on configurable rules.
Read definition →Verifying that an AI agent is registered, authorized, and operating within its declared tool scope and rate limits.
Read definition →