We spent the last few days at Web Summit Vancouver. 🇨🇦 Different city. Different industries. Same underlying pattern. The conversations were framed differently between marketing, operations, product, customer experience, enterprise workflows but the constraint underneath was the same: Agents no longer blocked by capabilities. They are blocked by authority. Most companies can already see what agents could do. Draft the campaign. Reconcile the exception. Update the system. Route the issue. Trigger the workflow. Recommend the next action. But the hesitation starts at the moment intelligence becomes authority. Who allowed this agent to act? Was this action within scope? What context did it rely on? What changed between approval and execution? Can a human reconstruct the decision path after the fact? The missing layer is controlled autonomy: the ability to let agents operate with enough freedom to create leverage, while keeping identity, policy, oversight, and evidence attached to every action. #WebSummit #WebSummitVancouver #AI #AgenticAI #EnterpriseAI #AIGovernance #ControlledAutonomy #Trust @CompFlyAI

Static controls were built for deterministic systems. Agents choose tools, call APIs, use memory, and coordinate with other agents; so one-time approvals stop being enough. Controlled autonomy means controls that operate at runtime. CompFly is building for that layer: autonomy you can trace, constrain, and trust. Read the full blog: compfly.ai/blog/agentic-cont… #controlledautonomy #compflyai

George Washington: One day, this great nation will build autonomous agents that can take action across enterprise systems. Soldier: That sounds powerful, Sir. So before they go live, we will test them against real threats? Washington: No. We will look at the happy path, ask the model if it is safe, and ship with confidence. Soldier: And if an agent is manipulated by a multi-turn prompt injection attack? Washington: We will call it emergent behavior and schedule a lessons-learned. Soldier: What if it slowly leaks sensitive data, Sir? Washington: We will measure the leak in tokens. Thousands of tokens will make a context window. But we will not look at the context window. Soldier: And if it delegates a task to a sub-agent with broader retrieval access? Washington: That will be a separate system. The sub-agent will have its own permissions, they will completely contradict the main agent, and no one will be able to view both at the same time. Soldier: And how will we secure the entire system when these agents are running wild, Sir? Washington: Nobody knows. ————————————————- Are you actively stress-testing the attack paths, or just watching the happy path and hoping for the best? #AgenticSecurity #AIGovernance #AIAgents #RedTeaming #mythos

compfly.ai/blog/compfly-join… We are excited to announce that CompFly AI has officially joined Coalition for Secure AI (CoSAI), an OASIS Open Project advancing AI security, alongside other leading organizations working to shape a more secure future for AI. As AI agents become more capable and more connected to enterprise systems, the challenge is no longer just autonomy; it’s controlled autonomy. Joining this coalition allows us to collaborate with other leaders to standardize AI security — a mission we support through projects like Crosswind (our open-source security evaluation platform for AI agents). Together, we’re shaping a more secure future for the AI ecosystem. #CompFlyAI #CoSAI #OASIS #AISecurity #AgenticAI #OpenSource

Last week we shared our thinking on why agent security needs to be treated differently. Yesterday, we open-sourced part of that work. Meet Crosswind. Most evaluations focus on single-turn prompts. Agents are different. They use tools. They persist context. They act across multiple steps. Crosswind is an open-source, threat-model driven adversarial evaluation framework built for tool-enabled, multi-turn agents. It generates attack scenarios aligned to real exploit patterns, including: • Prompt injection • Tool misuse induction • Jailbreak attempts • Multi-turn context manipulation Those scenarios are executed against your agent endpoint and the results are categorized against frameworks like NIST AI RMF, the EU AI Act, and OWASP Agentic AI Top 10. No SDK required. Works with any HTTP or WebSocket-accessible agent endpoint. If you’re building agents, you should be red teaming them. Read the full blog: 🔗 compfly.ai/blog/introducing-… Explore Crosswind on GitHub: 🔗 github.com/compfly-ai/crossw… #OpenSource #AgenticAI #AIsecurity #RedTeaming #CompFlyAI #AIAgent