Aviatrix launches AI agent containment platform to limit blast radius in cloud workloads

Aviatrix launches AI agent containment platform for cloud workloads - SiliconANGLE

Aviatrix launches AI agent containment platform for cloud workloads Aviatrix Inc. today announced the launch of a new platform designed to contain artificial intelligence agents and enforce security controls and communications across AI workloads without changing AI agents or code. The company said the launch comes in response to an increasing number of supply chain attacks that do not always come from outside the security perimeter, but can directly affect the operational security of agents, dependencies and code logic itself. The new platform extends the company's Cloud Native Security Fabric with two new products: Zero Trust for AI Workloads, now generally available, and Aviatrix AgentGuard, now in early access. When most people think about cybersecurity, they think about shady hackers behind keyboards writing code and trying to break into computers from afar by looking for cracks in the armor of networks. However, that's only one path to break through the security of enterprise systems. AI agents introduce a different kind of security problem because they do not need to be "broken into" in the traditional sense to become dangerous. An agent can be manipulated through prompt injection, where malicious instructions are hidden in content the agent reads, or through model poisoning, where the data or tools it depends on are corrupted. If that agent has broad access to applications, files, credentials or external services, a successful compromise could allow it to move data, call tools or communicate with systems far beyond its intended role. To combat this, Aviatrix argues, enterprises and developers need to do more than simply detect and react to anomalies. They must contain AI workloads and isolate them from other systems. That way, if they're compromised, they cannot break out of their assigned roles and affect other parts of the network. "My argument for the containment era is the most important metric is blast radius," Chief Executive Doug Merritt told SiliconANGLE in an interview. In this model, containment is less like building a taller wall around the castle and more like dividing the castle into many locked rooms. If one room is breached, the intruder does not automatically get the keys to the rest of the building. Merritt described it as creating "this beautiful honeycomb of things that communicate," where each workload has carefully defined communication pathways and "when something goes wrong in one cell, it doesn't affect the other cells." That blast-radius thinking is especially important as AI agents begin to act across systems, call tools, access data and communicate with outside services. Even today, AI agents remain difficult to secure with identity controls alone, because they behave partly like users and partly like applications. As Merritt put it, "An agent is weird because it's kind of half-human, half-workload." With Zero Trust for AI Workloads, information technology teams can secure AI agents, large language model proxies and agentic frameworks without requiring application or infrastructure changes. It allows them to set policies that allow or deny access to external AI services, block shadow AI with allowlists and apply network-layer enforcement across workloads and regions. The product is designed to address one of the central problems of cloud and AI security: Workloads often need to communicate to do their jobs, but they should not be able to communicate with everything. For AI agents, that line can be difficult to draw because agents may behave like users in one moment and like applications or services in the next. Merritt argued that the economics of cyberattacks are also changing as AI models make sophisticated attack techniques easier to automate and scale. "We are democratizing capabilities for nefarious behavior at the same time that we are completely changing the economics of nefarious behavior," he said. That makes containment more urgent. If attackers can move faster, more cheaply and with more automation, then security teams need a way to limit how far a compromised agent or workload can go before detection even happens. AgentGuard, now in early access, provides full containment: a safety zone where agents can live and work. It discovers every agent running across virtual machines, Kubernetes clusters and serverless functions. It maps LLMs, tools and the data each agent connects to, then builds an updating risk profile. Using that risk profile, AgentGuard monitors activity and automatically blocks behavior that does not match the agent's baseline. Behaviors that match common exfiltration patterns, such as posting data to public code repositories or file-sharing services, are blocked by default.

Aviatrix Intros Platform For Agentic AI Security The 'Containment Era'

'There is a significant services revenue stream about to be unleashed for channel partners that understand the dynamics that AI is bringing,' Aviatrix CEO Doug Merritt tells CRN. Cloud networking and security specialist Aviatrix has launched a new platform aimed at addressing the surge of cyberattacks and the growing risks posed by compromised advanced AI tools, such as Claude Mythos, according to Aviatrix CEO Doug Merritt. Launched on Wednesday, the new containment platform, Aviatrix AgentGuard, is a first of its kind that takes a different approach to agentic AI security, Merritt (pictured) told CRN. Rather than focusing on detection and remediation, it's about shrinking the blast radius associated with compromised AI agents, he said. "What I've been watching happen progressively over the past few years is that AI is a new accelerant. Mean time to detection and mean time to resolution, [is] still important, but to create cyber resiliency, the core metric needs to be blast radius," he said. "If you have a broad blast radius, then the breach becomes very troublesome to catastrophic." [Related: Aviatrix CEO Doug Merritt On Relaunched Channel Program And Goal To Include Partners In '100 Percent Of Transactions'] For the vast majority of enterprises, there is no architectural constraint on where a compromised workload can go. For most AI agents that are compromised, the "blast radius" can include all enterprise applications and even the entire network, Merritt said. Aviatrix AgentGuard works by discovering every agent running across VMs, Kubernetes clusters, and serverless functions, both authorized and shadow, and maps the LLMs, tools, and data each agent connects to, while building a continuous risk profile. AgentGuard then extends the Aviatrix Cloud Native Security Fabric to enforce Communication Governance at the agent workload, governing what each agent can reach and what can reach it. The most common exfiltration vectors are blocked by default, according to Aviatrix. The launch of the platform includes Zero Trust for AI Workloads, a feature introduced in November and is now generally available, according to the company. Aviatrix AgentGuard is now in early access. For channel partners, the platform opens the door for add-on diagnostic and assessment services, focusing on blast radius assessments and agent governance, Merritt said. "I believe deeply, as one of the fathers of the detect and remediate era, that we're entering a containment era and that products like ours that can be deployed within these environments. But there's also a significant services opportunity," he said. Many enterprise IT teams still need help mapping their environment and understanding their full attack surface, including where their perimeters and egress points are, how to design stronger containment, and how to run that effectively day to day, Merritt said. "There is a significant services revenue stream about to be unleashed for channel partners that understand the dynamics that AI is bringing, and what that means for vulnerability detection or remediation, and why containment is likely to be a higher growth area over the next 1-2-3 years within these organizations," he said. Santa Clara, Calif.-based Aviatrix, under the direction of Merritt, released a revamped partner program in 2025. The company has a goal of driving 100 percent of its transactions through the channel, Merritt told CRN last year.