Arcjet Enhances Security by Integrating AI Within Agents

As AI becomes increasingly embedded in application logic, the way we secure those systems is undergoing a radical transformation. Traditional security measures, mainly designed around HTTP request boundaries, are proving inadequate for the new paradigms where untrusted inputs can slip through unnoticed. This is where Arcjet steps in with its new offering, Guards, aimed at rethinking application security for the age of AI agents.

Based in San Francisco, Arcjet has introduced Guards to address the shifting landscape of application security, which is evolving as AI systems assume more control over operations like file reading and web processing. CEO David Mytton articulates the challenge succinctly: "Traditional application security assumes a request boundary exists." But in agent-based architectures, this boundary evaporates.

The Challenge of Securing Agent-Based Systems

The typical security frameworks—Web Application Firewalls (WAFs), proxies, and AI gateways—fail to address how modern applications operate. For instance, in an agentic system, inputs come directly as function arguments rather than through structured HTTP requests. This structural variance means conventional security tools can't monitor these processes effectively.

In one case, Mytton pointed to an incident where an AI agent was compromised by a maliciously crafted webpage, leading to unauthorized data exfiltration. "We've set up all the correct permissions, but agents can be manipulated behind the scenes," he explained. This highlights the vulnerability inherent in today’s AI systems and the urgent need for more nuanced security measures.

Introducing Guards: Comprehensive Security for AI Workflows

Guards integrates seamlessly into Arcjet's existing SDK framework, allowing developers to embed security measures directly within their codebase. This integration means that the enforcement of security policies occurs at the very point where untrusted input is introduced, fundamentally changing the security model.

"Security has to live where the code lives," Mytton insists. The ramifications of this approach extend to several critical use cases, including prompt injection detection, Personally Identifiable Information (PII) blocking, and budget enforcement for per-user scenarios—addressing urgent requirements in contemporary agentic systems.

Guarding Against Known Vulnerabilities

To illustrate its utility, consider the prompt injection detection feature. This capability intercepts potentially harmful instructions embedded in fetched content before they can influence model context. Additionally, detecting sensitive data before it's processed by third-party systems offers organizations an additional layer of protection against regulatory pitfalls.

Budget enforcement is another tactical avenue where Guards shines. Mytton shared a sobering thought: unchecked agent loops could lead to explosive costs for organizations. "We help contain runaway resource consumption, ensuring agents don’t inadvertently drain budgets," he explained. This becomes especially relevant for multi-agent scenarios, where context-awareness across pipelines is key.

Rethinking Security Architecture

Arcjet's stance isn't just about addressing emergent vulnerabilities; it's also about rethinking how security infrastructure functions. Mytton distinguishes between being "agent-friendly" and "agent-first." The former often leads to band-aid solutions that merely accommodate existing systems without truly understanding agent operations. For instance, simply layering a user interface on top of a conventional control plane doesn't equate to a comprehensive security strategy.

On the contrary, an agent-first approach recognizes that these systems operate in a fundamentally different paradigm. Guards ensures that security considerations are part of the overall development lifecycle, aligning with the workflows that agents use daily. "When an agent writes a chat handler, it can see the security rules protecting it," Mytton remarked, emphasizing the integrated nature of their solution.

Navigating a Changing Competitive Landscape

The conventional security models like those offered by Cloudflare and Salesforce presuppose an active HTTP request, making them less effective against function calls made within agentic ecosystems. Mytton points out that as the perimeter of traditional web applications becomes more ambiguous, the tools we rely on must evolve correspondingly.

Arcjet's Guards takes a clear stance that it's not just adding layers to an outdated framework; it's fundamentally redefining how security should be approached in the context of operational AI. "Proxies and WAFs were once vital because they filled a gap in oversight between the internet and applications. That gap is closing fast," Mytton noted, underlining the urgency for innovation in security strategy as application ecosystems transform.

Conclusion: The Future of Secure AI Operations

Arcjet's Guards, now available through its JavaScript and Python SDKs, sets the stage for a new era of application security tailored for AI-driven workflows. As the attack surface increasingly moves to the inner workings of agentic systems, organizations must rethink their security architecture, moving beyond conventional safeguards to resilient, context-aware policies. Mytton's vision captures this future well: security won't merely trail behind development; it will become an intrinsic part of how applications are built and deployed. For enterprises navigating these changes, adapting proactively will be critical. Those who hesitate may find themselves exposed in an environment rife with invisible threats.