Exabeam, the leader in Behavior Intelligence for the agentic enterprise, today announced Agent Behavior Verification (ABV), a new security discipline that helps organizations determine whether AI agents are configured, authorized, and governed in ways that align with their intended responsibilities before deployment.
As AI agents move from assistants to operational actors inside enterprise environments, organizations face a new security challenge. Agents access systems, invoke tools, execute workflows, and make decisions with increasing autonomy. While existing approaches such as vulnerability scanning and red teaming help govern, monitor, and test agent activity during runtime, organizations lack a practical way to determine whether an agent is prepared to operate safely before it enters production.
Agent Behavior Verification addresses that gap. Rather than focusing solely on known vulnerabilities or individual code artifacts, ABV evaluates agents as complete systems, providing a framework for defining an agent’s authorized role and evaluating whether its implementation, permissions, and controls align with its purpose.
To help organizations operationalize the discipline, Exabeam is releasing Praxen, an open source reference implementation of ABV.
“Organizations are rapidly moving from AI experimentation to operational deployment,” said Steve Wilson, Chief AI Officer at Exabeam and Founder and Co-Chair of the OWASP Gen AI Security Project. “As agents become digital workers, security teams need more than runtime visibility. They need confidence that agents have the right permissions, the right controls, and the right boundaries before they enter production. Agent Behavior Verification helps answer a fundamental question: will this agent do its job, and only its job?”
Praxen Operationalizes Agent Behavior Verification
Praxen uses the ABV remit — a policy contract that defines what an agent is authorized to do, what resources it may access, and what boundaries it must operate within — to help developers and operators verify whether the agent’s implementation, tools, configurations, memory, integrations, and operating environment align with its specified role.
By identifying and reporting on gaps between intended and implemented behavior, Praxen provides actionable recommendations and highlights behavioral risk for developers ahead of deployment. Reports include specific findings, recommendations for improvement, and an overall maturity score for the agent’s security posture.
“Traditional security tools help identify vulnerabilities in software,” continued Wilson. “Praxen evaluates something different: whether an agent’s capabilities, permissions, tools, and controls align with the role it was authorized to perform. This addresses one of the most critical risks introduced by highly autonomous agents and establishes a stronger foundation for ongoing governance throughout the agent lifecycle.”
Agent Behavior Verification represents the pre-deployment foundation of Exabeam’s broader agent security strategy, complementing ABA, which helps organizations identify anomalous or risky agent behavior in production environments.
Built as an agentic coding agent skill and released under the Apache 2.0 license, Praxen is designed to be transparent, extensible, and accessible to developers, researchers, and security practitioners.
“Most security tools tell you what’s vulnerable. Praxen asked a different question entirely: Does this agent’s actual behavior match the governance or work remit it was built to enforce?” said Sherri Douville, CEO of Medigram. “The code-level remediation path it produced didn’t give us a risk report to file away. It gave us a precise engineering roadmap we could act on immediately. In enterprise AI deployment, the gap between what an agent is authorized to do and what it is actually capable of doing is where operational risk lives.”
Driving Transparency and Trust in Autonomous AI Systems
Exabeam is releasing Praxen as an open source project to help foster and enable ABV as an open best practice.
The industry is still defining how AI agents should be governed, monitored, and verified. Open sourcing Praxen allows developers, researchers, and security practitioners to examine the framework, contribute enhancements, and apply ABV principles within their own environments.
Praxen is available now under the Apache 2.0 license here: https://open-agent-ai-security.github.io/praxen/
About Exabeam
Exabeam is the leader in Behavior Intelligence for the agentic enterprise. As organizations deploy digital workers and confront machine-speed adversaries, Exabeam applies agent-powered analytics to understand and govern the behavior of both human and non-human insiders. With integrated Exabeam Nova cybersecurity agents, Exabeam delivers flexible, industry-proven solutions for insider threat coverage of humans and agents and faster, more accurate threat detection, investigation, and response (TDIR). As the pioneer of user and entity behavior analytics (UEBA) and the innovator behind Agent Behavior Analytics (ABA), Exabeam is trusted by more than 3,000 enterprises worldwide to reduce risk, secure the digital workforce, and accelerate security operations. Learn more at www.exabeam.com.
Exabeam: Stop Insider Threats. Human or AI.
View source version on businesswire.com: https://www.businesswire.com/news/home/20260623496656/en/
Media gallery
