Lasso Unveils 'Intent Security' to Police Autonomous AI Agents

WASHINGTON, DC – February 17, 2026 – As artificial intelligence evolves from passive assistants into autonomous agents capable of independent action, the cybersecurity landscape is facing a seismic shift. Addressing this new frontier, AI security firm Lasso Security today announced the launch of Intent Deputy, a product it bills as the industry’s first behavioral framework for securing AI agents. The launch also serves as the formal introduction of “Intent Security,” a new paradigm the company is championing to move beyond analyzing what AI says to understanding why it acts.

This move signals a growing recognition across the industry that the security models built for predictable software are fundamentally inadequate for the non-deterministic nature of autonomous AI. As enterprises rush to deploy AI agents that can reason, plan, and execute complex workflows across sensitive corporate systems, they are simultaneously creating an attack surface that is fluid, context-dependent, and dangerously unpredictable.

The Autonomous Agent and a New Attack Surface

The transition from contained chatbots to agentic AI marks a profound change in enterprise technology. These agents are no longer just responding to queries; they are initiating actions, accessing databases, calling APIs, and operating on a user's behalf with significant autonomy. This creates what security experts are calling a non-deterministic attack surface, where the same action can be either benign or malicious depending entirely on context and intent.

Legacy security tools, which primarily rely on static defenses like regular expression (regex) classifiers and keyword scanning, are ill-equipped for this new reality. They are designed to find known bad patterns in data, a method that falls apart when threats are embedded in context rather than content. Sophisticated attacks like indirect prompt injection—where malicious instructions are hidden in data an agent retrieves, causing it to deviate from its mission—can easily bypass these traditional guardrails. Other risks include “excessive agency,” where an agent oversteps its authorized boundaries, or simple misconfigurations that lead to unintended consequences at scale.

Industry frameworks are beginning to reflect this challenge. Gartner’s AI Trust, Risk, and Security Management (AI TRiSM) model emphasizes the need for runtime inspection and enforcement, while other analysts are calling for new governance principles like “least agency” to constrain autonomous systems. The consensus is clear: securing agentic AI requires a dynamic, behavioral approach that traditional security cannot provide.

A New Paradigm: From 'What' to 'Why'

Lasso Security proposes that “Intent Security” is the answer. The company defines this as a new security category focused on dynamic, real-time analysis of an AI agent's behavior across its entire interaction lifecycle. Intent Deputy is the engine designed to make this concept a reality.

“Intent Security represents the breakthrough security paradigm this rapidly evolving market demands, and Intent Deputy is our first-of-its-kind solution delivering it,” said Elad Schulman, CEO and Co-Founder of Lasso Security, in the announcement. “It equips security teams with precise behavioral baselines to identify and stop agent deviations, caused by misconfiguration, behavioral drift, or malicious intent, in real time, before they escalate.”

Instead of scanning individual prompts, Intent Deputy analyzes an agent's actions in the context of its authorized purpose. According to the company, it creates unique “behavioral fingerprints” for both users and AI agents, similar to how modern identity security platforms monitor human user behavior. When an agent's actions deviate from its established baseline—for instance, a marketing agent suddenly attempting to write and execute code—the system flags the anomaly instantly. This focus on intent alignment is designed to catch threats that manifest over a sequence of seemingly harmless steps.

Lasso claims its new system can achieve 99.83% threat detection at sub-50ms speeds, ensuring security doesn't create the kind of performance lag that frustrates users and hinders adoption. The company also asserts it is significantly more cost-effective than comparable cloud-native guardrail approaches, a critical factor for enterprises looking to scale AI securely.

Taming 'Shadow AI' and Unsanctioned Tools

The urgency for such a solution is amplified by the rapid, often unsanctioned, adoption of powerful AI tools by employees—a phenomenon known as “shadow AI.” These tools, operating outside of IT governance and security oversight, introduce significant risks.

Lasso highlights the open-source agent framework OpenClaw as a prime example. While employees adopt such tools to improve productivity, their autonomous capabilities can magnify familiar vulnerabilities into enterprise-wide crises. A misconfigured or manipulated agent could expose credentials, access local files, or even be weaponized to launch mass spam campaigns.

“OpenClaw is shadow AI with a broader blast radius,” Schulman stated. “Employees adopt these tools because they genuinely help them work better, but the autonomous scale amplifies familiar vulnerabilities into enterprise-wide threats. Prohibition isn’t viable; the path forward is intelligent governance through deep behavioral visibility.”

This perspective aligns with the broader enterprise struggle to balance innovation with security. By providing a way to monitor and govern agent behavior without outright banning powerful tools, solutions aiming for intent-based security hope to offer a viable middle ground.

An Industry in Transition

While Lasso has coined the term “Intent Security,” the underlying principles are part of a wider industry pivot. The need for real-time behavioral monitoring, strong governance, and context-aware controls for AI is a recurring theme among cybersecurity experts and enterprise leaders navigating AI adoption.

For businesses at the forefront of this integration, the theoretical risks are becoming practical challenges. Itzik Menashe, CISO & VP IT Productivity at Telit Cinterion, commented on the shift: “As we scale AI agents across the enterprise, the security challenge isn't just what data flows through them, it's understanding why they're taking the actions they take.” He noted that legacy tools can force a difficult choice between security and performance, underscoring the need for a new approach.

Lasso Security, founded in 2023 by a team of serial entrepreneurs from the Israeli cybersecurity ecosystem, is positioning itself to lead this new market category. Backed by an initial $6 million seed round, the company is betting that as AI becomes a core execution layer within the enterprise, securing its intent will become the central discipline of AI risk management. This launch places the concept of behavioral intent squarely in the spotlight, challenging the industry to build a new foundation of trust for a future driven by autonomous systems.