The Ghosts in the Code: Securing AI's Autonomous Future

WILMINGTON, Del. – June 17, 2026

The digital scaffolding of the modern enterprise is being rebuilt with artificial intelligence, but the blueprints for its security are dangerously outdated. In the global rush for a productivity boom unseen in decades, organizations are eagerly deploying a new workforce of autonomous AI agents. These digital assistants are no longer simple chatbots; they are sophisticated actors granted access to critical systems, tasked with writing code, querying databases, and making decisions. Yet, as this new layer of automation weaves itself into the corporate fabric, it reveals a structural vulnerability of profound consequence. The very tools meant to protect the enterprise are blind to the actions of these new, non-human identities.

Into this emerging security vacuum steps Tenet Security, a company emerging from stealth today with $6 million in seed funding and a mission to police the actions of these autonomous agents. Founded by veteran offensive security researchers who previously helped build Cisco's AI Defense, Tenet argues that the industry is facing a paradigm shift. The greatest AI security challenge isn't protecting the models themselves, but controlling what happens after an agent is set loose on a corporate network.

The Blind Spot in the AI Revolution

The speed of AI adoption has created a governance nightmare. According to Tenet, most large organizations have as many as five times more AI agents running than their security teams even realize. This creates a vast, unmonitored attack surface. These agents, operating with legitimate permissions, become perfect Trojan horses. Traditional security platforms—built to monitor human users, network traffic, or application endpoints—lack the context to understand an agent's intent or the chain of actions it might take.

"We're entering a world where autonomous agents are interacting with systems, data, and other agents in ways most security tools were never designed to understand," said Barak Sternberg, co-founder and CEO of Tenet Security, in a statement. "That creates an entirely new security layer that requires a fundamentally different approach to protection."

This isn't a theoretical problem. Industry analysts are already sounding the alarm, with Forrester predicting that an agentic AI deployment will be the cause of a major enterprise breach by 2026. The risk lies in the agent's autonomy. Once given a task, it can interact with multiple applications, access different data sources, and execute code, all without direct human oversight. If its instructions are subtly manipulated, the consequences could be catastrophic, ranging from sensitive data exfiltration to sabotage of critical infrastructure—all performed by an agent acting within its authorized permissions, leaving traditional security systems none the wiser.

A New Defense for a New Threat: Agentjacking

Tenet’s answer to this challenge is a patent-pending technology it calls "Agent-side Simulation." Instead of reacting to suspicious activity after the fact, the platform works proactively at runtime. By creating a lightweight sensor that monitors an agent's reasoning and its interactions with the operating system and network, Tenet can predict and simulate the agent's likely next actions before they are executed. If a simulated path appears malicious or simply risky, the platform intervenes, blocking the action and providing a clear audit trail of why.

This approach is designed to counter a new class of attack the company has dubbed "Agentjacking." This is a sophisticated form of indirect prompt injection where malicious instructions are hidden within data sources an agent is expected to process—such as emails, log files, documents, or database entries. An unsuspecting agent, tasked with summarizing a report, might encounter hidden instructions within that report telling it to exfiltrate sensitive customer data to a public server. Because the agent is acting on its own initiative based on the data it consumed, the attack is invisible to prompt-monitoring tools.

Research from Tenet Threat Labs has already validated the viability of Agentjacking, successfully demonstrating the technique across more than 100 enterprise environments and identifying thousands of organizations with publicly accessible attack paths. "Attackers can manipulate agents to access sensitive data, abuse privileges, or take actions on their behalf in ways traditional security tools were never designed to detect," explained Nevo Poran, co-founder and CTO. "The only place left to catch these threats is at runtime, in the moment an agent decides to act."

From Offensive Research to Proactive Defense

The foresight to tackle this problem comes from deep within the world of offensive security. Before launching Tenet, Sternberg and Poran were instrumental in building Cisco's AI Defense unit and previously founded Wild Pointer, a cybersecurity firm they scaled to a seven-figure revenue business serving Fortune 500 clients. Both are alumni of the Israeli Defense Forces' elite Unit 8200 and are regular speakers at top security conferences like DEF CON and Black Hat.

Their conviction to start Tenet grew from a realization at Cisco that while everyone was focused on securing large language models (LLMs), the far greater risk was the unchecked behavior of the agents powered by them. They saw a future where the attack path itself would include a compromised AI agent, and they concluded that the existing security apparatus was unprepared. This conviction led them to leave their corporate roles and build the solution they believed was necessary.

That vision quickly attracted capital. The $6 million seed round was led by The Westly Group, an early investor in cybersecurity giant SentinelOne, and MizMaa Ventures. The funding is earmarked for product development, expanding the company's threat research lab, and scaling its North American go-to-market operations to meet a clear and present demand.

Early Warnings and Market Validation

Tenet's platform has already demonstrated its value in early deployments. At one $1 billion ARR legal-sector enterprise, the platform blocked more than ten attempted attacks, including a critical cross-site scripting (XSS) attack, as the firm scaled its agent usage from two to over twenty deployments. In another Fortune 1000 company, Tenet's system identified a "runaway" AI agent that was silently racking up tens of thousands of dollars in unnecessary token consumption over a single weekend, preventing significant financial waste before the agent was deployed more broadly.

These real-world examples, protecting systems used by over 24 million users, provide tangible validation for the company’s thesis. The backing of a high-profile advisory board, which includes the former CISOs of Robinhood and BNY Mellon, further signals that the highest levels of enterprise security are recognizing this emergent threat.

As organizations continue to embrace autonomous agents as a core pillar of their operational strategy, they are simultaneously creating a new, fragile dependency. The systems holding our modern digital world together are being handed over, piece by piece, to non-human actors. Without a corresponding evolution in our security posture, we are not building a foundation for the future but rather a more efficient house of cards. Tenet's emergence is a critical acknowledgment that to unlock the full potential of AI, we must first learn to control the ghosts we are putting inside the machine.