SAN FRANCISCO, March 23, 2026 (GLOBE NEWSWIRE) — Operant AI, a Gartner-recognized leader in AI and Agentic security, today announced the launch of Agent ScopeGuard, a new capability for Operant’s Agent Protector that detects and blocks AI agents from acting outside their intended operational scope in real-time, at GPU-accelerated speed, before damage is done.
As enterprises accelerate agentic AI deployments across business-critical and regulated industries, Agent ScopeGuard gives security and engineering teams a critical safeguard against rogue agent behavior in all its forms malicious, misaligned, or simply unconstrained.
Addressing the Urgent Threats Posed by Unsupervised Agents
Production AI agents present a growing category of security and compliance risk that traditional controls are not designed to address. Agents can be compromised through adversarial inputs or prompt injection, drift from their intended objectives as they optimize for outcomes, or autonomously expand their scope — accessing data, systems, and workflows they were never intentionally authorized to touch. In regulated environments, any of these failure modes can result in compliance violations, data exposure, or unsanctioned business decisions.
As agentic workflows are granted access to increasingly sensitive data and systems with real-world reach, the stakes of out-of-scope behavior rise accordingly. Enterprises are deploying agents with less human oversight by design — but removing humans from the loop without robust runtime controls in place creates serious exposure. ScopeGuard fills that gap. By defining, monitoring, and enforcing the operational boundary of every agent at runtime, Operant AI ensures agents operate within their authorized scope — and are stopped when they don’t.
“Agents are probabilistic by nature — you cannot engineer certainty out of them, only build the boundaries that contain the consequences when they go wrong,” said Priyanka Tembey, Co-Founder and CTO of Operant AI. “The industry has already seen, repeatedly, that agents exceed their intended boundaries when left unchecked. As enterprises grant agents access to increasingly critical systems and data, enforcing those boundaries isn’t a nice-to-have — it’s a P0 requirement. The question is no longer whether your agents will test their limits. It’s whether you have the controls in place when they do.”
Real-World Scenarios Where Agent ScopeGuard Can Stop Rogue Agents
Behind every rogue agent incident is a real person who didn’t expect an AI to make a consequential decision that affects their lives, whether it affects their finances, their health, or their home. The following scenarios illustrate what’s at stake when agents operate without boundaries, and how Operant’s Agent ScopeGuard can help prevent rogue agents from impacting real people who never opted in to interacting with an autonomous agent in the first place.
Fintech: If a Payments Agent Is Exploited to Drain Customer Accounts
A digital banking platform’s payments agent — scoped to execute transfers based on authenticated customer instructions — was compromised through a prompt injection attack embedded in a fraudulent incoming transaction memo. The manipulated instructions caused the agent to initiate a series of outbound transfers to external accounts, bypassing the platform’s standard human review threshold. By the time the anomaly surfaced in a routine reconciliation, six customer accounts had been debited for a combined loss exceeding $240,000.
Agent ScopeGuard’s runtime enforcement would have flagged the transfer requests the moment they deviated from the agent’s defined operational parameters — blocking execution and alerting the security team before any funds moved.
Healthtech: If a Care Coordination Agent Causes Medication Harm Through Unauthorized Clinical Access
A hospital network’s care coordination agent — scoped to schedule follow-up appointments and route referrals based on discharge summaries — began autonomously accessing full patient medication histories and lab results to optimize its prioritization logic. Without clinical oversight, the agent rescheduled a post-surgical patient’s follow-up to a later date, having determined based on lab data that the case was lower priority. The patient, whose recovery had taken an unexpected turn, missed a critical intervention window. ScopeGuard would have blocked the agent’s access to medication and lab data at the point of request — keeping prioritization decisions within the agent’s authorized inputs and ensuring clinically consequential judgments remained with the care team.
Insurance: If a Claims Agent Cancels a Family’s Coverage Without Authorization
A home insurance company deployed an AI agent to help process the surge of claims following a regional wildfire. When a displaced homeowner filed a claim for property loss, the agent reached beyond its authorized scope — pulling the homeowner’s full claims history and an internal risk-scoring model it had no authorization to access. Based on that data, it autonomously triggered a policy cancellation notice, a decision it was never authorized to make. With their home destroyed and temporary housing costs mounting, the homeowner suddenly had no coverage and no realistic path to a replacement policy in the middle of a regional disaster. Out-of-pocket expenses exceeded $18,000 before the error was caught and reversed. ScopeGuard would have blocked the agent’s access to the risk model at the point of request, ensuring that decision — and the harm that followed — never reached a family already in crisis.
How Operant Agent ScopeGuard Works
Agent ScopeGuard is built on Operant AI’s runtime AI security platform and operates as a continuous enforcement layer between your agents and the systems they interact with. Unlike static guardrails or prompt-level restrictions — which agents can reason around — Agent ScopeGuard enforces boundaries at the infrastructure level, in real time, regardless of how an agent decides to pursue its objective.
Key Capabilities include:
- Scope Definition & Policy Binding — Define precise operational boundaries per agent: which data sources it can access, which APIs it can call, which workflows it can initiate, and which data types it may read or write.
- Runtime Behavioral Monitoring — GPU-accelerated enforcement operates at the speed of the fastest agents, evaluating every action against its defined scope in real time. No post-hoc log review. No delayed detection.
- Instant Enforcement & Alerting — Out-of-scope actions are blocked before execution. Security and compliance teams receive immediate, contextual alerts with full action traces.
- Scope-Aware Explainability — Every blocked action is logged with the agent’s reasoning chain, enabling teams to understand not just what the agent tried to do, but why — critical for audit trails in regulated industries.
- Zero Disruption to Intended Function — ScopeGuard is additive, not restrictive. Agents continue to operate at full capability within their defined scope. Only unauthorized actions are interrupted.
Availability
ScopeGuard is available today for Operant AI enterprise customers using Operant’s Agent Protector and is compatible with all major agentic frameworks including LangChain, LlamaIndex, CrewAI, and custom-built agent architectures.
About Operant AI
Operant AI is the industry’s most comprehensive real-time security platform for AI, Agents, and MCP — the only vendor listed across six of Gartner’s key AI and MCP security reports in the last year. Founded by veterans of Apple, VMware, and Google, and backed by Felicis and SineWave Ventures, Operant delivers the only inline, runtime AI defense platform that discovers, detects, and defends the full spectrum of AI workloads — from endpoints to cloud, across LLM APIs, orchestration layers, MCP servers, tool integrations, and autonomous AI agents. Operant actively secures prompts, interactions, agents, and all data-in-use as it flows through live application stacks — at GPU speed, enabling enterprises to scale AI faster and safer.
Learn more at www.operant.ai.
Media Contact:
Erica Anderson
Photos accompanying this announcement are available at
https://www.globenewswire.com/NewsRoom/AttachmentNg/3b66cde1-c960-4f9f-bec9-73116f4c98ab
https://www.globenewswire.com/NewsRoom/AttachmentNg/3edc443c-792b-4edd-a9da-538325919b0f
