Gartner Releases the First Market Guide on Guardian Agents

Welcome Back to The AI Trust Letter

Once a week, we distill the most critical AI & cybersecurity stories for builders, strategists, and researchers. Let’s dive in!

🛡️ NeuralTrust Recognized in Gartner’s Guardian Agents Report

The Story:

NeuralTrust has been mentioned in Gartner’s latest research on Guardian Agents, a new category focused on governing and securing AI agents in production environments.

The details:

• Gartner defines Guardian Agents as systems designed to supervise, control, and enforce policies over AI agents

• The report outlines the growing need for runtime controls as enterprises move from AI pilots to operational agent deployments

• It highlights risks such as unintended actions, data exposure, policy violations, and lack of observability

• NeuralTrust is referenced for its approach to securing AI applications and agents through real-time policy enforcement, monitoring, and threat detection

Why it matters:

As AI agents gain the ability to take actions, not just generate content, security shifts from filtering outputs to governing behavior. Enterprises need infrastructure that enforces policies at runtime, detects anomalies, and provides traceability across agent workflows.

Recognition in this report reflects a broader shift in the market. AI governance is moving closer to the infrastructure layer. Guardrails alone are not enough when agents interact with tools, APIs, and sensitive data.

Read full article

📘 NIST New Standards for AI Agents Explained

The Story:

NIST is advancing work on standards that address the risks and governance of AI agents, systems that can plan, reason, and take actions across tools and environments with limited human intervention.

The details:

• NIST is expanding its AI Risk Management Framework to account for agentic systems that interact with external tools, APIs, and data sources

• The focus shifts from evaluating model outputs to assessing system behavior, autonomy, and decision-making boundaries

• Key concerns include traceability of actions, clarity of role and authority, secure tool use, and alignment with organizational policies

• Agent systems require controls that operate at runtime, not only during model training or evaluation

Why it matters:

As organizations move from chat interfaces to autonomous agents, the risk surface changes. Agents can execute transactions, retrieve sensitive data, or trigger downstream systems. Governance must therefore include monitoring, policy enforcement, and auditability at the infrastructure level.

NIST’s direction signals that AI oversight is evolving from model-centric testing to system-level accountability. Enterprises building or deploying agents should prepare for controls that measure behavior, not just outputs.

Read full article

🤖 Perplexity Launches Computer, an AI Agent Coordinator

The Story:

Perplexity has introduced Computer, a new AI system designed to assign tasks to other AI agents and coordinate multi-agent workflows. This represents a shift from single-agent interactions to organized task distribution across specialized models. 

The details:

• Computer uses a mix of models chosen for specific functions, routing tasks to agents that are best suited for research, visual generation, browser-based actions, and other work. 

• Each task runs in an isolated compute environment with access to real filesystems, a real browser, and tool integrations. 

• The system runs in the cloud rather than on users’ local machines, and integrations are curated to limit unsafe or unregulated interactions. 

• Perplexity’s approach differs from models that stick with a single core engine by selecting the best model for each task type.

Why it matters:

Coordinating multiple specialist agents can increase efficiency for complex workflows by splitting work and applying the right model to each sub-task. This mirrors emerging enterprise practices where automation is not just about a single agent doing every job, but a system directing multiple tools to achieve a goal. It also highlights the growing importance of governance: orchestrated agents raise questions about monitoring, access control, and safe operation across integrated systems.

Read full article

⚠️ Cyberattack Breakout Time Falls Below 30 Minutes

The Story:

CrowdStrike’s 2026 Global Threat Report shows that adversaries are moving through compromised networks faster than before. The average time for an attacker to go from initial access to lateral movement now stands at 29 minutes, a notable acceleration from the previous year. 

The details:

• Breakout time refers to how long it takes an attacker to move from initial compromise to other systems in a network. In 2025, the average was 29 minutes, a 65 % year-over-year increase in speed. 

• The fastest observed breakout occurred in just 27 seconds, and in one case data exfiltration began within four minutes of initial access. 

• Attackers are increasingly blending into trusted identity systems, cloud services, and SaaS applications to evade detection and accelerate movement. 

• CrowdStrike tracked over 280 active threat groups, with state-linked actors from China and North Korea driving a significant share of cloud-focused intrusions. 

• A large portion of breaches did not involve traditional malware, pointing to credential abuse and living-off-the-land techniques instead. 

Why it matters:

The shrinking window between breach and lateral movement compresses defenders’ time to detect and respond. Traditional detection tools and manual processes may be too slow for these attack speeds. Security teams must invest in real-time monitoring, rapid response automation, identity controls, and cross-domain visibility to identify and contain threats before they escalate. Early detection, continuous monitoring, and proactive threat hunting will be essential in adapting to this rapidly evolving threat landscape.

Read full article

📊 Anthropic Says Claude Targeted by Industrial-Scale Distillation Campaigns

The Story:

Anthropic has disclosed that its Claude language models were the target of what it calls “industrial-scale” AI model distillation campaigns by overseas developers. The company published detailed findings to make the evidence available to the broader AI community and stakeholders. 

The details:

• Anthropic says three Chinese AI labs generated more than 16 million interactions with Claude using about 24,000 deceptive accounts. These sessions were designed to extract proprietary capabilities for training competing models. 

• The technique at the center of the controversy is distillation, where a smaller or alternative model learns from the output of a larger one. Distillation is a common training method, but at this scale and without authorization it can function as extraction of intellectual property.

• Anthropic describes the campaigns as coordinated, using “hydra cluster” proxy networks to distribute API traffic and evade detection. 

• According to Anthropic, the extracted outputs targeted reasoning, coding, and tool-use capabilities that would otherwise require extensive compute and research to develop independently. 

Why it matters:

This incident raises questions about how proprietary AI models can be protected when public APIs or cloud access are available. At scale, unauthorized distillation can shortcut years of development and billions in compute by leveraging outputs from established models.

It also has implications for governance, security, and cross-industry cooperation: defenders may need to monitor for unusual API patterns, strengthen access controls, and coordinate with cloud providers and policymakers to safeguard intellectual property and mitigate risks associated with unregulated model replication.

Read full article

What´s next?

Thanks for reading! If this brought you value, share it with a colleague or post it to your feed. For more curated insight into the world of AI and security, stay connected.