.jpg)
Wallarm has taken a leading role in publishing "A2AS: Agentic AI Runtime Security and Self-Defense," a pioneering research project spearheaded by Eugene Neelou from OWASP and Wallarm, in collaboration with experts from AWS, Bytedance, Cisco, Elastic, Google, JPMorganChase, Meta, and Salesforce. This framework establishes a dedicated security layer for AI agents, LLM-powered applications, and AI protocols, analogous to HTTPS for HTTP, to mitigate escalating risks in enterprise deployments.
The A2AS framework emerges as enterprises integrate agentic AI into critical workflows, where vulnerabilities could lead to widespread compromise. Traditional approaches like guardrails and post-processing fall short in speed and cost-effectiveness, prompting the need for embedded runtime protections. By focusing on self-defense mechanisms, A2AS ensures AI systems operate securely from the outset, safeguarding against evolving threats in high-stakes sectors.
Behavior Certificates represent a foundational innovation, allowing AI agents to declare and enforce their actions and resource access explicitly. This mechanism mirrors HTTPS certificates by verifying and securing agent interactions with users, tools, and peers, preventing unauthorized behaviors and tool misuse. Integrated with enterprise identity controls, it supports attribution and access management, forming a robust barrier against compromise.
Model Self-Defense Reasoning integrates security logic directly into the AI model's context, enabling instantaneous detection and deflection of untrusted inputs without relying on external components. Complementing this, Prompt-Level Security Controls—refined as Authenticated Prompts and Security Boundaries—verify prompt integrity, isolate untrusted data, and enforce code-driven policies. These features maintain context window separation, thwarting prompt injection through in-context defenses and runtime orchestration for defense-in-depth.
Led by Eugene Neelou, who coined MLSecOps and co-authored the OWASP Top 10 for LLM Security, the project draws on Ivan Novikov's API and AI security expertise from Wallarm. "AI agents are already in production, and they introduce a dangerous new attack surface," said Ivan Novikov. "With A2AS, we've shown that security can be embedded directly into the agent runtime, turning self-defense from a theory into a practical defense layer." "AI agents are rapidly infiltrating enterprise software, requiring privileged access and deep integration with company-wide tools," added Eugene Neelou. "Under pressure to adopt AI, enterprises are voluntarily incorporating vulnerable-by-design AI capabilities. Without deliberate security hardening, disaster is inevitable."
Wallarm is the only unified platform for API and agentic AI security successfully deployed in enterprise production environments. With Wallarm, customers receive the fastest, easiest, and most effective way to stop API attacks. Organizations choose Wallarm to protect their APIs and AI agents because the platform delivers a complete inventory of APIs, real-time blocking, and patented AI/ML-based abuse detection. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.