SURFACE
What the agent touches
Tools, credentials, customer data, code, or production systems mapped at the action boundary.
Agent Runtime Security Assessment
Glacis maps one AI workflow across model calls, tool use, credentials, data access, control coverage, evidence gaps, and drift readiness — then hands back a practical hardening plan and an evidence path.
10 business days, one named workflow, a customer-ready proof plan at the end.
Three lenses on one workflow
Model calls and agent boundaries. Tool-call exposure and delegated authority. Credential and data-access paths. Prompt-injection and tool-misuse risk. Runtime control gaps and evidence gaps.
Runtime control recommendations. Evidence path for signed receipts. Security-review readiness findings. Customer-facing review artifact. Secondary ISO 42001 / NIST AI RMF mapping where useful.
Scope one named AI workflow. Review agent, tool, data, and credential boundaries. Map control and evidence gaps. Demonstrate the receipt and evidence-pack path. Leave with a customer-ready proof plan.
Assessment output
The assessment is built for AI-native teams selling into enterprise. It focuses the conversation on what the workflow can do, which runtime controls should run, what evidence is missing, and what proof your customer can inspect.
SURFACE
Tools, credentials, customer data, code, or production systems mapped at the action boundary.
RISK
Prompt injection, tool misuse, data leakage, unauthorized action, and drift — named, ranked, and located.
CONTROL PLAN
Allow, block, redact, restrict, escalate, or require review at runtime.
EVIDENCE PATH
Signed receipts assembled into a customer-facing evidence pack, verifiable offline.
Tell us about the workflow. We’ll scope the Sprint and reply within 24 hours.
Different use case, or just exploring? Get in touch.