Enterprise DNA

Omni by Enterprise DNA

Enterprise DNA Resources

Latest AI and industry news. Practical AI operating-system thinking for owners, operators, and teams doing real work.

220k+

Data professionals

Omni

AI agents and apps

Audit

Map the manual work

News Trending AI News

Exabeam Tracks AI Agent Behavior Across ChatGPT and Copilot

Exabeam expanded Agent Behavior Analytics to monitor AI agents in ChatGPT, Copilot, and Gemini, covering all 10 OWASP agentic AI risk categories.

Enterprise DNA | | via BusinessWire
Exabeam Tracks AI Agent Behavior Across ChatGPT and Copilot

Forty percent of business applications are expected to include AI agents by the end of 2026. Less than a year ago, that figure was under five percent. That kind of adoption velocity creates a security gap that most enterprises have barely started thinking about — and on April 1, 2026, Exabeam moved to close it.

The company announced a significant expansion of its Agent Behavior Analytics (ABA) platform, adding monitoring coverage for OpenAI ChatGPT and Microsoft Copilot alongside its existing visibility into Google Gemini. The more consequential update is what sits underneath that coverage: five new capabilities that address what Exabeam calls the “agentic attack surface.”

The Five New Capabilities

AI Behavior Baselining is the foundation. Exabeam builds dynamic behavior profiles for users and their AI agents — tracking request volumes, token usage, tool invocations, web sessions, and outbound activity. When patterns deviate from established norms, like a sudden spike in API calls or unusual token consumption, the platform flags the anomaly. The goal is to detect misuse before it escalates rather than investigating after the damage is done.

Prompt and Model Abuse Detection addresses the attack vectors specific to AI: prompt injection, model manipulation, and tool exploitation. Exabeam’s detection library grew fivefold with this release, covering the full spectrum from prompt manipulation to shadow AI activity — situations where employees are using AI tools the security team doesn’t know exist.

Identity and Privilege Monitoring takes the existing rigor applied to human accounts and applies it to AI identities. Exabeam now surfaces anomalies across AI platform roles, permissions, and users, including first-time role assignments, unexpected privilege escalations, and unusual permission changes. An AI agent that suddenly gains access to data it has never touched before gets treated the same way a suspicious human account would.

Agent Lifecycle Monitoring closes what Exabeam calls a “governance gap” — most organizations have no visibility into which AI agents exist in their environment, who created them, or how they are being used. The new capability creates auditable records of every agent’s creation, modification, and activity, surfacing these as discrete signals in the investigation workflow.

OWASP Top 10 for Agentic AI Coverage is perhaps the most significant addition from a governance standpoint. OWASP published a framework specifically for agentic AI risks — covering prompt manipulation, excessive privileges, insecure tool usage, model misuse, and six other categories. Exabeam now provides behavior-based detection for all ten. For enterprises that need to demonstrate compliance or due diligence around AI deployments, having a security tool mapped to a recognized framework changes the conversation.

Why This Category Is Emerging Now

The security challenge with AI agents is meaningfully different from traditional software. A misconfigured application behaves incorrectly in predictable ways. An AI agent that has been manipulated through prompt injection may behave correctly most of the time while carrying out unauthorized instructions in the background. The threat surface is probabilistic and context-dependent in ways that signature-based detection was never designed to handle.

Behavior analytics — the approach Exabeam has used for human insider threat detection for years — is better suited to this problem. If you know what normal looks like for a given agent, you can detect abnormal. The question has been whether security platforms would adapt their tooling fast enough to keep pace with deployment velocity.

This announcement suggests the category is taking shape. OWASP publishing an agentic-specific Top 10, and established security vendors building detection mapped to that framework, indicates the industry is converging on standards rather than each organization figuring this out independently.

What This Means for Business

If your organization is deploying AI agents — through any of the major enterprise platforms — this development matters regardless of whether you use Exabeam.

The underlying message is that AI agent governance is no longer optional. Shadow AI (employees using AI tools outside of IT’s visibility), prompt injection attacks, and agents with excessive privileges are real risks that are growing as deployment scales. The businesses that get ahead of this are building audit trails and behavioral baselines now, not after something goes wrong.

For teams deploying AI agents across business operations, the security and governance layer is as important as the capability layer. A voice agent that can access customer records, an ops agent that can initiate workflows, a data agent that can query sensitive databases — all of these require oversight that most organizations have not yet put in place.

The good news is that frameworks and tooling are catching up. The OWASP Agentic Top 10 gives security teams a common language. Products like Exabeam’s ABA give them a way to operationalize it. Neither existed in a mature form eighteen months ago.


The practical next step is the free Working With Claude field guide. Thirty-two pages covering the ecosystem, Claude Code, and how to govern a rollout properly. Get your copy.

Working With Claude field guide cover

Free Resource

Going deeper with Claude?

Get the free 32-page implementation guide for ANZ teams.

No spam. Unsubscribe any time.