Artificial intelligence security platform company DeepKeep Ltd. today launched a new AI agent attack surface scanning and discovery solution that maps the risks associated with each agent within an agentic enterprise workflow.

As organizations increasingly deploy nondeterministic, large language model-based agents with access to business applications, tools and data, they are expanding their attack surface in ways traditional cybersecurity controls were not designed to address.

The release today includes AI Agent Scanner, which provides immediate visibility into what AI agents can access, which tools and data they interact with and where potential vulnerabilities exist to meet a pressing enterprise need as the AI agent attack surface grows. The solution performs robust attack surface scanning to map an agent’s entire threat landscape, identifying connected tools and their intents, data sources and potential vulnerabilities.

AI Agent Scanner produces a visual risk map of vital insights to help businesses better understand the scope of their agent’s exposure and threats, according to the latest Open Worldwide Application Security Project Top 10 for Agentic Applications. It also indicates how each element may be leveraged by attackers and what defensive actions are needed.

The idea is that by increasing visibility into complex, multi-framework agentic workflows, organizations can identify and manage risks earlier both during development and as agents move into production.

“AI agents are no longer operating in isolation; they’re quickly becoming fundamental parts of entire business workflows, executing tasks that change how work gets done,” explains Yossi Altevet, co-founder and chief technology officer of DeepKeep. “But without proper safeguards, their expanding attack surface will rapidly become a massive enterprise liability.”

Along with mapping and discovery, DeepKeep’s solution also provides runtime protection for select agentic frameworks. The platform identifies where AI firewalls and guardrails should be placed based on observed agent behavior, tool access and data exposure to allow security teams to actively reduce risk during execution.

The solution currently supports leading agentic frameworks, including Microsoft-based frameworks, Agentforce, OpenAI Agents, CrewAI, Amazon Bedrock AgentCore, n8n and Make. DeepKeep also plans to expand its AI agent security capabilities across the full AI lifecycle in 2026, with a red teaming solution forthcoming.

DeepKeep is a venture capital-backed startup that raised $10 million in a seed funding round led by Awz Adventures in May 2024.

Image: DeepKeep