Exabeam expands AI agent security tools with Claude
Wed, 1st Jul 2026 (Today)
Exabeam has expanded its Behaviour Intelligence offering with new tools aimed at securing AI agents and autonomous workflows. The update adds broader detection coverage and support for Anthropic Claude.
The changes span Exabeam Agent Behaviour Analytics, Outcomes Navigator, Exabeam Nova, Threat Centre, Attack Surface Insights, and search and data collection workflows. The release is intended to help security teams detect, investigate, and reduce risks linked to AI agents, human-to-agent activity, and automated processes across enterprise environments.
AI agents are becoming more active inside businesses as they access systems, use tools, interact with data, and carry out tasks on behalf of employees. This creates a security challenge for operations teams because agent activity can rely on approved applications and valid credentials, making harmful behaviour harder to distinguish from normal use.
One of the main changes is broader detection coverage. New AI- and agent-related behavioural detections have doubled Exabeam's total AI-focused coverage to 90.
These detections are designed to identify unusual interactions between human users and AI agents, as well as unauthorised autonomous agent activity. They include suspicious prompt behaviour, unusual tool invocation sequences, abnormal consumption patterns, unauthorised configuration changes, denial-of-wallet indicators, and shadow AI activity.
Visibility has also been extended across enterprise AI platforms. Anthropic Claude has been added alongside OpenAI ChatGPT, Google Gemini, Microsoft Copilot, and GitHub Copilot, giving security teams another source of telemetry on tool adoption and use.
OWASP mapping
Exabeam has also added coverage aligned to the OWASP Top 10 for Agentic AI within Outcomes Navigator. This lets customers review how their existing detections map to emerging AI risks and identify gaps in monitoring.
That should help organisations decide where to add detection content as AI deployments spread across departments. The move also places Exabeam's product updates within a broader industry effort to build common frameworks for securing AI systems and agent-led applications.
Another part of the release focuses on detection engineering and investigations. Exabeam Nova Rules Creator now lets teams create and tune correlation and analytics rules using natural language, while also supporting conversion from Sigma rules.
Nova Related Cases, now in early access, is designed to help analysts identify linked incidents by surfacing shared entities such as IP addresses or hosts. The aim is to reduce manual triage and make it easier to spot persistent or developing threats.
Other updates target day-to-day security operations centre work. These include phishing email ingest for reported phishing messages; changes to Attack Surface Insights for entity health and identity linking; and data onboarding updates through new cloud collectors, custom REST API context collection, Site Collector health notifications, and log stream changes.
Reporting and navigation have also been updated through dashboard authoring, biweekly reporting, and changes to global search.
Open source project
Alongside the product release, Exabeam announced Observra, an open source project and library focused on agent telemetry and observability. It is intended for developers, security teams, and platform teams that need a standardised way to capture and route data on agent activity.
Observra collects activity across major frameworks, normalises it into events, and enriches those events with cost, redaction, deduplication, and risk signals before sending the information to a security operations platform. Exabeam's New-Scale Platform uses the Observra library to improve observability of agent behaviour.
The launch follows Exabeam's earlier release of Praxen, another open source project aimed at agent behaviour verification before deployment. Together, Praxen and Observra are intended to address both pre-deployment checks and post-deployment monitoring for AI agents.
"Organisations are rapidly moving from AI experimentation to autonomous AI agents operating across the enterprise," said Pete Harteveld, Chief Executive Officer, Exabeam.
"Security teams need visibility not only into human activity, but into how agents behave, interact, and make decisions. Exabeam is helping customers secure this new reality by bringing together AI visibility, behavioural analytics, and threat detection across human users, AI agents, and the systems they interact with."
Exabeam also pointed to customer demand for clearer insight into practical AI use inside businesses.
"We're seeing more AI tools and agents show up across the business, and one of the biggest challenges is understanding how they're actually being used," said Andrea Licciardi, Senior Cybersecurity Manager, MAIRE, and Founder of CISOs4AI.
"Behavioural analytics and agent observability give us the context we need to spot unusual activity early and investigate it quickly, without slowing down AI adoption."
The release also extends LogRhythm SIEM ecosystem coverage with new and enhanced integrations across Microsoft, cloud, identity, email, and security technologies. That broader set of integrations is intended to give organisations more visibility across modern attack surfaces while simplifying the collection of data used by security teams.
Steve Wilson, Chief AI Officer at Exabeam and Co-Founder and Co-Chair of the OWASP Gen AI Security Project, said the challenge for businesses now spans the full lifecycle of an agent rather than a single point in time.
"AI agents introduce a new security challenge because organizations need confidence both before and after deployment," said Steve Wilson, Chief AI Officer, Exabeam, and Co-Founder and Co-Chair of the OWASP Gen AI Security Project.
"Organisations must verify that agents are operating within their intended roles, observe how they interact with systems and data, analyse behaviour for signs of misuse or compromise, and continuously improve defences as agents evolve."