The Road to Accountable AI

In the final episode of our series on governing AI agents, Kevin Werbach speaks with Harish Peri, SVP and General Manager for AI Security at Okta. Peri frames agent governance as the natural next chapter of what Okta has done for two decades: standing in the middle of people accessing technology. The twist is that the new "software" is a non-deterministic agent with a brain, which imposes a much higher security bar. He argues that agents live at the application layer, where the real question is one of authorization: is this agent allowed to take this action or access this data, at this moment, on behalf of this user, given all available signals? Much of the conversation explores why a neutral, independent control plane separate from the frontier models and agent runtimes matters from a cybersecurity standpoint, spreading risk across multiple layers rather than concentrating it in one place.
Peri notes that while awareness of rogue AI is universal, roughly 20% of agents carry about 80% of the risk. He distinguishes security threats like prompt injection and poisoned skill files from "intent mismatch," where an under-specified instruction such as "clean this up" gets read as "delete," and explains how coarse-grained limits, fine-grained context-based authorization, and selectively applied human-in-the-loop checks each play a role in agent governance.
Harish Peri is the SVP and General Manager for AI Security at Okta, where he leads product, go-to-market, and commercial strategy for securing agentic AI. He has more than 20 years of experience across engineering, product management, marketing, and general management, spanning financial services, technology, and human capital management, with prior roles at Salesforce, ADP, and Proxyclick. He holds an MBA from the Haas School of Business at UC Berkeley.
Transcript


The Future of AI Security: The Right Architecture for Agents
Secure Your Business Against AI Agents

Logan Kelly never set out to build an AI governance solution. Waxell spun out of CallSine, an AI-native sales engagement platform, when the team realized that agents that could act on their own produced a cascade of problems: burning through tokens, accessing databases, creating data-quality issues, and generally doing things no one had explicitly approved. Unable to find existing tooling that addressed the problems effectively, the team built a control plane for agents, which became the foundation of Waxell. 

In this episode in our series on governing AI agents, CEO Logan Kelly emphasizes that governance should be legible to finance, legal, and compliance teams, not just developers. As he explains, agent governance is less about exotic AI risks than about visibility and control over things companies already care about, such as cost, data access, and who's allowed to do what. Kelly makes the case that the worst outcome isn't an agent misbehaving but companies losing trust in agents altogether and missing their value—arguing that every major technology, from cloud computing onward, arrived with new risks that good governance ultimately made manageable. Looking ahead, he bets that flexible, general-purpose governance will win out over locked-in "walled garden" platforms, as the pace of change in AI keeps accelerating..
Logan Kelly is the Co-Founder and CEO of Waxell, an AI governance and agent observability company that provides a control plane for operating autonomous AI agents in production. The company entered public beta in early 2026.

Transcript

Kevin Werbach speaks with Nadav Cornberg, co-founder and CEO of Eve Security, about securing agentic AI where it counts: at the moment an agent actually does something. He recounts how customers upended his own assumptions that AI agent security should focus on visibility and after-the-fact detection. Buyers insisted on runtime enforcement first, reasoning that learning a production database was deleted after the fact helps no one. With Eve's "interrogation" approach, when an agent attempts an anomalous, high-risk action, Eve's agent-in-the-loop pauses and questions it about its intent, before approving, blocking, or escalating to a human.
Cornberg describes building a deterministic enforcement layer on top of inherently non-deterministic models, with the system minting explicit rules from observed behavior so that the large majority of everyday requests resolve deterministically. Ultimately, the consequenes are the same whether an unintended action originates in a prompt injection or a simple hallucination. On the perennial human-in-the-loop question, Cornberg argues that escalating everything would drown security teams as the agentic workforce scales, so the platform automatically handles lower-risk cases with justification and reserves human review for the genuinely critical. He closes predicting that "agentic security" will fragment into distinct segments much as endpoint, network, and cloud security once did, and that intent is fast becoming the field's organizing idea.
Nadav Cornberg is the co-founder and CEO of Eve Security, an Austin-based agentic AI observability and policy-enforcement company whose platform governs how AI agents interact with an organization's most critical systems. He brings roughly two decades in product development and engineering, including an early decade in cybersecurity at RSA and Check Point and later work in physical access security across gaming and hospitality before returning to security for the agentic era. 
Transcript

Founders' blog: Why We Started Eve Security

Kevin Werbach speaks with Venkat Siva, co-founder and CEO of CompFly AI, about why governing autonomous agents requires a fundamentally different approach than securing traditional software. Siva argues that agents create a genuinely new control problem. Because they decide at runtime which tools to call and which actions to take, governance cannot simply be bolted onto existing MLOps or security platforms built for fixed, deterministic workflows. Instead, control has to move to the "execution boundary" — the point where an agent's decision turns into a real-world action. And agent safety is much more than just model safety.
In practical terms, Siva makes the case for giving every enterprise agent a distinct, cryptographically verifiable identity using decentralized identifiers (DIDs) and verifiable credentials. He addresses the growing problem of "shadow agents," pointing to employees experimenting with powerful open-source autonomous tools inside enterprises, and explains discovery techniques like intercepting traffic to model APIs and watching for who requests LLM keys. He offers the concept of an "autonomy budget": classify actions by reversibility and financial, regulatory, and customer impact, so an agent might autonomously issue a small refund but require human approval for a large one. Drawing on his time at the electric automaker Rivian, Siva closes by contrasting recoverable digital failures with the irreversible stakes of agents embedded in physical systems, arguing that governance there must borrow from safety engineering.
Venkat Siva is the co-founder and CEO of CompFly AI, an early-stage company building a control plane to discover, validate, secure, and govern autonomous agents from code to production. Before founding CompFly with Anand Salodkar, he spent more than two decades building enterprise platform products that help organizations adopt new technology safely and at scale, including work at the electric vehicle maker Rivian. 

Transcript


The Architecture of Trust (Compfly Manifesto)
CoSAI Model Context Protocol Security white paper

Conversational AI is increasingly being used as a source of emotional support, even though general-purpose chatbots were never designed for that purpose. Concerns about AI's mental health impact, up to and including suicides, have moved onto the public policy agenda. Munmun De Choudhury, who has been studying the intersection of digital technology and mental health longer than almost anyone, walks through what researchers know, what they don't, and why the answers keep moving. 
The conversation centers on the difficulty of governing technologies whose capabilities and patterns of use are both changing every few weeks. De Choudhury invokes the cautionary tale of Google Flu Trends as a warning: any framework that assumes user behavior is fixed will eventually break. She argues that the harms and benefits of conversational AI are not just person-dependent but task-dependent, which makes general-purpose chatbots fundamentally harder to evaluate than the narrow medical AI systems researchers built for decades. She lays out a multi-stakeholder agenda to address AI's mental health risks, and argues that foundation models need to take into account principles from psychotherapy. 
Dr. Munmun De Choudhury is the J.Z. Liang Professor in the School of Interactive Computing at Georgia Tech, where she founded and directs the Social Dynamics and Wellbeing Lab (SocWeB). She is one of the most cited researchers in digital mental health and is widely credited with pioneering the computational use of social media data to study mental health outcomes. She co-leads the Patient-Centered Care Delivery research pillar at the Children's Healthcare of Atlanta Pediatric Technology Center, serves on the advisory board for the Australian government's eSafety panel, and was inducted into the SIGCHI Academy in 2024. Her honors include the 2023 SIGCHI Societal Impact Award and the 2021 ACM-W Rising Star Award. 
Transcript


Benefits and Harms of Large Language Models in Digital Mental Health
From Lived Experience to Insight: Unpacking the Psychological Risks of Using AI Conversational Agents