ExtraHop announced a network‑centric approach to securing agentic AI, saying continuous AI asset inventory, real‑time observability and AI‑specific threat detection are essential to safely scale autonomous workflows.
The offering targets a major challenge for CISOs in Asia: gaining definitive visibility and control over AI agents that interact with sensitive systems across hybrid and multi‑cloud environments.
ExtraHop’s platform continuously discovers and maps AI assets — including large language models (LLMs), Model Context Protocol (MCP) servers, APIs and agent communication patterns — across on‑premises and cloud estates. That inventory enables security teams to baseline approved AI tools and immediately flag unsanctioned entities when they appear on the network.
Real‑time AI observability is a core capability. ExtraHop monitors, decrypts and analyses AI traffic to reveal which models are being used, what data is being sent where, and which users or services initiated requests.
Correlating AI stack actions with devices and identities provides the context necessary to detect unauthorised data movement, privilege escalation and anomalous agent behaviour.
The vendor says this granular visibility can identify anomalies such as suspicious LLM request/response patterns, irregular MCP‑mediated calls to internal systems, and unexpected identity propagation across workflows.
To counter advanced adversaries, ExtraHop’s threat detection looks for deviations from established behavioural baselines that indicate AI‑specific compromises. Use cases highlighted include detecting prompt injection attempts, surfacing suspicious data flows that may indicate exfiltration, and flagging risky agent actions that depart from normal operational patterns.
For governance and compliance, the platform maintains forensic visibility into Shadow AI and policy compliance without requiring intrusive application‑layer changes.
ExtraHop provides auditing and reporting capabilities to detect governance violations — such as bypassing approved AI gateways or using unsanctioned models — and to surface non‑compliant data flows. The clear audit trails produced by the system are designed to support regulatory reporting and internal oversight as AI scale increases.
According to Kanaiya Vasani, ExtraHop’s chief product officer: “AI is the ultimate competitive advantage, yet it quickly becomes a disadvantage if deployed without transparency and control."
He suggests that to scale safely, enterprises must establish definitive oversight of every agent and autonomous workflow on their network.
Kanaiya Vasani
"By harnessing deep network insights, we are giving leaders the real‑time visibility and context they need to move fast and innovate boldly, ensuring their AI remains a powerful engine for growth rather than an unmanaged risk.” Kanaiya Vasani
For CISOs in Asia, practical implications include strengthening logging and telemetry, tightening API security, updating data‑loss prevention rules for model inputs, and establishing new incident‑response playbooks for AI‑agent incidents.
With the accelerating enterprise-wide digitalisation the role of network‑level observability should be seen as a complementary control in layered AI security architectures — helping organisations detect, investigate and remediate AI‑driven threats while preserving operational momentum.
