Exabeam has open-sourced Praxen, a reference implementation of its new Agent Behavior Verification framework, helping organisations assess AI agent permissions, controls, and governance before deployment to reduce security risks.
Exabeam has launched Praxen, an open-source reference implementation of its new Agent Behavior Verification (ABV) framework, introducing a community-accessible approach to validating AI agent behaviour before deployment.
Designed to help organisations assess whether AI agents are properly configured, authorised, and governed, Praxen addresses a growing security challenge as AI systems evolve from assistants into autonomous digital workers capable of accessing systems, invoking tools, executing workflows, and making decisions independently.
ABV is positioned as a new security discipline focused on determining whether an agent’s permissions, controls, integrations, and governance mechanisms align with its intended responsibilities before it enters production. According to Exabeam, existing security practices such as vulnerability scanning, red teaming, and runtime monitoring primarily identify issues during or after deployment, leaving a critical gap in pre-deployment validation.
Rather than evaluating isolated code artefacts or known vulnerabilities, ABV assesses AI agents as complete operational systems. Praxen enables organisations to verify whether agent permissions are appropriate, tool access is justified, integrations match assigned responsibilities, and security controls meet organisational requirements.
The platform can identify behavioural risks before deployment while providing actionable recommendations, security maturity scoring, and greater transparency into agent capabilities to strengthen governance and trust in autonomous AI systems.
“Organizations are rapidly moving from AI experimentation to operational deployment,” said Steve Wilson, Chief AI Officer at Exabeam and Founder and Co-Chair of the OWASP Gen AI Security Project. “As agents become digital workers, security teams need more than runtime visibility. They need confidence that agents have the right permissions, the right controls, and the right boundaries before they enter production. Agent Behavior Verification helps answer a fundamental question: will this agent do its job, and only its job?”
