Exabeam launches open-source Praxen to verify AI agents

Exabeam has launched Praxen, an open-source tool for verifying the behaviour of AI agents before deployment. The release introduces what it calls Agent Behaviour Verification, a new security approach.

Praxen helps organisations assess whether an AI agent's configured role, permissions and controls match the tasks it is meant to carry out. It examines the agent as a complete system, rather than focusing only on software flaws or individual pieces of code.

The launch comes as companies give AI agents greater autonomy inside business systems. These agents can access applications, call tools, run workflows and make decisions, raising questions about whether they have only the authority needed for their intended role.

Exabeam argues that current security methods, such as vulnerability scanning and red teaming, provide checks during testing and operation but do not fully address whether an agent is set up safely before it goes into production. Agent Behaviour Verification is intended to fill that gap by defining an agent's authorised remit and measuring whether its implementation aligns with that remit.

How it works

At the centre of the approach is what Exabeam calls an ABV remit, described as a policy contract that sets out what an agent may do, which resources it may access and the boundaries within which it must operate. Praxen uses that remit to review an agent's implementation, tools, configurations, memory, integrations and operating environment.

The tool then identifies gaps between intended and implemented behaviour. Exabeam says its reports include findings, recommendations for improvement and an overall maturity score for the agent's security posture.

"Organisations are rapidly moving from AI experimentation to operational deployment," said Steve Wilson, chief AI officer at Exabeam. "As agents become digital workers, security teams need more than runtime visibility. They need confidence that agents have the right permissions, the right controls, and the right boundaries before they enter production. Agent Behaviour Verification helps answer a fundamental question: will this agent do its job, and only its job?"

Wilson said the tool is distinct from conventional application security testing.

"Traditional security tools help identify vulnerabilities in software," he said. "Praxen evaluates something different: whether an agent's capabilities, permissions, tools, and controls align with the role it was authorised to perform. This addresses one of the most critical risks introduced by highly autonomous agents and establishes a stronger foundation for ongoing governance throughout the agent lifecycle."

Broader strategy

Exabeam positions Agent Behaviour Verification as the pre-deployment element of a wider approach to AI agent security. It sits alongside Exabeam's Agent Behaviour Analytics, which focuses on spotting anomalous or risky behaviour once agents are operating in live environments.

That distinction reflects a broader industry debate over how to govern AI systems that are no longer limited to answering prompts but can take actions across enterprise software. The central issue is not only whether an agent contains exploitable flaws, but whether it has been granted tools, access and authority that exceed its approved role.

Praxen has been built as an agentic coding agent skill and is being released under the Apache 2.0 licence. By making the project open source, Exabeam aims to encourage scrutiny and contribution from developers, researchers and security practitioners working on AI governance and assurance.

One early user, Medigram, said the tool highlighted the practical gap between an agent's approved remit and what it could actually do in code and configuration.

"Most security tools tell you what's vulnerable. Praxen asked a different question entirely: Does this agent's actual behaviour match the governance or work remit it was built to enforce?" said Sherri Douville, chief executive officer at Medigram. "The code-level remediation path it produced didn't give us a risk report to file away. It gave us a precise engineering roadmap we could act on immediately. In enterprise AI deployment, the gap between what an agent is authorized to do and what it is actually capable of doing is where operational risk lives."

Open framework

Releasing Praxen as an open-source project also signals an attempt to shape an emerging category of security practice around autonomous software agents. Standards for governing, verifying and monitoring these systems are still developing, and vendors, security teams and industry groups are competing to define the frameworks that may become common practice.

Wilson's role extends beyond Exabeam: he is also founder and co-chair of the OWASP Gen AI Security Project. That connection matters because industry efforts around AI security are increasingly drawing on established software security communities to create models for risk assessment, testing and control.

Exabeam, known for its work in user and entity behaviour analytics, has been broadening its focus to include non-human actors inside company systems. The launch of Praxen reflects that shift, treating AI agents less as software features and more as digital workers whose actions require defined authority, oversight and verification before they are allowed into production.