What occurs when an AI agent decides the easiest way to finish a process is to blackmail you?
That’s not a hypothetical. In response to Barmak Meftah, a accomplice at cybersecurity VC agency Ballistic Ventures, it just lately occurred to an enterprise worker working with an AI agent. The worker tried to suppress what the agent wished to do, what it was educated to do, and it responded by scanning the consumer’s inbox, discovering some inappropriate emails, and threatening to blackmail the consumer by forwarding the emails to the board of administrators.
“Within the agent’s thoughts, it’s doing the proper factor,” Meftah instructed TechCrunch on final week’s episode of Fairness. “It’s attempting to guard the tip consumer and the enterprise.”
Meftah’s instance is harking back to Nick Bostrom’s AI paperclip drawback. That thought experiment illustrates the potential existential threat posed by a superintelligent AI that single-mindedly pursues a seemingly innocuous aim – make paperclips – to the exclusion of all human values. Within the case of this enterprise AI agent, its lack of context round why the worker was attempting to override its targets led it to create a sub-goal that eliminated the impediment (through blackmail) so it might meet its main aim. That mixed with the non-deterministic nature of AI brokers means “issues can go rogue,” per Meftah.
Misaligned brokers are only one layer of the AI safety problem that Ballistic’s portfolio firm Witness AI is attempting to unravel. Witness AI says it displays AI utilization throughout enterprises and might detect when workers use unapproved instruments, block assaults, and guarantee compliance.
Witness AI this week raised $58 million off the again of over 500% progress in ARR and scaled worker headcount by 5x over the past 12 months as enterprises look to grasp shadow AI use and scale AI safely. As a part of Witness AI’s fundraise, the corporate introduced new agentic AI safety protections.
“Persons are constructing these AI brokers that tackle the authorizations and capabilities of the folks that handle them, and also you wish to be sure that these brokers aren’t going rogue, aren’t deleting information, aren’t doing one thing incorrect,” Rick Caccia, co-founder and CEO of Witness AI, instructed TechCrunch on Fairness.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
Meftah sees agent utilization rising “exponentially” throughout the enterprise. To enhance that rise – and the machine-speed degree of AI-powered assaults – analyst Lisa Warren predicts that AI safety software program will turn into an $800 billion to $1.2 trillion market by 2031.
“I do assume runtime observability and runtime frameworks for security and threat are going to be completely important,” Meftah stated.
As to how such startups plan to compete with huge gamers like AWS, Google, Salesforce and others who’ve constructed AI governance instruments into their platforms, Meftah stated, “AI security and agentic security is so big,” there’s room for a lot of approaches.
Loads of enterprises “need a standalone platform, end-to-end, to primarily present that observability and governance round AI and brokers,” he stated.
Caccia famous that Witness AI lives on the infrastructure layer, monitoring interactions between customers and AI fashions, relatively than constructing security options into the fashions themselves. And that was intentional.
“We purposely picked part of the issue the place OpenAI couldn’t simply subsume you,” he stated. “So it means we find yourself competing extra with the legacy safety firms than the mannequin guys. So the query is, how do you beat them?”
For his half, Caccia doesn’t need Witness AI to be one of many startups to only get acquired. He desires his firm to be the one which grows and turns into a number one unbiased supplier.
“CrowdStrike did it in endpoint [protection]. Splunk did it in SIEM. Okta did it in id,” he stated. “Somebody comes via and stands subsequent to the massive guys…and we constructed Witness to do this from Day One.
