New Platform Against Automated Data Theft

U.S. cybersecurity firm Menlo Security presented a control platform at the RSAC 2026 conference specifically developed to detect and prevent AI agents from covertly extracting data from web sessions. The launch marks a shift in the security industry, where threats from automated agents are now treated as an active criminal method rather than a future risk scenario.

The platform is designed to monitor browser activity and identify patterns indicating that AI-driven systems are systematically collecting information without the user's knowledge or consent. The technology aims to close a security gap that criminal actors are already exploiting, according to industry sources.

Agent Fraud as Current Threat

That a major security firm is dedicating resources to developing defensive tools against this specific threat type indicates that agent-based data exfiltration is occurring in practice. The industry rarely develops defensive solutions against hypothetical scenarios—the investment reflects documented incidents and customer demand.

cybercrime

AI agents can be programmed to navigate websites, fill out forms, and interact with systems in ways that mimic human behavior. This capability enables automated data collection at a scale and speed far exceeding traditional methods. When such agents operate hidden in the background of legitimate browser sessions, they can extract large volumes of sensitive information without triggering conventional security alarms.

Consequences for Corporate Security

For businesses and government agencies internationally, the development introduces a new dimension of fraud. Where previous threats primarily involved phishing, malware, or human insiders, organizations must now contend with automated systems that can operate persistently and at large scale.

Security experts point out that financial institutions, healthcare sectors, and companies with large customer data registries are particularly vulnerable targets. The automated nature of agent-based attacks means a single successful infiltration can compromise thousands of records before the threat is detected.

Future Security Investments

Menlo Security's product launch is expected to be followed by similar solutions from competing firms. The security industry is moving toward specialized tools that address AI-driven threats as a standalone category, separate from traditional identity theft.

For organizations, the development means security budgets must allocate resources to protect against both human and automated actors. Experts recommend that companies review their current security architecture to identify vulnerabilities to agent-based data extraction before the threat becomes more widespread.

The emergence of defensive platforms specifically targeting AI agent activity confirms what cybersecurity professionals have warned about: automated criminal tools are no longer a distant concern but an operational reality requiring immediate attention and investment.