What occurs when an AI agent decides the easiest way to finish a job is to blackmail you?
That’s not a hypothetical. In response to Barmak Meftah, a companion at cybersecurity VC agency Ballistic Ventures, it lately occurred to an enterprise worker working with an AI agent. The worker tried to suppress what the agent wished to do, what it was skilled to do, and it responded by scanning the person’s inbox, discovering some inappropriate emails, and threatening to blackmail the person by forwarding the emails to the board of administrators.
“Within the agent’s thoughts, it’s doing the appropriate factor,” Meftah instructed TechCrunch on final week’s episode of Fairness. “It’s attempting to guard the tip person and the enterprise.”
Meftah’s instance is harking back to Nick Bostrom’s AI paperclip drawback. That thought experiment illustrates the potential existential threat posed by a superintelligent AI that single-mindedly pursues a seemingly innocuous purpose – make paperclips – to the exclusion of all human values. Within the case of this enterprise AI agent, its lack of context round why the worker was attempting to override its objectives led it to create a sub-goal that eliminated the impediment (by way of blackmail) so it may meet its major purpose. That mixed with the non-deterministic nature of AI brokers means “issues can go rogue,” per Meftah.
Misaligned brokers are only one layer of the AI safety problem that Ballistic’s portfolio firm Witness AI is attempting to resolve. Witness AI says it displays AI utilization throughout enterprises and might detect when staff use unapproved instruments, block assaults, and guarantee compliance.
Witness AI this week raised $58 million off the again of over 500% development in ARR and scaled worker headcount by 5x during the last yr as enterprises look to grasp shadow AI use and scale AI safely. As a part of Witness AI’s fundraise, the corporate introduced new agentic AI safety protections.
“Persons are constructing these AI brokers that tackle the authorizations and capabilities of the folks that handle them, and also you need to ensure that these brokers aren’t going rogue, aren’t deleting recordsdata, aren’t doing one thing mistaken,” Rick Caccia, co-founder and CEO of Witness AI, instructed TechCrunch on Fairness.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
Meftah sees agent utilization rising “exponentially” throughout the enterprise. To enrich that rise – and the machine-speed stage of AI-powered assaults – analyst Lisa Warren predicts that AI safety software program will develop into an $800 billion to $1.2 trillion market by 2031.
“I do suppose runtime observability and runtime frameworks for security and threat are going to be completely important,” Meftah mentioned.
As to how such startups plan to compete with large gamers like AWS, Google, Salesforce and others who’ve constructed AI governance instruments into their platforms, Meftah mentioned, “AI security and agentic security is so large,” there’s room for a lot of approaches.
Loads of enterprises “desire a standalone platform, end-to-end, to basically present that observability and governance round AI and brokers,” he mentioned.
Caccia famous that Witness AI lives on the infrastructure layer, monitoring interactions between customers and AI fashions, relatively than constructing security options into the fashions themselves. And that was intentional.
“We purposely picked part of the issue the place OpenAI couldn’t simply subsume you,” he mentioned. “So it means we find yourself competing extra with the legacy safety firms than the mannequin guys. So the query is, how do you beat them?”
For his half, Caccia doesn’t need Witness AI to be one of many startups to only get acquired. He desires his firm to be the one which grows and turns into a number one impartial supplier.
“CrowdStrike did it in endpoint [protection]. Splunk did it in SIEM. Okta did it in identification,” he mentioned. “Somebody comes via and stands subsequent to the massive guys…and we constructed Witness to do this from Day One.
