Geordie AI builds a security layer that sits between enterprise AI agents and the systems those agents touch. Their platform discovers agents running across an organization, monitors what those agents actually do in real time, and enforces governance policies before risky actions execute. RSAC named them a Top 10 Innovation Sandbox finalist for 2026, they won the inaugural Black Hat Europe 2025 Startup Spotlight, and the 2026 SC Awards shortlisted them as Most Promising Early-Stage Startup. That is a lot of recognition for a company that exited stealth only six months ago.
The reason security analysts keep flagging Geordie is straightforward: nobody else is building exactly this. Plenty of vendors secure LLMs. Plenty of vendors monitor API traffic. But a purpose-built control plane for autonomous AI agents, one that understands agent behavior at the reasoning level, not just the network level, barely exists as a product category. Geordie is betting that it will be the defining security category of the next two years.
The Problem: Your Agents Are Running. You Cannot See Them.
Gravitee’s 2026 survey of 900+ enterprises found that 80.9% of technical teams have AI agents in active testing or production. Only 14.4% of those agents went live with full security and IT approval. That means for every agent your CISO knows about, roughly six more are running without governance.
The visibility problem compounds fast. 25.5% of deployed agents can autonomously spawn sub-agents. Those child agents inherit parent permissions but may not appear in any inventory. Zenity’s threat landscape report documented a Fortune 50 pharmaceutical company that discovered 2,000 agent instances shared across the organization, 82% built by people with no professional development background.
Traditional security tools were designed for a world where software does predictable things. A firewall inspects packets. A WAF validates HTTP requests. An EDR monitors process behavior on endpoints. None of those tools understand that an AI agent just decided to chain three API calls together because a prompt told it to, and that the third call in that chain exfiltrates customer data to an external endpoint. The gap is not in the perimeter. It is in the agent’s reasoning.
How Geordie Works: Discovery, Monitoring, and the Beam Engine
Geordie’s platform operates in three layers: agent discovery, behavioral monitoring, and real-time risk control through their proprietary Beam engine.
Agent Discovery
The discovery layer scans across an organization’s infrastructure, vendor-agnostic, detecting deployed agents regardless of framework. It does not matter whether agents run on LangChain, CrewAI, AutoGen, or a custom Python wrapper around the OpenAI API. Geordie maps each agent’s configuration, the tools it can access, the data sources it connects to, and its permission boundaries. The result is an always-current inventory that tracks agents humans deployed and agents that other agents spawned.
This is a harder problem than it sounds. A Kubernetes cluster might have dozens of agent processes running as microservices. A Copilot integration might spawn ephemeral agents that exist for one task and terminate. Shadow IT agents built by business users in low-code platforms sit outside engineering’s visibility entirely. Geordie’s approach is to instrument at the agent communication layer rather than relying on deployment manifests or service registries that agents may never appear in.
Behavioral Monitoring
Once agents are discovered, Geordie tracks what they actually do: which tools they invoke, what data they access, what code they generate, and how multi-agent workflows coordinate. The monitoring layer applies behavioral analytics to detect drift from expected patterns.
Think of it like an EDR for agents. An EDR watches a process and flags when it starts doing things that process has never done before. Geordie does the same at the agent reasoning level. If a customer service agent suddenly starts querying the HR database, that shows up as anomalous even though the agent technically has network access to that database.
Beam: The Real-Time Risk Engine
Beam is what makes Geordie’s approach different from simply bolting monitoring onto existing agent deployments. According to Geordie, Beam operates inside the agent’s decision-making process. When an agent is about to take an action, Beam analyzes the context, scores the risk of that specific action given the agent’s role and permissions, and can intervene before the action executes.
This is context engineering applied to security. Rather than blocking actions after the fact (like a firewall dropping a packet), Beam adjusts the agent’s context window in real time. High-risk actions get flagged, escalated to human review, or blocked entirely. Lower-risk actions proceed with the intervention logged for audit. The system does not just tell you what happened. It prevents what should not happen.
NSFOCUS’s technical analysis describes Beam as introducing a real-time risk assessment module within the agent’s decision-making chain that dynamically scores actions and can modify decisions by adjusting contextual prompts, restricting tool call parameters, or substituting execution paths. If an agent attempts to access a resource outside its authorized scope, Beam can redirect the request or halt execution before any data leaves the perimeter.
The Team: Darktrace, Snyk, and Veracode DNA
Geordie was founded in 2025 by three people who spent years inside companies that define modern cybersecurity:
Henry Comfort (CEO) served as COO Americas at Darktrace, the AI-powered cybersecurity company that pioneered self-learning AI for threat detection. Running Darktrace’s Americas operation gave him a front-row seat to how enterprises adopt (and fail to govern) AI-driven security tools.
Hanah-Marie Darley was Director of Security and AI Strategy at Darktrace, where she shaped how the company’s AI models translated into security outcomes for enterprise customers.
Benji Weber (CTO) was Senior Director of Engineering at Snyk, the developer security platform. At Snyk, he built the systems that scan code for vulnerabilities at scale, directly relevant experience for building a platform that scans agent behavior for security risks.
The founding team’s backgrounds explain Geordie’s technical bet. Darktrace proved that AI can detect anomalous behavior in network traffic by learning normal patterns. Snyk proved that security scanning can be embedded directly into developer workflows rather than bolted on after the fact. Geordie combines both ideas: learn what normal agent behavior looks like, and embed security controls directly into the agent execution path.
The company raised $6.5 million in seed funding co-led by Ten Eleven Ventures (a cybersecurity-specialist VC) and General Catalyst. They were also selected for the 2026 CrowdStrike, AWS, and NVIDIA Cybersecurity Startup Accelerator, an eight-week program that gives startups access to CrowdStrike’s Falcon platform, AWS infrastructure, and NVIDIA’s AI compute resources.
Where Geordie Fits in the AI Agent Security Stack
The AI agent security landscape is forming into distinct layers. OWASP gives you a risk taxonomy. The Cloud Security Alliance’s Agentic Trust Framework gives you a governance model. CrowdStrike and Palo Alto Networks detect agentic tool chain attacks at the network level. But none of those provide real-time behavioral governance at the agent reasoning layer.
Geordie occupies that missing middle. Here is how the layers stack up:
Risk standards (OWASP Agentic Top 10): Define what can go wrong. ASI01 through ASI10 categorize the attack surface. Geordie’s monitoring maps directly to these categories, giving security teams a way to measure coverage against the standard.
Trust frameworks (CSA Agentic Trust): Define how to structure governance. Progressive autonomy gates, promotion criteria, governance checkpoints. Geordie can enforce these gates programmatically rather than relying on manual review.
Network-level detection (CrowdStrike, Palo Alto): Catch agentic attacks that manifest as anomalous API calls, data exfiltration, or lateral movement. These tools see the symptoms but not the reasoning that caused them.
Agent-level governance (Geordie): Operates inside the agent’s decision loop. Sees the reasoning, scores the risk, and intervenes before the action hits the network layer. This is the layer that turns governance frameworks from documents into enforcement.
For European enterprises specifically, this stack matters because the EU AI Act’s August 2026 enforcement deadline requires documented risk management for high-risk AI systems. An AI agent that autonomously processes personal data, makes hiring decisions, or interacts with critical infrastructure falls squarely into the high-risk category. Geordie’s audit trail, which logs every agent action, every risk score, and every intervention, maps directly to the Act’s documentation and transparency requirements.
What to Watch at RSAC 2026
Geordie presents at the RSAC Innovation Sandbox on Monday, March 23, 2026, at the Moscone Center in San Francisco. The SC Awards ceremony, where Geordie is a finalist for Most Promising Early-Stage Startup, follows on March 24.
Three things to watch for in their presentation:
Integration depth. How deeply does Beam actually integrate with different agent frameworks? A platform that works with LangChain but not CrewAI, or with OpenAI agents but not Anthropic’s, has a coverage gap that enterprises will notice.
False positive rate. Real-time intervention in agent decision-making is powerful but dangerous. Block too many legitimate actions, and developers will bypass the platform. Let too many risky actions through, and the platform is just expensive logging.
Multi-tenant isolation. Enterprise AI agents often operate across organizational boundaries, vendor agents, customer-facing agents, internal agents, all touching shared infrastructure. How Geordie handles isolation between agent populations will determine whether the platform scales beyond single-team deployments.
The AI agent security governance space will not stay empty for long. Three companies converged on intent-based AI agent security almost simultaneously in early 2026, which suggests the market has reached the point where demand is pulling startups into the space. Geordie’s head start, its team’s credentials, and its accumulating industry recognition give it a strong position. Whether that translates into enterprise adoption depends on what they show at RSAC.
Frequently Asked Questions
What is Geordie AI?
Geordie AI is a London-based cybersecurity startup founded in 2025 by veterans from Darktrace, Snyk, and Veracode. It builds an agent-native security platform that discovers AI agents running across an enterprise, monitors their behavior in real time, and enforces governance policies through its proprietary Beam context engine. The company raised $6.5 million in seed funding from Ten Eleven Ventures and General Catalyst.
What is the Beam engine in Geordie AI?
Beam is Geordie’s real-time risk mitigation engine. It operates inside the AI agent’s decision-making process, analyzing the context of each action, scoring its risk level, and intervening before risky actions execute. Beam can modify agent decisions by adjusting contextual prompts, restricting tool call parameters, or halting execution entirely when it detects actions outside authorized scope.
Why was Geordie AI selected for the RSAC 2026 Innovation Sandbox?
RSAC named Geordie a Top 10 Innovation Sandbox finalist for 2026 because it is pioneering how enterprises adopt and scale agentic AI while balancing innovation and risk. The Innovation Sandbox competition highlights the most promising cybersecurity startups each year, and Geordie’s focus on real-time AI agent governance addresses a category that barely existed as a product before 2025.
How does Geordie AI differ from traditional security tools for AI?
Traditional security tools like firewalls, WAFs, and EDR systems monitor network traffic and endpoint behavior. They cannot see an AI agent’s reasoning or understand why an agent chained specific API calls together. Geordie operates at the agent reasoning layer, inside the decision loop, rather than at the network layer. This lets it detect and prevent risky agent behavior before actions reach the network, rather than catching symptoms after the fact.
Is Geordie AI relevant for EU AI Act compliance?
Yes. The EU AI Act requires documented risk management for high-risk AI systems, including those that autonomously process personal data or interact with critical infrastructure. Geordie’s platform logs every agent action, every risk score, and every intervention, creating the audit trail that the Act’s documentation and transparency requirements demand. The enforcement deadline is August 2, 2026.