Kevin Werbach speaks with Venkat Siva, co-founder and CEO of CompFly AI, about why governing autonomous agents requires a fundamentally different approach than securing traditional software. Siva argues that agents create a genuinely new control problem. Because they decide at runtime which tools to call and which actions to take, governance cannot simply be bolted onto existing MLOps or security platforms built for fixed, deterministic workflows. Instead, control has to move to the "execution boundary" — the point where an agent's decision turns into a real-world action. And agent safety is much more than just model safety.

In practical terms, Siva makes the case for giving every enterprise agent a distinct, cryptographically verifiable identity using decentralized identifiers (DIDs) and verifiable credentials. He addresses the growing problem of "shadow agents," pointing to employees experimenting with powerful open-source autonomous tools inside enterprises, and explains discovery techniques like intercepting traffic to model APIs and watching for who requests LLM keys. He offers the concept of an "autonomy budget": classify actions by reversibility and financial, regulatory, and customer impact, so an agent might autonomously issue a small refund but require human approval for a large one. Drawing on his time at the electric automaker Rivian, Siva closes by contrasting recoverable digital failures with the irreversible stakes of agents embedded in physical systems, arguing that governance there must borrow from safety engineering.

Venkat Siva is the co-founder and CEO of CompFly AI, an early-stage company building a control plane to discover, validate, secure, and govern autonomous agents from code to production. Before founding CompFly with Anand Salodkar, he spent more than two decades building enterprise platform products that help organizations adopt new technology safely and at scale, including work at the electric vehicle maker Rivian. 

Transcript

The Architecture of Trust (Compfly Manifesto)
CoSAI Model Context Protocol Security white paper

Podden och tillhörande omslagsbild på den här sidan tillhör Kevin Werbach. Innehållet i podden är skapat av Kevin Werbach och inte av, eller tillsammans med, Poddtoppen.