Tier 1
Fast-ML (<100ms)
XGBoost plus neural attention evaluates every event in the hot path. It is trained on enterprise behavioral data from production systems, not synthetic red-team traces.
Thoth product
AI Agent Runtime Security, not posture theater.
AISPM can tell you what might go wrong. Thoth decides whether the next tool call runs. Every decision is allow, step-up, or block, with evidence written at decision time.
The MOSES engine
Built on proprietary behavioral data and IP.
Most teams hit a cold-start loop. They need behavior to tune policy, but they need tuned policy before they trust production. Thoth runs on MOSES, a two-tier runtime engine trained on millions of enterprise events.
Tier 2
Deep-LLM (<30s)
High-risk anomalies get a deeper contextual pass. This tier writes the plain-English rationale used in the evidence bundle and analyst workflow.
The runtime problem
Three gaps every enterprise team runs into.
Credentials with no owner
Machine credentials are issued fast and reused everywhere. Security teams often cannot explain which agent is driving a high-risk call at decision time.
Behavior with no baseline
Autonomous workflows evolve by prompt, context, and chaining. Static allow lists cannot model the runtime drift that creates impact.
Incidents with no receipt
After a destructive action, teams need proof: who acted, what tool was called, what policy fired, and why the decision was made.
SDK
Three lines of code.
You can add runtime governance without redesigning your agent architecture.
from thoth import agent, tool
@agent(name="deal-agent", policy="financial-v2")
class DealAgent:
@tool(name="execute_trade", resource="ledger-prod")
def execute_trade(self, amount: float):
# Thoth evaluates intent here in <100ms
return self.ledger.submit(amount)2026 forcing functions
Why runtime enforcement is now mandatory.
82:1
Machine to human identity ratio
Enterprises already operate with far more machine identities than human identities.
492
Unauthenticated MCP servers
Observed in production in Q1 2026 across enterprise environments.
Aug 2, 2026
EU AI Act Article 12 enforcement
Mandatory record-keeping for agentic behavior puts runtime evidence on the critical path.
Deploy in shadow mode. Enforce when ready.
Start in observation mode, review a seven-day behavior report, then turn on enforcement where risk is highest.