JP

TOP
Service & Solution
News & Blog
About Us
Contact Us
Service & Solution

News & Blog

NRI Secure Launches "Deep AI Red Team" Service to Observe Internal States of AI Agents and Detect Hidden ThreatsProprietary Tools Enable Detection of Threats Difficult to Identify with Conventional Methods

2025.12.16

NRI Secure NRI Secure

News

Agenda

    Tokyo - December 16, 2025 - NRI SecureTechnologies, Ltd. (NRI Secure) announces the launch of "Deep AI Red Team" (hereinafter "this service"), a security assessment service that gains visibility into the internal states of AI agent[i] systems and detects threats that were difficult to identify using conventional methods. This service uses our proprietary tool "ai-guard"[ii] to surface threats hidden within AI agents. Furthermore, by combining expert knowledge with AI technology, we have enabled the detection of more sophisticated threats.

     

    Approximately 70% of AI Agent Threats Are Difficult to Detect with Conventional Methods

    In recent years, while operational efficiency through AI agent adoption has rapidly advanced, security incidents specific to AI agents have been increasing. AI agents possess characteristics including non-deterministic behavior[iii], autonomous chain execution[iv], adaptive learning[v], and distributed interaction[vi], which can make them difficult to address with conventional security measures. Traditional AI security assessments and automated assessment tools have primarily verified external interfaces such as chat screens, but threats originating from internal operations and interactions have been identified in AI agents.

    According to NRI Secure's analysis, 11 out of 15 AI agent threats defined by OWASP[vii] (73%) are difficult to detect using conventional approaches (see Reference).

     

     Service Overview and Features

    To address threats that are difficult to detect with conventional methods, NRI Secure has developed an approach that observes and analyzes internal states. The service can handle assessments for cases that are difficult to observe externally, such as exploitation of AI agents' autonomous execution capabilities, modification of the objectives AI agents should fulfill, and attacks combining legitimate permissions and functions. This is expected to significantly improve the security of AI agent systems.

    The main features of this service are as follows:

     

    1. Gaining Visibility into Internal States Using Proprietary Tools

    Our proprietary tool "ai-guard" analyzes internal operations (memory, agent interactions, etc.) in real-time, including multi-agent environments, without modifying the customer's programs. By comprehensively observing AI agents' reasoning processes, memory state changes, and inter-agent communications, we can address all 15 threat categories defined by OWASP[viii].

     

    2. Hybrid Approach Combining Experts and AI

    NRI Secure's experts observe the internal states and develop and assess attack scenarios that are difficult to detect with conventional assessments or standard solutions. By combining this with efficient automated detection using AI, we achieve assessments that balance quality and efficiency (see figure).

     

    Figure: Advanced Assessment through Internal State Observability and Hybrid Approach

    dART1_en

    *Observability Platform: An integrated platform for collecting, observing, and analyzing internal system states.

    *OTel (OpenTelemetry): A vendor-neutral open-source standard framework for collecting and exporting observability data such as logs, traces, and metrics.

     

     

    For details about this service, please visit the following website:

    https://www.nri-secure.com/security-assessment/deep_ai-red-team-service

     

     

    [i]AI Agent: Software that interprets given objectives and autonomously achieves goals while selecting and coordinating external/internal tools.

    [ii]Patent pending.

    [iii]Non-deterministic behavior: Making different decisions even with the same input.

    [iv]Autonomous chain execution: Executing actions one after another without waiting for human approval.

    [v]Adaptive learning: Learning from experience and changing behavioral patterns.

    [vi]Distributed interaction: Multiple agents working in coordination.

    [vii]OWASP (Open Web Application Security Project): A global community dedicated to sharing information and promoting awareness about the current state of web and software security, as well as technologies and processes that promote secure software development.

    [viii]For some items such as T10 and T15, evaluation is conducted by inducing or detecting behavioral patterns on the agent side that cause threats.

     

     

    Reference

    Differences Between Existing "AI Red Team" Service and "Deep AI Red Team"

    Since December 2023, NRI Secure has been providing "AI Red Team," a security assessment service targeting systems and services that use generative AI. The differences from "Deep AI Red Team" are shown in the table below.

    dART2_en2

    List of 15 AI Agent Threats Defined by OWASP

    According to NRI Secure's analysis, 11 items other than 4 items (T2, T4, T9, T11) are difficult to detect with conventional methods.

    dART3_en

     

     

    Media Inquiries :

    Public Relations, NRI SecureTechnologies, Ltd.
    E-mail: info@nri-secure.com
    NRI Secure NRI Secure

    Related Articles

    NRI Secure Conducts “2023 Fact-Finding Survey on Information Security in Companies” in Japan, the US, and Australia

    NRI Secure North America Branch Receives SOC 2 Type II for US Managed Services System

    NRI Secure Included Among “Managed Security Service Providers in Asia Pacific” Vendors in a new Independent Research Report

    NRI Secure Launches “AI Blue Team,” a Security Monitoring Service for Systems using Generative AI
    X facebook linked-in

    Contact Us