Cloud Security Alliance: 82% of Firms Lack Control Over AI Agents—OpenBox AI, Mastra Respond

As enterprise AI agents rapidly move into production, governance frameworks are struggling to keep pace. In fact, recent industry insights highlight a growing concern: organizations are deploying AI agents faster than they can monitor or control them. According to the Cloud Security Alliance, 82% of organizations identified previously unknown AI agents within their networks over the past year. However, only a small fraction just one in five currently maintain a formal process to decommission these systems. Meanwhile, regulatory pressure continues to intensify, especially with the EU AI Act’s high-risk provisions set to become enforceable on August 2, 2026.

Against this backdrop, OpenBox AI and Mastra have announced a strategic partnership aimed at addressing this widening governance gap. Notably, the announcement follows their recent funding milestones, with OpenBox AI securing a $5 million seed round and Mastra raising $22 million in its Series A. Together, the companies are introducing a solution that embeds runtime governance directly into AI agent workflows, ensuring compliance and oversight from the very beginning.

Through this integration, OpenBox AI makes governance a default feature for every AI agent built on Mastra, a widely adopted TypeScript agent framework used by organizations such as Replit, Brex, MongoDB, Workday, and Salesforce. Importantly, developers can enable this capability with a single function call, eliminating the complexity traditionally associated with governance implementation.

“Most governance tools ask developers to stop shipping and start plumbing. We built OpenBox so that adding governance takes one line – and from that moment, every tool call, workflow step, and agent decision in your entire Mastra runtime is scored, attested, and auditable.”
— Tahir Mahmood, Co–founder & CTO, OpenBox AI

At a technical level, OpenBox wraps the Mastra runtime end-to-end, providing continuous oversight across all agent activities. Specifically, it evaluates every tool invocation, workflow step, sub-agent interaction, and inter-agent communication using the OWASP AI Vulnerability Scoring System. Based on this analysis, the system assigns one of five verdicts: allow, constrain, require approval, block, or halt. Furthermore, decisions are delivered in under 250 milliseconds at the 95th percentile, ensuring minimal impact on performance.

In addition, the platform enhances transparency and accountability by cryptographically attesting and logging every action. It also supports persistent human-in-the-loop approvals, even across system restarts. To strengthen data protection, the integration includes built-in PII detection and content moderation at both ends of each agent interaction. As organizations scale their AI deployments, the system automatically governs new tools and agents, supported by compliance-ready dashboards and native multi-agent workflow capabilities.

Consequently, this integration transforms governance from a reactive, post-deployment effort into a proactive, built-in capability. According to both companies, it represents the first instance where compliance-grade governance becomes a one-line default rather than a complex integration project.

“Our community is shipping production agents at companies that handle real money, real customer data, and real regulatory scrutiny. They’ve been telling us governance can’t be something you bolt on six months after launch. OpenBox was built agent–native – it understands the difference between a business action and an internal HTTP call, renders multi–agent graphs as a single timeline, and governs new tools the moment a developer adds them. That’s the only model that keeps up with how Mastra teams actually build.”
— Abhi Aiyer, Co–founder and CTO, Mastra

Ultimately, as enterprises continue to scale AI adoption, this partnership positions OpenBox AI and Mastra at the forefront of secure and compliant AI operations, helping organizations stay ahead of both technological and regulatory challenges.

Source- PR Newswire

Recommended Cyber Technology News:

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com

🔒 Login or Register to continue reading

Tags: AI adoption, AI Agents, AI vulnerability, data protection, Governance

CyberTech Media Room

CyberTech Media Room is the editorial intelligence arm of CyberTech Insights, focused on delivering high-impact narratives at the intersection of cybersecurity, data infrastructure, AI systems, and enterprise risk. Built for decision-makers, analysts, and technology leaders, the CyberTech Media Room translates complex security developments into structured, actionable intelligence. Its coverage spans threat landscapes, regulatory shifts, cyber resilience frameworks, and emerging technologies shaping modern enterprise defense. The editorial approach is grounded in three principles: Signal over noise — prioritizing relevance, depth, and strategic clarity over volume Intelligence-led storytelling — combining data, expert perspectives, and market context Decision utility — ensuring every piece contributes to informed business or technology outcomes CyberTech Media Room collaborates with industry practitioners, researchers, and enterprise leaders to surface insights that matter—from boardroom-level risk considerations to operational security strategies. Positioned beyond traditional media, it operates as a strategic intelligence layer for organizations navigating an increasingly complex and adversarial digital environment.