The company published its Security Comprehension and Awareness Measure (SCAM) benchmark in February 2026 as an open-source framework for teaching AI agents to recognize security threats. Wang emphasized that organizations need identity standards tailored to agent behavior rather than human users, a departure from traditional password management approaches. The specific technical details of how these frameworks operate in production remain limited in public disclosures.
For attorneys advising technology companies or enterprises managing AI workflows, this development signals a shift in how identity and access control will be governed as autonomous systems scale. Organizations deploying AI agents should expect evolving contractual and compliance obligations around credential security. The emergence of agent-specific security standards—rather than retrofitting human-centered frameworks—will likely become a baseline expectation in enterprise software agreements and vendor due diligence within the next 18 months.