Security Engine
Anomaly detection and AI safety guardrails for autonomous agents
The Securix Security Engine monitors API traffic patterns for agent-specific anomalies and provides built-in AI safety guardrails.
Anomaly Detection
Securix analyzes traffic patterns to identify suspicious behavior:
Behavioral Analysis
| Anomaly Type | Detection Criteria | Action |
|---|---|---|
| Mass Deletion | >100 DELETE requests/minute | Block + Alert |
| Data Exfiltration | >1GB download in 5 minutes | Block + Alert |
| Unusual Hours | Activity outside normal patterns | Alert only |
| Rate Limiting | Exceeding API limits | Throttle |
Real-time Blocking
If an Agent attempts to DELETE 100+ files in a minute, the AASB blocks the traffic and notifies the user:
{
"error": "anomaly_detected",
"code": "SX-403",
"message": "Request blocked: mass deletion pattern detected",
"details": {
"action": "files.delete",
"count": 147,
"window": "60 seconds"
}
}Error Mapping
If a user has "Paused" an app, Securix returns a standard error with a Securix-specific error code for graceful handling:
| Scenario | HTTP Code | Securix Code | Description |
|---|---|---|---|
| App Paused | 403 | SX-PAUSED | User has paused the integration |
| Scope Disabled | 403 | SX-SCOPE-DISABLED | Virtual scope is disabled |
| Folder Hidden | 404 | SX-FOLDER-HIDDEN | Requested folder is redacted |
| Rate Limited | 429 | SX-RATE-LIMIT | Too many requests |
| Token Expired | 401 | SX-TOKEN-EXPIRED | Credentials need refresh |
This allows developers to handle security responses gracefully in their applications.
AI Safety Guardrails
Prevent Hallucinated Actions
- Confirmation for destructive actions - Delete, permanently remove operations require extra validation
- Batch operation limits - Prevent accidental mass operations
- Content validation - Verify data before transmission
Accidental Exfiltration Prevention
- Download limits - Cap data transfer rates
- Data classification - Flag sensitive content
- Destination validation - Verify target locations
Audit Logging
All security events are logged for compliance and debugging:
- Access Logs - Every API request with timestamp, user, action
- Security Events - Anomaly detections, blocks, alerts
- Configuration Changes - Permission updates, scope changes
- Export - Download logs for external audit
Configuration Options
Developers can customize security behavior:
const securix = new Securix({
// Enable/disable specific guardrails
guardrails: {
massDeletion: { enabled: true, threshold: 100 },
exfiltration: { enabled: true, maxMB: 1000 },
rateLimiting: { enabled: true, requestsPerMinute: 60 },
},
// Custom error handling
onAnomaly: (event) => {
// Send notifications, update UI, etc.
},
});