Who Watches The AI Agents?
Reading Time: 7 Minutes
A third of companies have no formal plan for supervising their AI agents. Geordie AI, a London security start-up that monitors what agents do, just raised $30 million to fill that gap.
Risk
Geordie AI and the lamp
When an AI agent is given a task, it picks its own steps to deliver the best output. The agent decides which systems to log into, which files to read, and where to send what it finds. So, a company can check what instruction the agent was given and monitor the data flow that follows. Both can look clean, but leaks and misuse can still happen. Why? Many companies still do not utilise security tools that watch the steps in between, Henry Comfort, the co-founder of security startup Geordie AI, told Pulse 2.0. "You're watching the wrong thing."
Geordie AI, which Comfort founded in London in early 2025 with Hanah Darley and Benji Weber, closed a Series A led by Balderton Capital, with new money from Crosspoint Capital and follow-on investment from General Catalyst and Ten Eleven Ventures, less than a year after the company left stealth with a $6.5 million seed. Total funding stands at $36.5 million. Fortune, according to Companies House filings, puts the valuation at roughly $180 million post-money and believes the round is the largest Series A yet raised by a European cybersecurity startup. In March the company won the RSAC Innovation Sandbox, the cybersecurity startup competition whose past finalists include Wiz and SentinelOne. Geordie now employs 37 people across London and New York, and Comfort expects around 50 within three months.
The company name is a nod to their vision. The Geordie lamp was a miner's safety lamp invented by George Stephenson in 1815, built so that men could keep working coal seams where firedamp, an invisible flammable gas, might be building around them. The company's retelling is that the lamp revealed a new and invisible risk before it struck, so that work could keep moving at pace.
The new invisible risk lies within agentic AI.
Image Source: © Geordie AI
Geordie AI "Agent Discovery" interface showing automatic discovery and inventory of AI agents across enterprise environments.
What can I expect from a subscription?
Real-world strategies for navigating the future of work.
AI AGENTS AT WORK
Everything you need to know about how AI agents are changing teams and ways of working.
SUPERHUMXN IRL
Real insights from investors and operators.
MEMOS ON PEOPLE, CULTURE & AI AT WORK
The latest use cases and strategies for change and transformation.
Siloes
Chaotic free-for-all
WRITER, the enterprise AI platform, published its second annual adoption study in April, run with the research firm Workplace Intelligence across 2,400 executives and employees at companies using AI at work. Thirty-six percent of those companies have no formal plan for supervising AI agents, and more than a third of executives said they are not very confident they could pull the plug on a rogue agent causing financial or reputational damage. Sixty-seven percent believe their company has already suffered a data leak or breach through an unapproved AI tool, 79 percent said AI applications are being built in silos by individual departments, and 55 percent described AI use at their own company as a "chaotic free-for-all".
Companies deploying agents already know supervision is falling behind. In Ernst & Young's February Technology Pulse Poll, across 500 US technology-industry leaders at companies of 5,000 or more employees, 78 percent said AI adoption is outpacing their organisation's ability to manage it, 97 percent called autonomous AI a high or essential priority, and 52 percent of department-level AI initiatives ran without formal approval or oversight. The natural consequences are grim. Sixty-seven percent of WRITER's respondents believe their company has already suffered a leak or breach through an unapproved AI tool, and 79 percent said AI applications are built in siloes. Siloes mean that unchecked software has direct access to sensitive and valuable company data.
Image Source: WRITER
WRITER's 2026 Enterprise AI Adoption survey chart showing the leading reasons employees use unapproved generative AI tools at work.
Invisible
The Darktrace inheritance
Darktrace built one of the security industry's biggest businesses on the premise that companies cannot defend what they cannot see, and sold software that watched network traffic for threats that no human analyst would catch. Two of Geordie's three founders come from Darktrace. Comfort, who ran a professional football club at 23, rose to chief operating officer for the Americas and stayed through its IPO. Darley arrived from a decade in government intelligence and ran the company's security and AI strategy; at Geordie she is chief AI and product officer. The third founder, Weber, comes from Snyk, where as a senior director of engineering he built automated tools that found vulnerabilities in code before the code reached production.
The idea for Geordie surfaced on early calls with the chief information security officers furthest into agent adoption, Comfort told Pulse 2.0. Some had frozen agent projects because they had no view of the risk. Others had deployed first and were trying to bolt on monitoring later. Darktrace was acquired by Thoma Bravo for about $5.3 billion in 2024. Worth watching where the team takes Geordie next.
Owkin
A $13 million iceberg
Owkin, the French-American drug discovery company, runs hundreds of agents across more than 50 petabytes of biomedical data, and was one of Geordie's earliest customers. Geordie's platform finds agents wherever they operate, on laptops, in cloud infrastructure, inside third-party software or in a company's own code, maps what each one can reach, and flags risk as they act. A second product, Beam, guides agent behaviour in real time versus relying on fixed guardrails. At Owkin, a single proof-of-concept deployment identified more agents than the company's existing inventories had captured, along with risks including MCP command injection exposure and credential leakage. Owkin's own risk methodology valued the averted exposure at between $12 and $13 million, and the company has since used the findings to show pharmaceutical partners its EU AI Act alignment during procurement, according to Geordie's account of the deployment. Leo Cunningham, chief information security officer, described the change as seeing "the iceberg that rocked the Titanic weeks in advance".
Even a company with a dedicated security team and a CISO who quantifies risk for a living, still did not know how many agents it was running. At Forge Holiday Group, another early customer, the security team used the platform to gain visibility of an expanding agent estate, per Pulse 2.0. At AlphaSense, the financial data company, Geordie covers what Comfort described to Fortune as tens of thousands of agents. Both scale figures come from the vendor and its customers rather than an independent audit. The company says it is deployed across roughly 30 customer environments, and reported 1,300 percent annual recurring revenue growth in the first five months of 2026, another company-supplied number, growing from a base it has not disclosed.
Watching agents saved Owkin an estimated $13 million of exposure and helped them win deals, with partners now demanding proof of oversight before signing. Expect more buyers to ask for the same proof.
Agent 365
Marking their own homework
The biggest software companies are building agent oversight of their own. Microsoft offers Agent 365, ServiceNow its AI Control Tower, and OpenAI has added agent governance features to its Frontier enterprise platform, a lineup reported by Fortune. Each watches the agents inside its own ecosystem. But Comfort's argument is that enterprises run agents from several providers at once, built on different models and deployed through different platforms, so a customer relying on one vendor's oversight gets a view of that vendor's agents and no others. "We're playing a different game to those guys," he told Fortune, adding that the companies selling agent-building software are making it harder to connect those agents to rivals' data and plug-ins, keeping value inside their own walls.
Balderton Capital, the London venture firm that led Geordie's $30 million Series A, bets the independent product survives next to Microsoft's. Other independents have raised money securing AI, including Lakera, the Atomico-backed company defending against prompt injection, and Protect AI, which raised $60 million in 2024 for securing machine-learning supply chains. The market was worth $1.83 billion in 2025, and Mordor Intelligence forecasts $7.84 billion by 2030. Either the platforms extend their oversight across each other's agents, or companies keep buying a separate product to do it.
Image Source: Photo courtesy of Geordie AI, via Fortune
Geordie AI co-founders Henry Comfort (CEO), Benji Weber (CTO) and Hanah Darley (chief AI and product officer)
Close
James Wise, the Balderton partner who led Geordie AI’s recent investment round, joins the board, and says agents are becoming core enterprise infrastructure, despite the lagging security concerns. Mark Crane, the General Catalyst partner who backed the seed, says the firm invested before the category was proven, and that agents have since moved into production faster than enterprises were ready.
The AI race is no longer just about building better agents. It's about knowing what those agents are doing after they're deployed. As autonomous systems become part of everyday operations, visibility and oversight may become as fundamental to enterprise AI as antivirus became to enterprise computing.
