Netzilo, the company building the AI control plane for the agentic workforce, today announced the public release of its AI Detection & Response (AIDR) rules to the open-source community. The detection rules are available immediately and at no cost at github.com/netzilo/aidr-sigma, giving security teams a transparent, inspectable, and contributable library for detecting threats that target — or originate from — autonomous AI agents.
As enterprises deploy AI agents faster than they can govern them, traditional security tooling has been left blind. Endpoint Detection & Response (EDR) and Security Information & Event Management (SIEM) systems monitor low-level telemetry such as file reads and network calls, but lack the context to understand the intent behind an agent's actions. Netzilo calls this the "Context Gap" — and it allows techniques such as prompt injection and tool poisoning to pass as ordinary activity, while agents operate over machine-speed protocols like Model Context Protocol (MCP) that never reach traditional security gates.
With today's release, Netzilo is opening the detection logic at the heart of AIDR. Each rule describes, in a readable and standardized format, the behavioral pattern that defines a specific AI-agent threat and the action the system should take when it occurs. Because the rules are open, any engineer can read precisely how a detection works, adapt it to their own environment, and contribute improvements back to the community.
"Securing AI agents cannot be a black box. By releasing our AIDR rules to the community, we are turning AI agent defense into shared infrastructure — a control plane the whole industry can build on."
— Egemen Tas, CEO of Netzilo
Netzilo describes AIDR as a runtime control plane for the agentic workforce. Rather than supervising language alone, AIDR builds a runtime graph of every action an agent takes — tool calls, file reads, network requests, and skill acquisitions — and correlates multi-stage sequences that appear harmless in isolation but signal a breach in aggregate. The platform enforces deterministic, policy-as-code controls and can isolate or terminate a compromised agent in real time, without routing enterprise data through third-party infrastructure.
Detections built for AI-agent threats
The initial community rule set targets threats unique to AI agents, including:
- Prompt injection and indirect prompt injection
- Tool poisoning
- Capability hijacking and privilege escalation
- Multi-stage data-exfiltration chains
The Netzilo AIDR community rules are available now at github.com/netzilo/aidr-sigma. The repository is open for inspection, deployment, and contribution, and Netzilo will continue to publish new detections as agent threats evolve.
About Netzilo
Netzilo builds the AI control plane for the agentic workforce. Its AIDR (AI Detection & Response) platform delivers behavioral intelligence, deterministic Governance-as-Code enforcement, and kill-switch capability for autonomous AI agents, closing the visibility gap that EDR and SIEM leave open. Netzilo is headquartered in Campbell, California. Learn more at www.netzilo.com.
###