Trent AI
Multi agent security platform that secures a company's own AI agents across their lifecycle, using specialist scan, judge, mitigate, and evaluate agents to catch and fix threats like prompt injection, tool misuse, and data exfiltration.
Trent AI is a London based agentic security company founded in 2025 to secure the AI agents and autonomous workflows that enterprises are now deploying faster than their defenses can adapt. The founding team is unusually research heavy: chief executive Eno Thereska was a distinguished engineer at Alcion, which Veeam acquired, and earlier at AWS and Confluent; chief scientist Neil Lawrence is the DeepMind Professor of Machine Learning at the University of Cambridge and a former director of machine learning at Amazon; and chief technology officer Zhenwen Dai came from machine learning roles at AWS and Spotify. In April 2026 the company emerged from stealth with a thirteen million dollar seed led by LocalGlobe and Cambridge Innovation Capital, joined by angels from OpenAI, AWS, Databricks, and Spotify. Trent cites a governance gap: most companies plan to deploy agentic AI, but few have a mature model for governing autonomous agents.
Trent secures agents throughout their lifecycle with a multi agent architecture. Scanning agents continuously observe code, infrastructure, dependencies, agents, and runtime behavior to learn where risk lives. Analysis agents judge signal from noise, assess business impact, and prioritize by real risk rather than static rules, a judgment that a proprietary reinforcement learning layer sharpens over time. Remediation agents patch vulnerabilities, open pull requests, and adjust configurations, then validate that the fixes hold. Security posture agents track trends, quantify risk over time, and benchmark against standards. The platform is built to catch agent specific failure modes such as prompt injection, tool misuse, unintended actions, data exfiltration, and privilege escalation, and it works at the design and architecture level rather than relying on point in time code scanning.
Trent is a partner member of the OWASP project for large language model application security and a startup partner in Carnegie Mellon's CyLab network, and it lists early design partners including Canopy, Commscentre, and Qbeast. For an engineering or security team shipping its own agents that wants continuous, context driven security embedded in the build process rather than bolted on afterward, Trent is a promising fit. Because the company is fresh out of stealth and running with design partners, a buyer needing a mature, broadly deployed platform, self hosted or air gapped delivery, or open model choice should treat it as early stage, since those are not yet documented.
Vendor details
Canonical URL
https://trent.ai
Category
Security / SOC agent
Subcategory
Security for AI agents
Funding status
Independent, headquartered in London, founded in 2025 by Eno Thereska (CEO, formerly a distinguished engineer at Alcion, AWS, and Confluent), Neil Lawrence (chief scientist, DeepMind Professor of Machine Learning at Cambridge and former Amazon ML director), and Zhenwen Dai (CTO, formerly of AWS and Spotify). Trent emerged from stealth in April 2026 with a thirteen million dollar seed led by LocalGlobe and Cambridge Innovation Capital, with angels including OpenAI's Joaquin Quinonero Candela, AWS director Avinash Bhat, Databricks engineer Ippokratis Pandis, and former Spotify AI leader Tony Jebara. Early design partners include Canopy, Commscentre, ML@Cam, Qbeast, and Weblogic.
Company status
independent
Use cases & customers
Primary use cases
Target customers
Deployment options
Integrations
Trent operates across the development lifecycle and runtime, observing code, infrastructure, dependencies, and agent behavior, and it integrates with development workflows to apply and track fixes, including opening pull requests and adjusting configurations. It aligns with the OWASP guidance for large language model applications. As an early stage platform running with design partners, the breadth of published, out of the box connectors is still limited.
In practice
A team ships an AI agent with access to real systems and no security framework built for it. Trent's scanning agents map where risk lives and its judge agents prioritize what actually matters.
An agent is vulnerable to prompt injection or could be steered into exfiltrating data. Trent detects the agent specific failure mode and its remediation agents patch it and validate the fix.
Security wants to keep pace with builders without slowing them down. Trent embeds continuous, context driven checks into the development process and tracks risk posture over time.
Sources & related URLs
Research sources
Capability coverage
7.0 / 14 capabilities · 50%
| Integrations & Tool CallingObserves code, infrastructure, dependencies, and runtime and integrates with development workflows to apply fixes, but as a design partner stage product its connector breadth is still limited, Trent AI docs 2026-07-07 | Partial |
|---|---|
| Workflow OrchestrationA multi agent architecture orchestrates specialist scan, judge, mitigate, and evaluate agents across customer workflows, Trent AI docs 2026-07-07 | Full |
| Knowledge Grounding & RAGA context driven judgment layer grounds decisions in the customer's system architecture, agent behavior, and data flows and improves through reinforcement learning, Trent AI docs 2026-07-07 | Full |
| Human Oversight & GuardrailsRemediations are surfaced as prioritized fixes and pull requests for developers, but detailed oversight and approval controls are not documented, Trent AI docs 2026-07-07 | Partial |
| Security, Identity & GovernanceSecurity and governance for AI agents is the core product, enforcing safe behavior and aligning with OWASP guidance for large language model applications, Trent AI docs 2026-07-07 | Full |
| Observability & AuditabilityPosture agents continuously monitor, track trends, quantify risk over time, and benchmark against standards for ongoing observability, Trent AI docs 2026-07-07 | Full |
| Memory & State PersistenceThe platform continuously updates its assessment as the environment evolves, but a first class persistent memory store is not documented, Trent AI docs 2026-07-07 | Partial |
| Deployment & Data ResidencyDelivered as a cloud service with no self hosted, on premise, or air gapped option documented, Trent AI docs 2026-07-07 | Unable to verify |
| Prebuilt Agents, Templates & PacksShips prebuilt specialist security agent roles rather than a customizable library of templates or packs, Trent AI docs 2026-07-07 | Partial |
| Triggers & Channel CoverageContinuous monitoring triggers on changes across code, agents, and runtime, but channel coverage centers on the agentic estate, Trent AI docs 2026-07-07 | Partial |
| Model Flexibility & RoutingRuns on its own specialized models with no documented customer model choice or routing, Trent AI docs 2026-07-07 | Unable to verify |
| APIs, SDKs & MCP ExtensibilityNo published customer facing API, SDK, or MCP surface for extensibility is documented, Trent AI docs 2026-07-07 | Unable to verify |
| Testing, Debugging & OptimizationEvaluate agents benchmark posture and validate that fixes hold, a domain testing surface rather than a general agent evaluation harness, Trent AI docs 2026-07-07 | Partial |
| Browser & Computer UseNo browser or computer use capability is described, Trent AI docs 2026-07-07 | Unable to verify |
Pricing
Not public; early stage, working with design partners
custom design partner and early customer engagements
What is public
Nothing on price. The company is fresh out of stealth and publishes no pricing.
Billing mechanics
Direct engagements with design partners and early customers; no standard tiers disclosed.
Cost watchouts
Design partner engagements can carry implementation and feedback commitments beyond license cost.
Variable cost rationale
As an early platform without published pricing, cost scope is undefined and likely to scale with the number of agents and environments secured, though terms are negotiated directly.
Additional watchouts
Early stage vendor; expect evolving terms and negotiate scope, coverage, and support explicitly.
Sales call required
Yes — required for paid access
Free / trial
Design partner program; no public free tier
Key ambiguities
No public pricing, entry point, or scope units at this stage.
Related vendors
- 7AI — Swarming agentic SOC from the Cybereason founders: sixty plus domain…
- Airrived — Agentic OS that unifies SOC, GRC, IAM, vulnerability management, IT,…
- Assail — Autonomous red teaming platform (Ares) whose AI agents discover,…
- Astelia — AI native exposure management platform from Israeli National Red…
- Capsule Security — Runtime security layer for AI agents that detects and blocks unsafe…
- Clutch Security — Universal non human identity security platform that discovers,…