Current security architectures can verify that an agent's actions are authorized but cannot detect when an agent's behavior has shifted from its originally intended purpose while all API calls remain valid. This means compromised, repurposed, or misaligned agents are indistinguishable from healthy ones using any existing monitoring tool. A new observability primitive is needed that tracks behavioral intent continuity, not just permission validity.

Compromised or misaligned agents operating within valid permissions are invisible to every existing security and observability tool, creating a blind spot that grows more dangerous as agents gain broader authorization scopes.

Platform engineering and security teams at companies deploying autonomous AI agents in production (fintech, SaaS, infrastructure) who already use auth/permissions but lack behavioral anomaly detection.

Enterprises are deploying agents with broad API permissions today and security teams are actively searching for guardrails beyond RBAC; this fills a gap no current APM, SIEM, or agent framework addresses, and buyers already have budget for runtime security tools like Datadog, Snyk, and Wiz.

MVP: an OpenTelemetry-compatible sidecar that ingests agent action traces, builds a behavioral baseline embedding per agent identity using lightweight sequence models, and fires alerts when the action-sequence distribution drifts beyond a configurable threshold — ship as a hosted API + dashboard, integrate with LangSmith/CrewAI/AutoGen trace formats first.

Subset of the $20B+ runtime application security and observability market; agent-specific behavioral monitoring could be a $1-2B segment within 3 years as agentic deployments scale.