How security works in Cascade
Security in Cascade is detection-driven and enforcement-aware. As an agent executes, Cascade’s DeepStream system captures detailed traces of behavior. These traces are evaluated in real time against security-specific detection models. When a threat is identified, Cascade records the event and applies a response based on the configured enforcement mode. Security detection operates independently but integrates seamlessly with Cascade’s observability and safety systems.Security capabilities
Cascade provides three primary security capabilities designed to address adversarial threats.Threat Detection
Identify prompt injection, data exfiltration, and alignment manipulation in real time
Risk Map
Visualize security risk propagation across agents, tools, and data flows
Enforcement Control
Apply observe, detect, or enforce modes to security threats independently
Threat categories
Security threats are grouped into distinct categories based on attack vector and impact.- Prompt Injection: Attempts to override or manipulate agent instructions to produce unintended behavior
- Data Exfiltration: Attempts to extract sensitive or unintended data through agent behavior or tool usage
- Alignment Manipulation: Gradual or coordinated attempts to shift agent behavior or reasoning over time
Runtime evaluation
Security evaluation happens continuously while an agent runs. As traces are generated, Cascade:- Analyzes inputs for instruction manipulation
- Monitors tool usage for unauthorized access patterns
- Tracks behavioral shifts across historical executions
- Evaluates outputs for data leakage indicators
- Produces security findings tied to the trace
Who security is for
The Security system is designed for:- Security teams monitoring adversarial risk
- Platform teams deploying agents in production
- Compliance teams managing threat exposure
- Developers building agent workflows