| CARVIEW |
Select Language
HTTP/2 200
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-security-policy: img-src 'self' data: https://storage.cloud.google.com/gweb-research2023-stg-media-mvp/ https://*.googleusercontent.com/ https://storage.googleapis.com/gweb-research2023-stg-media-mvp/ https://storage.googleapis.com/gweb-research2023-stg-media/ https://storage.googleapis.com/gweb-research2023-media/ https://research.google *.googletagmanager.com *.google-analytics.com https://*.googleusercontent.com/ https://blogger.googleusercontent.com *.ytimg.com *.bp.blogspot.com https://docs.google.com/a/google.com/ https://i.imgur.com/WZocAi7.png https://i.imgur.com/oPCeEcZ.png https://i.imgur.com/eVbbGwD.png https://upload.wikimedia.org/wikipedia/commons/e/ed/Becky_Hammon.jpg https://ngrams.googlelabs.com/ https://research.googleblog.com/uploaded_images/first06-777007.jpg https://googleresearch.blogspot.com/uploaded_images/first06-777007.jpg https://blog.research.google/uploaded_images/first06-777007.jpg https://work.fife.usercontent.google.com/fife/ https://www.gstatic.com/images/branding/googleg_gradient/; frame-src 'self' *.google.com *.withgoogle.com www.youtube.com https://google.earthengine.app/view/ocean https://mmeka-ee.projects.earthengine.app/view/temporal-demo https://storage.googleapis.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' http: https: 'sha256-zBmfIicekWsk+Q02/57n6lzm2HIgbBeWN/st19KJYBM=' 'sha256-nKvv2YwBUD93NJaZ6VA5aP7XwmGV/S3G2FkCSI49/gE=' 'sha256-8Tmnm4NhLMrRqh1ZhctvStRyWVVRfk4CHaicfEzZUuI=' 'sha256-Nj7VfcL03AiQQy3lfhSluB1hFwylXDUm+VI2NCh34/w=' 'sha256-HbfYgUUu54uUYLd8WNbMYbcHGHThlfdYPhZmxdlxx3k=' 'sha256-h+sPBVMkWSsyFrQfEmLAhGUET0J7IU8+e68UpCsNdWE=' 'sha256-xdXe7bsAE8jwMFwvzClLp6sF7kElTj3p6FLnfy5neGc=' 'sha256-F+KNqDpRAu0lnbnkzC0Nkgg/m4aDWLk0PCZJY+T4oiM=' 'sha256-x2q8GGYj0PIvCV8AfX2Lv4CKDmK6d3w8YhMV8BwCGqg=' 'sha256-HOMlxQ7t6Wh2T6NDsmOtVTa44+aepnSs1J9eYen32Xk=' 'sha256-KwxvtB46oTihNSE+ggiI4oyvgiSHdj9E5+wG+P6DTD0=' 'sha256-KO07c+2Siu0kHdu/DmM+rvrdVUgTcNPjkSbmTAO8QrE='; connect-src 'self' *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.gstatic.com *.google.com; media-src 'self' https://*.googleusercontent.com/ https://storage.googleapis.com/gweb-research2023-stg-media-mvp/ https://storage.googleapis.com/gweb-research2023-stg-media/ https://storage.googleapis.com/gweb-research2023-media/ https://gstatic.com/ https://storage.googleapis.com/bioacoustics-www1/ https://storage.googleapis.com/chirp-public-bucket/ https://storage.googleapis.com/h01-release/ https://storage.googleapis.com/brain-genomics-public/ https://github.com/ https://implicitbc.github.io/ https://google.github.io/ https://dynibar.github.io/ https://google-research.github.io/ https://innermonologue.github.io/ https://iterative-refinement.github.io/ https://infinite-nature-zero.github.io/ https://google-research-datasets.github.io/ https://language-to-reward.github.io/ https://*.gstatic.com/ https://raw.githubusercontent.com/ https://karolhausman.github.io/mt-opt/img/mt-opt-grid.mp4 https://palm-e.github.io/videos/palm-e-teaser.mp4 https://research-il.github.io/ https://transporternets.github.io/ https://code-as-policies.github.io https://robotics-transformer.github.io/ https://michelleramanovich.github.io/ https://interactive-language.github.io/video/realtime_30.mp4 https://services.google.com/fh/files/blogs/aiblog_cinematicphotos.mp4 https://vlmaps.github.io/static/images/vlmaps_blog_post.mp4; default-src 'self' *.gstatic.com https://www.youtube.com/embed/kTvHIDKLFqc https://www.youtube.com/embed/Qh-4qF07V1s https://www.youtube.com/embed/gBfynvifkOY https://www.youtube.com/embed/ZMZr83rwdNI https://www.youtube.com/embed/LVFe6P-C7iY https://www.youtube.com/embed/OY2vWMtSsIM https://www.youtube.com/embed/wRCPCNtViGA https://www.youtube.com/embed/iGTM6xs2sck; base-uri 'none'
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
expires: Fri, 10 Oct 2025 05:39:37 GMT
cache-control: max-age=1800
x-wagtail-cache: hit
content-encoding: gzip
x-cloud-trace-context: bd91478d178a855515865cbdd810b16f
date: Fri, 10 Oct 2025 05:25:46 GMT
server: Google Frontend
content-length: 10494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Google's Approach for Secure AI Agents
Jump to Content
Google's Approach for Secure AI Agents
Abstract
As part of Google's ongoing efforts to define best practices for secure AI systems, we’re sharing our aspirational framework for secure AI agents. We advocate for a hybrid, defense-in-depth strategy that combines the strengths of traditional, deterministic security controls with dynamic, reasoning-based defenses. This approach is grounded in three core principles: agents must have well-defined human controllers, their powers must be carefully limited, and their actions and planning must be observable. This paper reflects our current thinking and the direction of our efforts as we work towards ensuring that AI agents can be powerful, useful, and secure by default.
Meet the teams driving innovation
Our teams advance the state of the art through research, systems engineering, and collaboration across Google.
See our teams