What is bounded autonomy in agentic security?

Bounded autonomy is the practical answer to the trust problem in agentic security. Unbounded agents can take actions no one anticipated; bounded agents act freely within a defined envelope and escalate outside it. Implementation requires least-privilege access controls, clear recommendation-versus-execution role separation, and human validation for high-impact actions like host isolation or account disablement.

In Command Zero, autonomy is bounded by the Question-based method and customer-defined controls. Agents can only ask questions from the authorized library, query the data sources the customer has connected, and operate within the investigation modes the customer has enabled. Nothing happens outside that envelope without escalation. Bounded autonomy is a precondition of Governed AI, not an add-on.