What is the difference between AI safety and AI security?

AI safety focuses on preventing AI from causing unintended harm through its own behavior (alignment, hallucination, bias), while AI security focuses on protecting AI systems from external threats (prompt injection, data poisoning, model theft) — and autonomous agents require both.

The distinction matters for enterprise AI agents:

• AI Safety concerns: Agent hallucinates parameters, agent drifts from instructions, agent takes unintended destructive actions, agent generates biased outputs
• AI Security concerns: Prompt injection hijacks agent behavior, data poisoning corrupts RAG pipelines, credential theft via tool calls, model extraction attacks
• Both simultaneously: An agent can be "safe" (following instructions correctly) but "insecure" (those instructions were injected by an attacker). Or "secure" (no external attacks) but "unsafe" (hallucinating destructive SQL queries)

Most solutions address only one side: Guardrails AI focuses on safety (output validation), Lakera focuses on security (prompt injection detection). Neither governs execution.

Exogram addresses both simultaneously at the execution boundary. The deterministic policy engine blocks unsafe actions (hallucinated parameters, destructive queries) AND insecure actions (exfiltration attempts, unauthorized access) — because it validates what the agent DOES, not why it does it. Motivation is irrelevant. Action is everything.