Arkose Labs launches agent trust manager for Titan

Arkose Labs has launched Agent Trust Manager for its Arkose Titan platform to help organisations classify online traffic from users, AI agents and malicious actors.

The release comes as AI-driven traffic rises and creates new challenges for fraud prevention teams. Arkose Labs, whose customers include Meta, Adobe and Expedia, said many existing bot and fraud tools are not designed to handle agentic AI activity.

Traffic control

Agent Trust Manager sorts traffic into several groups and applies a different response to each. The system identifies human users, self-disclosing authorised agents, non-disclosing authorised agents and malicious adversaries, then decides whether to allow, monitor, challenge, throttle or block a session.

The launch reflects a broader shift in online security as businesses contend with software agents acting on behalf of users, alongside attackers trying to mimic legitimate behaviour. The distinction is no longer simply between bots and humans, but among different types of automated activity that require separate treatment.

Arkose Labs described three main populations in current traffic flows: self-disclosing good agents, such as verified crawlers and partner integrations that publish IP ranges and sign HTTP headers; non-disclosing good agents, such as AI assistants and agentic browsers acting for real users; and malicious adversaries, including account takeover campaigns, fake account operations and payment fraud groups.

Behaviour analysis

According to Arkose Labs, Agent Trust Manager sits on top of data already gathered by Arkose Titan, including device intelligence, behavioural biometrics and adaptive challenge telemetry. It also uses threat signals from ACTIR threat intelligence to classify intent and adjust enforcement as a session develops.

The system is designed to reassess activity if behaviour moves beyond an initially accepted scope. In practice, that means an agent allowed to carry out one task could face tighter controls if it begins probing a restricted area or behaves in a way that suggests abuse.

Arkose Labs also disclosed telemetry data on impersonation tactics, saying 74% of adversarial sessions spoof browser values and 69% fake macOS environments. It said this makes behavioural and device-level analysis necessary for accurate classification.

The data points to a broader problem for online businesses, particularly those handling logins, account creation, payments and other high-value customer interactions. Attackers increasingly use residential proxies and cloud infrastructure to imitate normal browser environments at scale, making older rule-based approaches less reliable.

Growing volumes

Kevin Gosschalk said customer traffic patterns are already changing quickly. "Among our customer base, we are already seeing agentic traffic double quarter-over-quarter," said Gosschalk.

He said businesses will need automated policy enforcement rather than static rules alone. "The companies that successfully combat them won't be the ones that simply define an agent control policy. It will take real time, automatic enforcement of those policies without a human ever having to get involved. This enforcement gap is exactly what Arkose Agent Trust Manager closes," said Gosschalk.

Enforcement model

Arkose Labs has positioned the new offering as part of a broader effort to help companies maintain transaction flows while filtering harmful activity. It said customers use the Titan platform to protect digital journeys against fraud, abuse and account attacks, and that the new product extends those controls to the growing volume of AI-mediated interactions.

Founded in San Mateo, Arkose Labs works with clients across financial services, technology and travel. The company said its approach is based on behaviour rather than declared identity alone, a distinction it argues matters as legitimate assistants, business agents and hostile automation increasingly appear in the same online flows.

Arkose Labs said Agent Trust Manager uses a five-step enforcement model: Allow, Monitor, Challenge, Throttle and Block. Proof-of-work and AI-resistant challenges are applied to sessions that require stronger checks.