Article Details

Google Chrome adds new security layer for Gemini AI agentic browsing. Google is introducing in the Chrome browser a new defense layer called 'User Alignment Critic' to protect upcoming agentic AI browsing features powered by Gemini. Agentic browsing is an emerging mode in which an AI agent is configured to autonomously perform for the user multi-step tasks on the web, including navigating sites, reading their content, clicking buttons, filling forms, and carrying out a sequence of actions. User Alignment Critic is a separate LLM model isolated from untrusted content that acts as a "high-trust system component." Gemini is Google’s AI assistant, that can generate text, media, and code. It is used on Android and various Google services, and integrated into Chrome since September. At the time, Google announced plans to add agentic browsing capabilities in Chrome via Gemini and now the company is introducing a new security architecture to protect it. The new architecture, presented in an announcement from Google’s engineer Nathan Parker, mitigates the risk of indirect prompt injection, where malicious page content manipulates AI agents into performing unsafe actions that lead to user data exposure or fraudulent transactions. Parker explains that the new security system involves a layered defense approach combining deterministic rules, model-level protections, isolation boundaries, and user oversight. The main pillars of the new architecture are: Google's layered defense approach towards agentic browsing shows that the company is more careful about giving its LLMs access to the browser than vendors of similar products, who researchers showed to be vulnerable to phishing, prompt injection, and purchasing from fake shops through prompt injection attacks. Google has also developed automated red-teaming systems that generate test sites and LLM-driven attacks to continuously test defenses and develop new ones where required, pushed quickly to users via Chrome’s auto-update mechanism. Finally, Google has announced bounty payments of up to $20,000 for security researchers who can break the new system, calling the community to join in the effort to build a robust agentic browsing framework on Chrome. Break down IAM silos like Bitpanda, KnowBe4, and PathAI Broken IAM isn't just an IT problem - the impact ripples across your whole business. This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.