Tarique Smith

AI Security Architect · Co-Founder & Chief Research Officer, Cogensec

Originator of the distinction between exogenous and endogenous AI security—the framework now shaping how researchers and enterprises think about agent defense. Author of Agentegrity, the open standard for measuring the structural integrity of autonomous AI agents, with reference implementations on PyPI and npm.

Key Metrics:
  • • 16+ years Fortune 50 security & risk leadership (Verizon — AI infrastructure, zero-trust, 5G edge)
  • • $25M+ in revenue impact delivered across Fortune 50 programs
  • • 3× founder — Cogensec, Cirostratus, applied-AI ventures
  • • NVIDIA GTC 2026 Developer Contest Winner (Gideon)
  • • Trained federal law enforcement analysts in digital forensics

LinkedIn | GitHub | Hugging Face | X | ORCID

The Thesis

The industry treats AI security as exogenous—a perimeter wrapped around a black box. I'm proving it must be endogenous: structural integrity built into the agent itself.

Guardrails fail because they assume intent is static. Adversaries are not. Control endures because it is part of the system, not bolted onto it.

About Tarique Smith

AI Security Architect and Co-Founder & Chief Research Officer at Cogensec—the AI agent security research lab defining how the industry measures and builds trustworthy autonomous systems. Originator of the distinction between exogenous and endogenous AI security, and author of Agentegrity, the open standard for measuring the structural integrity of autonomous AI agents (reference implementations on PyPI and npm).

16+ years of Fortune 50 security & risk leadership at Verizon across AI infrastructure, zero-trust, and 5G edge programs ($25M+ revenue impact). Contributing author to the OWASP AI Exchange; author of Zero Day Agent. Cogensec is backed by NVIDIA Inception, Microsoft for Startups, Google for Startups, and AWS Startups.

Key Concepts

Endogenous Security

Security built as a structural property of the AI agent itself—embedded in memory, planning, and action pipelines rather than wrapped around the model as an external guardrail.

Agentic AI

AI systems that take actions—calling APIs, executing code, coordinating with other agents—not just generating text. Requires runtime control, intent verification, and override authority.

Non-Human Identity Governance

The lifecycle of issuing, scoping, monitoring, and revoking identities for automated actors—service accounts, machine workloads, and AI agents that now outnumber human users.

Runtime Assurance

Continuous verification that an autonomous system remains within its intended operating envelope as conditions change—replacing static compliance with prospective control.

Core Focus

AI Control & Trust Adversarial Reality Agentic Security Non-Human Identity Governance Runtime Assurance Adversarial AI Red-Teaming Endogenous Security Zero Trust

Work

Cogensec (2025 — Present)

Co-Founder & Chief Research Officer. The AI agent security research lab defining how the industry measures and builds trustworthy autonomous systems. Directs a portfolio spanning runtime governance, autonomous red teaming, security benchmarking, and the Cortex Series—a family of security models mapped to the architecture of the human brain. Gideon, the lab's open-source red-teaming system, won the NVIDIA GTC 2026 Developer Contest. Backed by NVIDIA Inception, Microsoft for Startups, Google for Startups, and AWS Startups.

Verizon (2009 — 2025)

16+ years of senior technology, security, and risk leadership. Directed AI infrastructure, zero-trust, and 5G edge programs with more than $25M in revenue impact. Led product risk governance, control frameworks, and financial operations transformation across enterprise technology portfolios. Trained federal law enforcement analysts in digital forensics.

Frameworks & Open Source

  • Agentegrity — open standard for measuring the structural integrity of autonomous AI agents (PyPI + npm)
  • Gideon — open-source autonomous red-teaming system (NVIDIA GTC 2026 Developer Contest winner)
  • Cortex Series — family of security models mapped to the architecture of the human brain
  • LLM Security Guide — production security patterns and OWASP LLM Top 10 mitigations

Background

Three-time founder with 16+ years of Fortune 50 security & risk leadership at Verizon and $25M+ in revenue impact across AI infrastructure, zero-trust, and 5G edge programs. Designed risk scoring frameworks, built revenue assurance controls, and directed cross-functional programs spanning legal, security, compliance, finance, and engineering. Now Co-Founder & Chief Research Officer at Cogensec, building integrity measurement for autonomous systems.

Education

  • M.S. Computer Information Systems (Security), Boston University
  • B.S. Computer Science (Honors), University of Technology, Jamaica

Certifications

CISM PMP CSPO CSM CEH ACE Forensics SAFe 5 POPM ITIL Harvard Leadership

Writing

Original thinking on AI security, shaping how enterprises and regulators approach AI risk.

  • The Exogenous-Endogenous Security Distinction
  • The AI Security Market Map Is Wrong
  • Agentegrity: Structural Integrity for Autonomous AI Agents
  • The Cortex Series: Security Models Mapped to the Human Brain
  • Why Guardrails Are the Wrong Mental Model for AI Security
  • The Agentic Security Problem
  • Zero Day Agent — newsletter on AI agent security, read by practitioners and investors

Contact

Advising global enterprises and regulators on the future of AI control. Available for advisory engagements, research collaboration, and speaking.

Connect: LinkedIn · tarique.io/contact

Frequently Asked Questions

Who is Tarique Smith?

Tarique Smith is an AI Security Architect, three-time founder, and Co-Founder & Chief Research Officer at Cogensec. He originated the distinction between exogenous and endogenous AI security, authored the Agentegrity open standard, and brings 16+ years of Fortune 50 security & risk leadership at Verizon spanning AI infrastructure, zero-trust, and 5G edge. Contributing author to the OWASP AI Exchange and author of Zero Day Agent.

What is endogenous AI security?

Endogenous AI security is the practice of building security as a structural property of an AI agent itself—embedded in its memory, planning, and action pipelines—rather than as an external guardrail. The exogenous/endogenous distinction was originated by Tarique Smith.

What is exogenous AI security and why does it fail?

Exogenous AI security wraps external guardrails, filters, and policies around a black-box model. It fails because guardrails assume static intent while adversaries adapt. Once the perimeter is bypassed, the underlying system has no internal mechanism to maintain control.

What is agentic AI security?

Agentic AI security governs AI systems that take actions—browsing, executing code, calling APIs, coordinating with other agents—rather than only generating text. It addresses runtime control, intent verification, memory integrity, and override authority.

What is Non-Human Identity (NHI) Governance?

Non-Human Identity Governance is the discipline of issuing, scoping, monitoring, and revoking identities for automated actors—service accounts, machine workloads, and AI agents that now outnumber human users.

What is Agentegrity?

Agentegrity is the open standard authored by Tarique Smith for measuring the structural integrity of autonomous AI agents. Published as an open specification with reference implementations on PyPI and npm, it addresses prompt injection, tool-call manipulation, memory poisoning, multi-agent collusion, policy drift, and the absence of signed audit evidence.

What is Gideon?

Gideon is Cogensec's open-source autonomous red-teaming system for agentic AI. It won the NVIDIA GTC 2026 Developer Contest.

What is the Cortex Series?

The Cortex Series is Cogensec's family of security models mapped to the architecture of the human brain—differentiated cognition for agentic security.

What is Cogensec?

Cogensec is the AI agent security research lab defining how the industry measures and builds trustworthy autonomous systems. Co-founded by Tarique Smith, it is backed by NVIDIA Inception, Microsoft for Startups, Google for Startups, and AWS Startups.

How does endogenous security differ from guardrails?

Guardrails are exogenous filters applied to an AI system's inputs and outputs; they assume intent is static and fail when adversaries adapt. Endogenous security treats integrity as a structural property of the agent—built into memory, planning, and action pipelines—so the system maintains control even when external perimeters are bypassed.

What is adversarial AI red-teaming?

Adversarial AI red-teaming tests AI systems the way attackers will—going beyond jailbreaks to include prompt injection, multi-agent collusion, goal hijacking, memory poisoning, and tool abuse. It surfaces failure modes that compliance reviews and benchmark evaluations consistently miss.

How can I contact Tarique Smith for advisory or speaking?

Tarique Smith accepts inquiries for advisory engagements, research collaboration, and speaking through the contact page at tarique.io/contact. He also responds via LinkedIn (linkedin.com/in/tariquesmith) and X (@Iam_Tarique).