Rules of Engagement
Overview
Section titled “Overview”Rules of Engagement (RoE) are the contract the Autonomous Security Agent must obey. Before the agent acts, you define what it may target, what it must never do, and what it’s trying to achieve. RoE plus runtime guardrails are what make autonomy safe.
Key benefits
Section titled “Key benefits”| Benefit | Capability | Business value |
|---|---|---|
| Bounded autonomy | Explicit scope and constraints | The agent can’t stray outside what you authorized |
| Clear intent | Defined objectives | The agent works toward your goal, not a generic one |
| Accountability | RoE recorded and audited | Defensible record of what was permitted |
How it works
Section titled “How it works”The Rules of Engagement panel (under Autopilot) lets you set the engagement’s scope (allowed targets), constraints (forbidden actions, limits), and objectives. At runtime, a guardrails layer detects sensitive contexts — for example production or critical scope — and enforces the RoE on every step, alongside the per-phase Tool Matrix. The agent never grants itself elevated platform privileges, and tenant isolation always holds.
Implementation / workflow
Section titled “Implementation / workflow”- Open Autopilot → Rules of Engagement.
- Define the scope, constraints, and objectives for the engagement.
- Start an agent session — it operates only within the RoE.
- Review the audit trail afterward to confirm compliance.
Best practices
Section titled “Best practices”- Keep scope as narrow as the objective allows.
- Treat RoE as mandatory, not optional — never run an unbounded session.
- Review the audit trail after every session.