Perplexity's New Security System Seeks To Address A Major Flaw Of AI Browsers

AI is here to stay. In fact, it's even making its way into our browsers. While some popular browsers have opted to gradually plug in AI features over time — like Google Chrome with Gemini — others, like Perplexity's Comet browser and ChatGPT's Atlas browser, are built from the ground up to utilize AI functions, including AI agents. Now, whether you're riding the AI wave or not, there's one thing that's hard to ignore, and that's the number of security risks that using browsers with AI agents has introduced.

While there are plenty of reasons to avoid AI browsers like Comet, they can also be extremely helpful at giving users the ability to approach web browsing from a different direction. However, one major security risk has stood out above the rest: the fact that AI agents like those used in browsers like Atlas and Comet can be thwarted and overridden with the use of prompt injections. That can allow bad actors to take control of an AI agent or intercept information and data, and the user might not ever know it happened.

Perplexity's latest development, a new system called BrowseSafe, is designed to detect and prevent these types of attacks impacting AI browser agents. And, if picked up by other browsers, perhaps the system could make AI agents and AI browsers more feasible and safe to use in the long run.

According to Perplexity's post about the new system, it's designed around a special "defense architecture" that builds off benchmarks and a new detection model. These components are  meant to come together in a way that not only secures AI agents, but secures them specifically for the "open-world web environment." To be frank, these improvements could not have come at a better time — aside from when the models were first released — as new methods with which to break and exploit AI products and services pop up every week. Not only have researchers repeatedly proven that they can take control of different systems using AI — they once took control of a smart home using Gemini and Google Calendar — but they have also used AI to break AI.

In order to make BrowseSafe a viable security system, Perplexity put together a ton of research on all of the known attack vectors. They used that information to help create a benchmark, which was paramount in training a real world detection model. This model has to run asynchronously alongside AI agents, and Perplexity says it has fine-tuned the model to do just that.

Of course, whether or not this new system will be widely adopted is another conversation entirely. There's also the question of just how long it will take bad actors to come up with ways to circumvent the system, as security researchers are constantly finding new threats out in the wild.