Cyber-security and backup company Rubrik has an Agent Rewind offering that enables customers to undo mistaken agentic AI changes to applications and data by providing visibility into agents’ actions and an undo capability.
The technology behind it comes from Rubrik’s acquisition of AI agent development startup Predibase in June. Agentic AI systems will be able to independently execute tasks, modify data, or alter IT configurations to achieve their goals, potentially introducing risks to system stability, data integrity, and compliance. Johnny Yu, Research Manager at IDC, is quoted by Rubrik: “Agentic AI introduces the concept of ‘non-human error,’ and as with its human counterpart, organizations should explore solutions that allow them to correct potentially catastrophic mistakes made by agentic AI.”
Anneka Gupta, Chief Product Officer at Rubrik, stated: “As AI agents gain autonomy and optimize for outcomes, unintended errors can lead to business downtime. Agent Rewind integrates Predibase’s advanced AI infrastructure with Rubrik’s recovery capabilities to enable enterprises to embrace agentic AI confidently. Today’s organizations will now have a clear process to trace, audit, and safely rewind undesired AI actions.”
Last month a rogue Replit AI agent inexplicably deleted a company’s database, despite a code and action freeze being in place.
Rubrik says “Agent Rewind makes previously opaque AI actions visible, auditable, and reversible, creating an audit trail and immutable snapshots that facilitate safe rollback. Current observability tools only show what happened, but not why or how to reverse high-risk actions.”
As we understand it, an agentic AI setup, a collection of interacting agents, can make changes to the state of IT infrastructure components. For Agent Rewind functionality to work reliably, every change has to be detected along with the change agent’s identity, time-stamped, captured and stored in an immutable form. We are talking about continuous agent action backup. And we are also implying that agents are made to have their actions be observable.
Then, an unwarranted or undesirable change has to be detected and its scope and cause understood. The next step is to identify the clean starting state before the change and roll back the changes, rewind, to that clean state. Preferably with minimal downtime, and without the rogue agents trying to reinstate the changes they made.
A rewind function can only roll back changes to IT infrastructure components that have been made by co-operating and observable agents, that it has recorded and stored.
Rubrik says Agent Rewind features:
- Context-Enriched Visibility: View an inventory of your agents and identify high-risk ones. Surface agent behavior, tool use, and impact while contextualizing each action, mapping it back to its root cause, from prompts to plans to tools, to enable recovery when something goes wrong.
- Agent action audit – Trace agent actions from the agent to the data or application they have accessed from a store of agent action logs.
- Safe Rollback: Uses Rubrik Security Cloud to rewind what changed, whether that’s files, databases, configurations, or repositories.
- Broad Compatibility: Will integrate seamlessly with a wide range of platforms, APIs, and agent builders, including Agentforce, Microsoft Copilot Studio, and Amazon Bedrock Agents, and will be compatible with any custom AI agent.
Read more in a Rubrik blog and watch a demo here. General Agent Rewind availability will be in Autumn (the Fall) this year.
Comment
Rubrik is the first of the cyber-resilient, data protectors we follow to have introduced this rogue agent action recovery technology. It told us: “Today, there are no direct competitors as Agent Rewind is the only solution offering unique ‘rewind’ capabilities. Rubrik is pioneering this functionality, providing the ability for true data reversibility, which is not offered by existing solutions.”
We expect others to follow close behind. We understand that suppliers like Trend Micro, Accenture, and Broadcom emphasize monitoring, simulation, and controlled environments (e.g., digital twins, zero trust models) that could support reversibility if paired with robust logging and backup systems. That sounds like a partnership opportunity for our set of data protecting, cyber-resilience suppliers.
