Predictable budgets and on-demand defensive agentic AI are normally incompatible but can now be aligned.
CISOs are facing a major and self-perpetuating problem. Economic business pressures lead to insufficient security budgets, resulting in smaller than optimum security teams. This lower headcount causes an increased reliance on security automation for efficiency. That automation will inevitably and increasingly include the use of agentic AI. But agentic AI can be expensive to use, causing further and unpredictable pressure on the tight budget that is the original problem.
The only solution is very tight control over expenditure – but the autonomous nature of defensive agentic AI, and the increasing number of attacks made possible through improving frontier AI models (currently typified by Claude Mythos) makes this impossible to predict. The CISO’s defensive use of AI is charged by the number of input and output AI tokens used in the process (a token is similar but not exactly the same as a word) – but when attacked by multiple adversaries simultaneously, the CISO is required to unleash the full unrestricted capabilities of in-house agentic defense, resulting in an unpredictable demand on AI tokens.
Put simply, the cost of defense is increasingly out of control. It increases with the number of attacks, any inefficiency in the in-house agents, and any unexpected occurrence of a never-ending loop in the agent – none of which can be controlled by the CISO, and all of which, by all predictions, will increase rapidly over the next few years.
There are usually various AI token payment options available – but the bottom line is that if the CISO has no remaining budget, agentic AI defense can no longer be used and the CISO must rely on a depleted workforce. A worst case scenario would be a metered pre-payment that could be maxed out midway through an attack. Further use of the AI can simply be halted in its tracks – an additional cost with no effect on the attack.
On April 28, 2026, Sevii launched a new Cyber Swarm Defense (CSD) mode within its autonomous defense and remediation (ADR) platform. This mode doesn’t charge by token usage but instead charges by asset protected.
“People have finite budgets, and budget spend must be predictable,” explains Curt Aubley, CEO and founder at Sevii. “In our view, our Cyber Warriors [Sevii’s name for its own agents] become an extension of the customer’s team. We don’t charge AI token costs – we charge per asset protected. So, there’s a firm fixed price cost, say, $50 a year to protect a laptop, or an identity, or a cloud asset. It doesn’t matter how many attacks come in, our ADR platform works with and for the customer without charging more and for more AI tokens.”
This approach will become more attractive when the expected storm of attacks driven by ever-improving AI foundation models fully breaks. If the customer company experiences multiple simultaneous attacks from multiple attackers, the Sevii platform will automatically spin up as many ‘Cyber Warriors’ as are needed – but without increasing the cost.
CSD also offers built-in governance through Sevii’s Myrmidon Defense Technology. It allows customers to control when Autonomous CSD Mode is activated. Customers can set their remediation service level objective, which determines when ADR will dynamically deploy Agentic AI Cyber Warrior agents at scale.
While this could automatically remediate problems caused by an attack, not all assets are of equal criticality. Lower value assets (with nil or limited blast radius) can be remediated automatically. But critical assets can be protected and set aside for manual remediation by the in-house security experts. With the predictable cost from Sevii, the CISO is better able to control the budget and ensure that sufficient high level analysts can remain in-house to perform any necessary critical remediation through human cognition.
“This is a game changer,” suggests Frank Holt, CEO at Synergem Technologies. “Cyber performance matters. Organizations can now economically meet their cyber goals of a sub 15 minute full remediation, even when defending against cyberattack swarms, at a firm fixed price per asset protected. This provides the predictable budgeting that security leaders need, without hiring more team members, outsourcing to an MDR, or worrying about AI budget exhaustion mid-incident.”
Related: ‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats
Related: The New Rules of Engagement: Matching Agentic Attack Speed
Related: Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw
Related: Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation
