Galileo
Galileo is praised for its intuitive user interface and powerful data analysis capabilities, which users find significantly enhance their productivity. However, some complaints focus on occasional software bugs and the lack of comprehensive customer support. Users generally feel the pricing is fair for the features offered but suggest that more flexible tier options could cater to a wider range of needs. Overall, the reputation of Galileo is strong, with many considering it a reliable tool despite some areas for improvement.
Mentions (30d)
0
Reviews
0
Platforms
2
Sentiment
0%
0 positive
Galileo is praised for its intuitive user interface and powerful data analysis capabilities, which users find significantly enhance their productivity. However, some complaints focus on occasional software bugs and the lack of comprehensive customer support. Users generally feel the pricing is fair for the features offered but suggest that more flexible tier options could cater to a wider range of needs. Overall, the reputation of Galileo is strong, with many considering it a reliable tool despite some areas for improvement.
Features
Use Cases
Industry
information technology & services
Employees
130
Funding Stage
Merger / Acquisition
Total Funding
$68.1M
OWASP published its first Top 10 for AI Agents. 88% of enterprises already had agent security incidents last year. Here's the breakdown.
OWASP released the Top 10 for Agentic Applications in December 2025 - the first formal risk taxonomy for autonomous AI agents. Not chatbots. Not copilots. Agents that plan, use tools, maintain memory, and act without waiting for permission. Some numbers for context: * 88% of enterprises reported AI agent security incidents in the last 12 months (Gravitee survey, 919 respondents) * Only 21% have runtime visibility into what their agents are doing * 82% of enterprises have unknown agents in their environments (Cloud Security Alliance, April 2026) * 5.5% of public MCP servers contain poisoned tool descriptions. 84.2% attack success rate with auto-approval enabled. Here's the list with the real attacks behind each one: **ASI01 - Agent Goal Hijack:** Prompt injection for agents. Researchers showed this against GitHub's MCP integration - a malicious GitHub issue redirected a coding agent to exfiltrate data from private repos. The agent looked like it was working normally the whole time. **ASI02 - Tool Misuse:** A financial services agent was tricked into running a regex that matched every customer record. 45,000 records exported through one syntactically valid tool call. The agent had permission to query records - just not all of them at once. **ASI03 - Identity and Privilege Abuse:** Agents inherit user permissions and cache credentials. Compromise one agent in a delegation chain and you get the combined permissions of every user in that chain. **ASI04 - Supply Chain Compromise:** OX Security found 7,000+ vulnerable MCP servers and packages totaling 150M+ downloads affected by architectural flaws in Anthropic's MCP SDKs across Python, TypeScript, Java, and Rust. **ASI05 - Unexpected Code Execution:** Check Point demonstrated RCE in Claude Code through poisoned `.claude` config files in repos. Open the repo, agent reads the config, executes the payload with full developer permissions. **ASI06 - Memory Poisoning:** Galileo AI found that one compromised agent poisoned 87% of downstream decision-making within 4 hours in multi-agent systems. Morris-II showed self-replicating adversarial prompts spreading through RAG systems. Demonstrated live against ChatGPT, Gemini, and Claude. **ASI07 - Insecure Inter-Agent Comms:** Multi-agent systems coordinate via message buses and shared memory. No authentication = agent-in-the-middle attacks in natural language. **ASI08 - Cascading Failures:** Natural language errors pass validation checks that would catch malformed data in typed systems. One bad input ripples through the entire agent chain faster than humans can intervene. **ASI09 - Human-Agent Trust Exploitation:** Compromised agent presents a clean summary - "approve this data export." Human clicks OK. Audit trail shows human approval. Real origin was a manipulated agent. **ASI10 - Rogue Agents:** The insider threat equivalent for AI. Individual actions look legitimate. Only detectable through behavioral monitoring over time. The pattern: these are not independent risks. They form a kill chain. Goal hijack leads to tool misuse. Supply chain compromise enables code execution and memory poisoning. Trust exploitation is how rogue agents avoid detection. Full OWASP document [here](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/)
View originalPricing found: $0 /month, $0 /month, $100 /month, $100 /month
OWASP published its first Top 10 for AI Agents. 88% of enterprises already had agent security incidents last year. Here's the breakdown.
OWASP released the Top 10 for Agentic Applications in December 2025 - the first formal risk taxonomy for autonomous AI agents. Not chatbots. Not copilots. Agents that plan, use tools, maintain memory, and act without waiting for permission. Some numbers for context: * 88% of enterprises reported AI agent security incidents in the last 12 months (Gravitee survey, 919 respondents) * Only 21% have runtime visibility into what their agents are doing * 82% of enterprises have unknown agents in their environments (Cloud Security Alliance, April 2026) * 5.5% of public MCP servers contain poisoned tool descriptions. 84.2% attack success rate with auto-approval enabled. Here's the list with the real attacks behind each one: **ASI01 - Agent Goal Hijack:** Prompt injection for agents. Researchers showed this against GitHub's MCP integration - a malicious GitHub issue redirected a coding agent to exfiltrate data from private repos. The agent looked like it was working normally the whole time. **ASI02 - Tool Misuse:** A financial services agent was tricked into running a regex that matched every customer record. 45,000 records exported through one syntactically valid tool call. The agent had permission to query records - just not all of them at once. **ASI03 - Identity and Privilege Abuse:** Agents inherit user permissions and cache credentials. Compromise one agent in a delegation chain and you get the combined permissions of every user in that chain. **ASI04 - Supply Chain Compromise:** OX Security found 7,000+ vulnerable MCP servers and packages totaling 150M+ downloads affected by architectural flaws in Anthropic's MCP SDKs across Python, TypeScript, Java, and Rust. **ASI05 - Unexpected Code Execution:** Check Point demonstrated RCE in Claude Code through poisoned `.claude` config files in repos. Open the repo, agent reads the config, executes the payload with full developer permissions. **ASI06 - Memory Poisoning:** Galileo AI found that one compromised agent poisoned 87% of downstream decision-making within 4 hours in multi-agent systems. Morris-II showed self-replicating adversarial prompts spreading through RAG systems. Demonstrated live against ChatGPT, Gemini, and Claude. **ASI07 - Insecure Inter-Agent Comms:** Multi-agent systems coordinate via message buses and shared memory. No authentication = agent-in-the-middle attacks in natural language. **ASI08 - Cascading Failures:** Natural language errors pass validation checks that would catch malformed data in typed systems. One bad input ripples through the entire agent chain faster than humans can intervene. **ASI09 - Human-Agent Trust Exploitation:** Compromised agent presents a clean summary - "approve this data export." Human clicks OK. Audit trail shows human approval. Real origin was a manipulated agent. **ASI10 - Rogue Agents:** The insider threat equivalent for AI. Individual actions look legitimate. Only detectable through behavioral monitoring over time. The pattern: these are not independent risks. They form a kill chain. Goal hijack leads to tool misuse. Supply chain compromise enables code execution and memory poisoning. Trust exploitation is how rogue agents avoid detection. Full OWASP document [here](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/)
View originalYes, Galileo offers a free tier. Pricing found: $0 /month, $0 /month, $100 /month, $100 /month
Key features include: Solve the AI measurement problem, Accelerate your deployments, Turn complexity into confidence, Deploy how you want, Ready to ship with confidence?.
Galileo is commonly used for: Monitoring application performance, Tracking user engagement metrics, Analyzing system health, Identifying bottlenecks in workflows, Optimizing resource allocation, Ensuring compliance with regulations.
Galileo integrates with: AWS CloudWatch, Google Cloud Monitoring, Datadog, Prometheus, Grafana, Slack, Jira, PagerDuty, New Relic, Azure Monitor.
Ben Thompson
Founder at Stratechery
1 mention
Meet Agent Control: Centralized Governance for Every Agent in Your Stack
Mar 25, 2026
