If your company is wondering whether to try new AI‑powered, “agentic” web browsers like ChatGPT Atlas, Perplexity Comet, or Dia, here’s the short answer: don’t, not yet. Due to agentic browser security (or lack thereof), our current recommendation is for companies to avoid these tools until further notice. Below is the why and what to do instead.
What is an “agentic” browser and why does it matter?
Agentic browsers use AI to read pages and take actions for you, such as opening websites, filling forms, or sending emails. That convenience introduces new risks: the AI could be tricked by a malicious page into taking actions you didn’t intend or copy out sensitive data it can see on your screen.
For life science and biotech teams working with research data, IP, PHI, and confidential information, the stakes are high. Until the ecosystem matures and stronger safeguards are proven, it’s safer to hold off.
The Potential of Agentic Browsers
Agentic browsers could be terrific co‑pilots for the web. They can help you research, complete repetitive forms, and converse about information across tabs. However, the same autonomy that can offload a mountain of web busywork also introduces risk. To use it safely, the ecosystem needs sturdy guardrails.
OpenAI says ChatGPT Atlas ships with guardrails like no code execution, no file downloads or extension installs, and no access to other desktop apps or your file system. They also state that Atlas has undergone heavy red‑teaming, including user confirmations and a “watch mode” in risky contexts (source). That is great to see for agentic browser security, but it’s early days. Even OpenAI notes that agents remain susceptible to hidden malicious instructions and that its safeguards “will not stop every attack.” Until these protections prove themselves at scale and we feel confident in their ability to reduce zero-day vulnerabilities, we recommend a conservative approach to your company’s work.
What AI should you use?
Currently, we believe Microsoft Copilot is the safest and simplest enterprise AI option to implement. It is not an agentic browser. Instead, Microsoft Copilot runs inside your Microsoft 365 tenant, enforces existing Entra ID identities and permissions via Microsoft Graph, encrypts prompts and responses, and does not use tenant data to train foundation models. Copilot allows your employees to use AI that is aligned with your compliance posture while boosting productivity. If your company does not work in Microsoft 365, we can also deploy ChatGPT Enterprise and custom AI in controlled, compliant ways.
Our recommendations
- Stick with standard browsers. Keep using Edge, Chrome, Firefox, Safari in normal mode.
- Don’t enable AI pop‑ups in your browser without approval from your IT or security team.
- Skip agentic tools (for now). If a browser or extension claims it can take actions for you, treat it as unapproved.
- Use approved AI instead. Ask about secure, enterprise options such as Microsoft Copilot or custom AI solutions configured with your company’s data protections.
- When in doubt, ask. If you’re unsure whether a tool is safe, send it to your IT/security team before installing or turning it on.
Bottom line: For strong security, avoid AI‑powered browsers for now and stick to standard browsers without enabling new AI features. We will let you know when it’s safe to revisit.
What’s next from us
We will continue to share practical guides covering safe AI use, getting the most out of AI tooling, and how to responsibly adopt AI inside your organization. If you’re interested in hearing more about what we recommend to companies expanding their AI strategy, check out our AI strategy webinar recap.
Need a quick check of your environment or guidance on secure AI options?
Reach out and our team will review your system and recommend a safe path forward!
Related
