#Japan #Tokyo #AI Security #FlashLabs #OrcaRouter

Introduction

As the digital landscape rapidly evolves, the need for robust security measures becomes increasingly critical. FlashLabs, a Tokyo-based technology firm, has stepped up to the plate by announcing the launch of its AI security solutions—OrcaRouter Firewall and Guardrails—offered completely free of charge. This initiative is designed to protect businesses from the emerging threats posed by AI agent vulnerabilities, especially in the context of social engineering attacks.

Understanding the Context

FlashLabs has grounded its latest security offerings on insights from the just-released 'AI Threat Report 2026.' This annual report highlights the alarming transition of AI agents becoming prime targets for social engineering attacks. Unlike in previous years, where human users were the main focus of these attacks, the latest trends indicate that AI agents themselves are now the primary vulnerability.

The report indicates a stark reality: in 2025, a reported vulnerability known as EchoLeak (CVE-2025-32711) demonstrated how AI agents could inadvertently expose sensitive information by following instructions in phishing emails, even without user interaction—a scenario known as zero-click data leakage. Additionally, the report reveals that on average, attackers can fully compromise deployed large language model (LLM) applications in just 42 seconds, with 97% of affected organizations lacking adequate access controls.

Offering of OrcaRouter

To counter this alarming trend, FlashLabs decided to make its advanced security functionalities universally accessible to developers. The newly introduced OrcaRouter Firewall and Guardrails provide essential layers of defense without requiring any changes to existing application codes. Below are the key offerings:

1. OrcaRouter Guardrails (Content Protection)

• - Real-time Screening: Continuously monitors all prompts (inputs) and responses (outputs).
• - Prompt Injection Defense: Detects and blocks malicious inputs attempting to overwrite model instructions.
• - PII Detection and Masking: Safeguards against the leakage of personal identifiable information such as names and credit card details.
• - Secret and API Key Blocking: Prevents unintended data exposure of authentication credentials at the gateway level.

2. OrcaRouter Firewall (Action Protection)

• - Tool Invocation Control: Blocks access to any unauthorized tools or Model Context Protocol (MCP) servers.
• - Network Egress Restrictions: Default settings to deny data transmission to untrusted hosts.
• - Cost Cap Management: Implements spending limits per agent to counteract denial-of-wallet attacks, designed to safeguard organizations from financial exploitation.

Advantages for Businesses

Implementing the OrcaRouter solution doesn’t require any code modifications. By simply changing the endpoint URL if using existing OpenAI SDKs, organizations can benefit from these protections almost immediately. FlashLabs emphasizes that the OrcaRouter solutions also align seamlessly with the EU AI Act requirements on transparency, robustness, and cybersecurity standards set to take effect in August 2026.

Furthermore, the solutions have been validated against over 80 red team corpora using global benchmarks such as HarmBench and JailbreakBench, ensuring continual scoring of defensive performance.

Closing Thoughts

Yōichi Hoso, CEO of FlashLabs, stated, "In 2025, AI became an attack surface. In 2026, we make defenses available for free. Given that AI agents can autonomously act, security should no longer be an optional layer. Our OrcaRouter provides developers the infrastructure to safely deploy AI agents in society, ensuring that the benefits of AI are maximized first through reliable security measures.”

About FlashLabs

FlashLabs is dedicated to automating sales and customer experience with a vision to guide organizations toward self-regulation. By merging machine processing speed and accuracy with human strategic insights, they aim to deliver exceptional outcomes that surpass traditional methods.

For more details regarding the OrcaRouter service, please visit FlashLabs' official website.