The Trust Fabric: A four-layer architecture for governing AI agents
The Trust Fabric, a four-layer architecture for governing AI agents
The 51-Point Gap: Why Enterprise AI Security Doesn't Match Adoption
Fifty-five percent of enterprises run agentic AI. Four percent are confident in their security posture. The 51-point gap is the runtime governance market, and the reasons it exists explain why workflow and identity governance alone do not close it.
Six Intelligence Agencies Just Published the Runtime Governance Spec
NSA, CISA, ASD's ACSC, Canadian Cyber Centre, NCSC-NZ, NCSC-UK. Thirty pages. The recommended controls map directly to the runtime plane that workflow platforms do not address.
Why We Open-Sourced Shield
Agents in Cursor and Claude Code run tool calls you never see in a PR. DROP DATABASE in a generated migration. rm -rf in a cleanup script. Shield blocks the destructive operations before they execute, and we open-sourced it under Apache 2.0.
Runtime Plane vs Workflow Plane: The New AI Governance Split
Microsoft and ServiceNow both claimed the workflow plane in five days. The runtime plane is still open. Here is why that matters for enterprise AI procurement.
Two Weeks, Three Deals: The Agent Control Plane Is Being Assembled
ServiceNow Armis. Palo Alto Portkey. Cisco Astrix. In thirteen days the enterprise security incumbents stacked three deals onto the agent-era control plane. Each one occupies a different layer.
The Trust Fabric: Four Layers of Enterprise AI Governance
Workflow agent governance and runtime model governance are different categories with different buyers, different budgets, and different failure modes. The Trust Fabric integrates both.
ServiceNow Armis and the Agent-Era Control Plane
Cloud era split the control plane into three layers. Agent era is splitting the same way with different vendors. ServiceNow just spent $7.75B to own the middle layer. The bottom layer is still open.
SmartFlow Sovereign: Built for the EU AI Act
EU AI Act high-risk obligations take effect August 2, 2026. Most AI infrastructure produces some of the required evidence. Sovereign produces all of it, article by article, automated.
Cisco Told the World AI Must Be Governable. Here Is What That Actually Requires.
At NVIDIA GTC 2026, Cisco made a statement that should matter to every CISO and CIO in a
AI Agent Governance: MCP, A2A, and the New Attack Surface
AI agents are connecting to enterprise systems, executing transactions, and communicating with other agents. Each tool invocation is a data flow and a permission decision.
EU AI Act Compliance: What U.S. Enterprises Need to Know in 2026
The EU AI Act is the world's first comprehensive AI regulation, and its high-risk system provisions took effect in August 2025. This guide covers the key obligations for U.S. enterprises.