The most telling detail about NVIDIA’s NemoClaw announcement wasn’t the technology. It was the partner list. When Cisco, CrowdStrike, Microsoft Security and TrendAI are all building integrations with an agent runtime, a new infrastructure category has arrived.

A New Category Is Forming

For the past two years, the enterprise AI conversation has been about models — which one is best, which one is cheapest, which one your compliance team will approve. That conversation is shifting. Fast.

The emerging question is: what runtime governs how agents behave in production? And who controls it?

NVIDIA’s answer is OpenShell, the open source runtime inside NemoClaw that enforces policy-based security, network and privacy guardrails on autonomous agents. But the more interesting signal is that security vendors are rushing to integrate with it.

Cisco AI Defense is adding controls and guardrails to govern agent actions through OpenShell. CrowdStrike unveiled a Secure-by-Design AI Blueprint that embeds Falcon platform protection directly into NVIDIA agent architectures. Microsoft Security and TrendAI are both building OpenShell compatibility.

That’s not a product announcement. That’s a category formation.

Why Security Vendors Are Moving Now

The reason is straightforward. Autonomous agents — claws, as NVIDIA calls them — are fundamentally different from anything security tools were designed to protect.

A stateless chatbot has no meaningful attack surface. An always-on agent with persistent shell access, accumulated context, live credentials and the ability to install packages and spawn subagents is an entirely new class of endpoint.

Traditional endpoint security doesn’t understand agent behaviour. Network security can’t inspect model inference calls at the semantic level. Identity systems weren’t designed for software that evolves its own capabilities mid-session.

The security industry needs a new integration point. And the agent runtime is it.

The Integration Architecture

What makes OpenShell interesting as an integration surface is that it’s designed from the ground up for third-party security tools.

The sandbox provides isolated execution environments that agents can break without touching the host. The policy engine evaluates every action across filesystem, network and process layers — giving security tools granular telemetry about what agents are doing. The audit trail captures every allow and deny decision.

For a tool like CrowdStrike Falcon, that audit trail is a detection surface. For Cisco AI Defense, the policy engine is a control point. For compliance tools, the entire stack is an evidence source.

This is the same pattern we saw with container runtimes a decade ago. Docker and Kubernetes became the integration surface for an entire generation of cloud security tools. OpenShell is positioned to play the same role for agent security.

The Enterprise Platform Partners

The security integrations are only half the story. Look at the enterprise platforms building on NVIDIA Agent Toolkit, which includes OpenShell.

Atlassian is evolving its Rovo AI agentic strategy with OpenShell for Jira and Confluence. Box is using it to enable enterprise agents to securely execute long-running business processes against the Box file system. Salesforce is connecting Agentforce with Nemotron and Agent Toolkit for service, sales and marketing workflows. ServiceNow is building Autonomous Workforce AI Specialists on the same stack.

When the platforms your enterprise already runs on are building agent capabilities with a shared security runtime, the integration decision starts making itself.

What I’m Watching

Three things will determine whether secure agent platforms become a real enterprise category or just a GTC demo.

Adoption of the runtime, not just the models. Lots of enterprises will use Nemotron models. The question is whether they’ll adopt OpenShell’s governance layer. If security and compliance teams drive that decision — and in my experience, they increasingly do — the answer is probably yes.

Security vendor depth of integration. Announcing compatibility is one thing. Deep integration — where CrowdStrike can detect anomalous agent behaviour in real-time through OpenShell telemetry, for example — is another. The depth will determine the value.

Multi-vendor runtime interoperability. Right now OpenShell is the leading candidate for this role. But Microsoft, Google and others will have their own answers. The question is whether we get one open runtime standard or a fragmented set of proprietary ones. NVIDIA’s Apache 2.0 licensing suggests they’re betting on the former.

The Architecture Decision Ahead

For enterprise architects, the question isn’t whether to secure your agent deployments. It’s whether to build that security layer yourself or adopt one that’s already integrated with your existing security and platform vendors.

Building your own is viable for organisations with deep platform engineering teams. But the integration cost is real. Every security tool, every compliance check, every audit requirement needs a custom integration with your custom runtime.

Adopting an open standard like OpenShell gets you the security vendor integrations, the enterprise platform compatibility and the governance primitives out of the box.

I’m not saying every enterprise should deploy NemoClaw tomorrow. I am saying that the secure agent platform category exists now, it’s forming around real infrastructure, and your architecture plans need to account for it. The window for making deliberate decisions about agent governance is narrower than most teams realise.

• What NVIDIA NemoClaw Signals About the Future of Enterprise Agent Architecture
• How to Evaluate Agent Platforms in 2026 with Identity First in Mind
• Microsoft Agent Framework Foundry MCP and Aspire in Practice
• OpenAI’s $110B Raise and What It Changes in Enterprise AI Roadmaps
• OpenAI Just Bought Promptfoo. That’s a Bigger Deal Than Most People Realise