Agentic AI Weekly Roundup: Enterprise Agents Get Their Control Layer

This week in agentic AI, the market kept moving away from isolated assistants and towards the infrastructure that lets agents operate inside real businesses. The clearest themes were managed runtimes, open standards, secure execution, governance, collaborative workspaces and live enterprise deployment.

For enterprise buyers, the message is practical: agents are becoming useful enough to touch systems, files, workflows and data. That makes control, identity, monitoring and evidence more important than ever. For suppliers, the winning story is shifting from what an agent can do in a demo to how safely and reliably it can act in production.

1. Google pushed agents deeper into managed platform infrastructure

Google used I/O 2026 to introduce Managed Agents in the Gemini API. Google says developers can use a single API call to spin up agents that reason, use tools and execute code in isolated, ephemeral Linux environments, powered by the Antigravity agent and Gemini 3.5 Flash.

Google Cloud also positioned the Managed Agents API within its wider Agent Platform story, alongside Gemini Enterprise, Gemini Spark, Antigravity and CodeMender. The enterprise signal is clear: cloud providers are no longer just supplying models. They are trying to own more of the agent execution layer.

Why it matters: buyers need to evaluate where agents run, how they are sandboxed, what data crosses the runtime boundary, how logs are exposed and whether agent logic stays portable. Suppliers should expect more procurement scrutiny around runtime architecture, not only model performance.

2. The enterprise agent stack became more concrete

Boomi and Red Hat announced a collaboration to deliver an integrated stack for production-ready agentic AI. The announcement brings together Boomi Agentstudio, Agent Control Tower, Gateway and orchestration with Red Hat AI across hybrid cloud environments.

The important detail is the problem statement. The companies describe enterprises trying to stitch together agent builders, orchestration, governance platforms, model providers, integration middleware and security infrastructure. That fragmentation is becoming one of the main blockers to production adoption.

Why it matters: enterprise buyers are moving from agent experiments to stack decisions. They need live trusted data, policy controls, observability, infrastructure flexibility and cost management. Suppliers that can explain where they sit in that stack will be easier to buy than those selling autonomy in isolation.

3. Open standards and secure runtimes moved up the governance agenda

The Agentic AI Foundation, a Linux Foundation project, added 43 new members, bringing total membership to 190 organisations. New members include F5, GoDaddy, Stripe and TRON as Gold Members, with further participants from enterprise technology, infrastructure, academia, government and national laboratories.

At the same time, NVIDIA and ServiceNow expanded their enterprise AI collaboration around Project Arc, a long-running autonomous desktop agent connected to the ServiceNow AI Platform through Action Fabric and AI Control Tower. NVIDIA says Project Arc uses OpenShell, an open source secure runtime for sandboxed, policy-governed autonomous agents.

NVIDIA also published guidance on verified agent skills, describing skills that are catalogued, scanned, signed and documented with skill cards. That moves governance into the capability layer, not only the runtime layer.

Why it matters: agents need standards for how they connect, identify themselves, use tools, log actions and respect policy. Buyers should ask suppliers which standards they support, how agent identity is handled and how actions are contained. Suppliers need credible answers on interoperability, auditability, skill provenance and runtime controls.

4. Security guidance caught up with production agent risk

AWS published an AI Security Framework that explicitly includes agentic identity, fine-grained access, guardrails, threat detection, data classification, AI-specific monitoring and automated governance across maturity phases from prototype to scale.

The framework's core principle is that organisations are not adding security to AI, they are building AI on top of security. That framing fits the agentic AI market particularly well. Once agents can act across tools, workflows and data, security can no longer be bolted on after a pilot has already spread.

Why it matters: buyers should create controls before agent adoption fragments across departments. That means identity, least-privilege access, monitoring, incident response, data classification and red-teaming before agents handle sensitive work. Suppliers should prepare security evidence that maps to existing enterprise controls.

5. Funding and deployment evidence showed where adoption is heading

Dust announced a $40 million Series B led by Abstract and Sequoia, with participation from Snowflake Ventures and Datadog. Dust frames its platform around multiplayer AI, where humans and agents collaborate across shared context, tools, conversations, tasks and goals instead of keeping AI work trapped inside private one-user chats.

EY also published a case study on building an enterprise-scale agentic AI operating system. EY describes an internal platform that unifies intelligence, orchestration, data, workflows, governance and domain experience, with a requirement to support autonomous multistep workflows at a scale of 400,000+ people.

Why it matters: the market is rewarding products and architectures that make agents operational across teams. Buyers should look for shared context, permissions, audit trails, cost monitoring and deployment evidence. Suppliers should show how their agents compound value across an organisation, not just for one user at a time.

The Agentic Expo takeaway

This was a control-layer week. The most credible signals were not about bigger claims of autonomy. They were about where agents run, how they connect, who governs them, how they are secured and whether they can operate inside real enterprise systems.

For enterprise buyers, that means the shortlist should include deployment architecture, identity, governance, security, observability and integration depth. For suppliers, the bar is rising. Market-ready agents need to act, but they also need to be managed, measured and trusted.