Agentic AI Weekly Roundup: Control, Identity and Real Deployment Came Into Focus

This week in agentic AI, the enterprise conversation moved further away from novelty and towards operational control. The strongest signals came from identity vendors, security platforms, cloud infrastructure providers, governance bodies and live sector deployments.

The message for buyers is practical: useful agents need access to tools, data and systems of record. That makes identity, authorisation, runtime controls, auditability and deployment evidence central to procurement. For suppliers, the bar is no longer whether an agent can complete a task in a demo. It is whether that agent can be governed, secured and measured inside a real business.

1. Enterprise deployment became more vertical and transactional

Travelport, Cognizant and Anthropic announced a collaboration to modernise Travelport's travel retailing and distribution technology using Claude. The stated aim is to connect AI systems that can reason and plan with platforms that can transact, including travel booking workflows that involve airlines, hotels, travel management companies and online agencies.

This is a useful example because travel technology is not a lightweight test bed. It involves legacy systems, complex itineraries, commercial rules, customer intent and transaction confirmation. The interesting signal is not only that AI is being used in software engineering, but that the deployment is being framed around closing the gap between AI-driven intent and fulfilment.

Why it matters: enterprise buyers should look for agent deployments tied to specific operational outcomes, not generic productivity claims. Suppliers selling into regulated or transaction-heavy markets need to show how agents connect reasoning to execution without losing control, accuracy or accountability.

2. Agent platforms moved towards build, govern and optimise

Kore.ai launched Artemis, a new generation of its enterprise agent platform, positioning it around building, governing and optimising agents, systems and workflows across the enterprise. Coverage of the launch highlighted production-ready multi-agent systems, observability and controls before agents go live.

Alibaba Cloud also unveiled an expanded agentic AI ecosystem at its Qwen Conference in Singapore. Its announcements included model and infrastructure updates, a Skills portal for cloud capabilities in MCP-compatible formats, Qwen Cloud and the JVS Agent Suite for building and running enterprise-grade agents.

Why it matters: buyers are being asked to choose platform layers, not isolated tools. The core questions are where agents run, how they invoke skills, how cloud resources are exposed, how governance is enforced and whether agent work can be observed over time. Suppliers need to explain their place in the stack with much more precision.

3. Identity and data access became the centre of agent security

Ping Identity announced new capabilities for what it calls the agentic enterprise, including programmable identity, agent discovery and governance, and privileged access for desktop agents without exposing secrets. Ping's framing is important: agents are becoming first-class actors that need lifecycle governance, ownership, policy enforcement and auditability.

TrustLogix announced the next generation of TrustAI with intent-based authorisation, an MCP Data Gateway, behavioural oversight, identity propagation and a runtime kill switch for agent data access. SAFE also launched AI Security Posture Management, designed to give security teams visibility across AI activity, configuration, external exposure, compliance evidence and contracts.

Why it matters: enterprise security teams cannot rely on prompt inspection alone. Agents need least-privilege access, human ownership, secret protection, data-layer enforcement and the ability to stop unsafe behaviour quickly. For suppliers, security evidence needs to cover identity, access and runtime behaviour, not only model safety.

4. Funding followed the governance gap

Geordie AI announced a $30 million Series A led by Balderton Capital, with participation from existing investors General Catalyst and Ten Eleven, plus Crosspoint Capital. The company positions itself around security and governance for autonomous AI agents, including visibility into which agents exist, what they can access, how they behave and the risks they create.

The funding story fits the wider market pattern. As agent adoption spreads across functions, enterprises are discovering that existing inventories, access reviews and monitoring tools were not designed for autonomous systems that can plan, connect tools and take action across environments.

Why it matters: capital is flowing towards the operational gaps created by agent adoption. Buyers should expect more specialised vendors around agent discovery, runtime governance, behavioural observability and remediation. Suppliers should be ready for procurement teams to ask how their agents appear in those control planes.

5. Governance guidance is becoming more practical

Singapore's IMDA updated its Model AI Governance Framework for Agentic AI with industry feedback and practical case studies. Reporting on the update noted additional guidance on multi-agent systems, third-party agents and automation bias, while reinforcing human accountability.

That direction matters because agentic AI governance is moving beyond policy statements. The questions are increasingly concrete: what tasks can the agent perform, which tools can it use, when is human approval required, how are delegation chains monitored and how are incidents reviewed after deployment?

Why it matters: enterprise buyers need governance that maps to real workflow design. Suppliers should prepare clear documentation on autonomy boundaries, tool permissions, human checkpoints, logs, third-party dependencies and post-deployment monitoring.

The Agentic Expo takeaway

This was a serious infrastructure week. The credible stories were not about ever-larger claims of autonomy. They were about getting agents into business systems with the controls required to make that useful.

For buyers, the shortlist should now include identity, access, runtime governance, data controls, observability and deployment evidence. For suppliers, the market is becoming less forgiving of vague agent language. The strongest products will be the ones that can act, explain, be stopped, be audited and fit into the enterprise stack buyers already run.