Skip to main content
EnforceAuth
Back to Blog
AI Security

NVIDIA Got a Standing Ovation for Building Half the Solution

OpenShell delivered strong runtime sandboxing at GTC. But once an AI agent is inside your enterprise, who decides what it's authorized to do? That question went unanswered.

EnforceAuth, Inc.4 min read

NVIDIA just got a standing ovation for building half the solution.

Everyone at GTC celebrated OpenShell.

Sandboxed agent runtimes. Policy-based guardrails. Network restrictions. File access controls.

Strong infrastructure. Genuinely.

But I kept waiting for someone to ask the obvious question.

And nobody did.

Who Decides What an AI Agent Is Authorized to Do?

Here it is:

Once that agent is running inside your enterprise — Salesforce Agentforce, SAP Joule, ServiceNow, pick one — who decides what it’s authorized to do?

Not what files it can see at the OS level.

What it’s authorized to do.

Can it access your customer data? Which records? Under what policy? With whose approval? Logged against which compliance framework? Continuously verified — not just at session start, but across every action it takes at machine speed?

OpenShell doesn’t answer those questions.

It was never designed to.

Runtime Sandboxing and Authorization Governance Are Different Problems

That’s not a criticism. Runtime sandboxing and authorization governance are different problems, solved at different layers of the stack. NVIDIA built a great runtime. What sits above that runtime — the authorization layer — is still missing.

Futurum Research said it plainly, days after GTC: enterprises treating OpenShell as sufficient governance will be underprotected.

We’ve Seen This Pattern Before

I’ve spent my career at the intersection of authorization and enterprise security. At Styra — before Apple acqui-hired them — I watched organizations confuse authentication for authorization, confuse safety for security, and confuse infrastructure for governance.

GTC just replayed that pattern at a much larger scale.

17 enterprise platforms. Every Fortune 500 that runs them. Thousands of new non-human identities — AI agents — operating at machine speed inside your environment.

The Authorization Gap Is Now a Fortune 500 Problem

No authorization layer above the runtime.

The CISO conversation that follows is not optional. The regulatory exposure under DORA and the EU AI Act is not theoretical.

The Authorization Gap just became a Fortune 500 problem overnight.

That’s the conversation nobody had at GTC.

Happy to have it with you.

EnforceAuth builds the authorization layer that sits above the runtime. If your agents are running without authorization controls, let’s talk.

About EnforceAuth

EnforceAuth is the AI Security Fabric for the agentic era. We provide decision-centric authorization across applications, infrastructure, data, and AI workloads. Write policy once. Enforce everywhere.

Follow us on LinkedIn

All posts