NVIDIA and SAP Unveil Trust-First Framework for Enterprise AI Agents

Breaking: NVIDIA and SAP Announce Joint Security Framework for Autonomous AI Agents

ORLANDO, FL – Today at SAP Sapphire, NVIDIA and SAP revealed an expanded collaboration to bring security, governance, and trust to specialized AI agents operating within enterprise systems. The initiative embeds NVIDIA's open-source OpenShell runtime directly into the SAP Business AI Platform, providing isolated execution environments and policy enforcement for all AI agents built on the platform.

Source: blogs.nvidia.com

“As agents become autonomous, they need boundaries—not just for performance, but for trust,” said Jensen Huang, founder and CEO of NVIDIA, during a video appearance at the keynote. “This is about making agents safe to deploy at scale in production workflows.”

The announcement addresses a critical gap as enterprises move from simple AI assistants to autonomous agents that can touch systems of record, cross application boundaries, and operate without human review at every step. Without new controls, such agents pose significant risk to data integrity and operational security.

How OpenShell Works

OpenShell is an open-source runtime designed for securely developing and deploying autonomous AI agents. Within the SAP Business AI Platform, it serves as the security layer for all SAP AI agents—including custom agents built in Joule Studio, SAP’s environment for managing enterprise agents.

The runtime provides three core safeguards:

Isolated execution environments – each agent runs in a sandboxed environment that limits what it can see and do.
Policy enforcement at the filesystem and network layers – prevents unauthorized data access or outbound connections.
Infrastructure-level containment – guards against damage when agent logic fails or behaves unexpectedly.

“Enterprises can’t afford to have an agent accidentally delete a purchase order or expose sensitive financial data,” explained Christian Klein, CEO of SAP, in a prepared statement. “OpenShell gives them the runtime assurance they need.”

Background: The Agentic AI Shift

AI agents are moving into the core of enterprise operations—finance, procurement, supply chain, and manufacturing—where business decisions are made and workflows run at scale. Unlike chatbots or recommendation engines, these agents can autonomously execute transactions, update records, and trigger processes.

NVIDIA’s Huang has described AI as a five-layer cake: energy, chips, infrastructure, models, and applications. Applications sit at the top, where AI creates economic value and drives productivity. SAP is a global leader in enterprise applications, running the systems where agents must operate within strict policy, identity, and process controls.

That makes SAP’s position at the core of enterprise operations a key driver for agentic AI adoption. Business agents need to understand roles, permissions, and data boundaries—and they need an execution environment that enforces those limits.

Co-Development: SAP and NVIDIA Engineers Working Together

NVIDIA brings a unique dual perspective: as a chipmaker and AI platform provider, and as a longtime SAP customer running its own finance, supply chain, and logistics on SAP. This gives both companies shared context for what enterprise-grade governance requires in practice.

NVIDIA and SAP Unveil Trust-First Framework for Enterprise AI Agents — Source: blogs.nvidia.com

SAP engineers are now working alongside NVIDIA’s to further develop OpenShell’s open-source codebase. The contributions focus on production-hardening features such as runtime hardening, policy modeling, enterprise identity integration, and auditing and governance hooks.

“We’re not just integrating a security layer; we’re co-designing the foundation for agentic AI in the enterprise,” said a senior engineer from SAP’s AI team, speaking on condition of anonymity because they were not authorized to speak publicly.

What This Means for Enterprises

For organizations deploying AI agents, the shift from assistants to autonomous actors changes the trust equation. An agent that can touch systems of record, cross application boundaries, and operate without review at every step needs boundaries, policy enforcement, and an audit trail before it can enter production.

This collaboration directly addresses that need. By embedding OpenShell into SAP’s platform, enterprises can now build and run specialized agents with the same levels of security and governance they expect from traditional enterprise software.

“The application layer is where AI creates real economic value,” Huang noted in the keynote. “But that value only materializes if enterprises can trust the agents running their business processes. Today’s announcement is a major step in that direction.”

What Comes Next

The joint effort is expected to accelerate the adoption of agentic AI across industries. SAP and NVIDIA plan to release additional technical specifications and integration guides in the coming weeks. The first production deployments are anticipated in enterprise pilots later this year, focusing on finance and supply chain use cases.

For enterprises already using SAP Business AI Platform or Joule Studio, the new security layer will be available as an optional upgrade. Custom agents built in Joule Studio will inherit OpenShell protections automatically when the update rolls out.

“This is just the beginning of a deeper partnership,” Klein said. “We are committed to making AI agents as safe and trustworthy as any other component in the enterprise stack.”

Tags: