As specialized AI agents begin handling critical enterprise tasks in finance, procurement, supply chain, and manufacturing, the need for robust security and governance grows. NVIDIA and SAP have expanded their collaboration to address this challenge, embedding trust directly into the runtime environment where these agents operate. Here's a closer look at how their partnership is shaping the future of agentic AI in business.
What is the collaboration between NVIDIA and SAP announced at SAP Sapphire?
At SAP Sapphire, NVIDIA founder Jensen Huang joined SAP CEO Christian Klein's keynote via video to announce an expanded collaboration. The core of this partnership is embedding NVIDIA OpenShell—an open source runtime for securely developing and deploying autonomous AI agents—into the SAP Business AI Platform. This integration provides a security layer for all SAP AI agents, including custom ones built in Joule Studio, SAP's environment for building end-to-end enterprise agents. By combining NVIDIA's expertise in AI infrastructure with SAP's dominance in enterprise applications, the two companies aim to bring enterprise-grade governance to agentic AI.
How does OpenShell provide security for AI agents?
OpenShell creates isolated execution environments for AI agents, enforcing policies at both the filesystem and network layers. This infrastructure-level containment ensures that if an agent's logic fails or behaves unexpectedly, the damage is limited and cannot spread across the system. Within the SAP Business AI Platform, OpenShell acts as the runtime security layer, meaning every action an agent takes is subject to predefined boundaries. This includes policy enforcement, identity verification, and detailed audit trails. The result is a trusted environment where agents can operate autonomously without compromising enterprise security.
Why does the shift from AI assistants to autonomous agents change the trust equation?
Unlike simple AI assistants that provide recommendations, autonomous agents can directly touch systems of record, cross application boundaries, and execute actions without human review at every step. This increased autonomy raises the stakes for trust. Enterprises need clear boundaries, enforceable policies, and comprehensive audit trails before allowing an agent to operate in production. Without these safeguards, an errant agent could cause significant damage. The NVIDIA-SAP collaboration directly addresses this by embedding OpenShell's security controls, ensuring that agents can be trusted to work within defined parameters while still delivering value.
How does SAP's position in enterprise applications matter for agentic AI?
NVIDIA's Jensen Huang describes AI as a five-layer cake: energy, chips, infrastructure, models, and applications. Applications sit at the top, where AI creates economic value. SAP, as a global leader in enterprise applications (finance, procurement, supply chain, manufacturing), is a key catalyst in this application layer. When AI agents operate within SAP's systems, they must respect roles, processes, permissions, and data boundaries. SAP's deep integration with core business workflows makes it uniquely positioned to enforce governance at the application level—something that's essential for enterprise adoption of agentic AI. The collaboration ensures that these agents run under proper policy and identity controls.
How are SAP and NVIDIA codesigning OpenShell together?
Both companies are actively contributing to the open source OpenShell project. NVIDIA brings its perspective as a longtime SAP customer, having run its own finance, supply chain, and logistics on SAP systems. This shared experience helps them understand real-world governance needs. SAP engineers are working alongside NVIDIA's team to develop features critical for production use: runtime hardening, policy modeling, enterprise identity integration, and auditing or governance hooks. By codesigning the runtime, they ensure OpenShell meets the specific requirements of large enterprises deploying autonomous agents at scale.
What are the key enterprise requirements for deploying trustworthy agentic AI?
To deploy agentic AI in production, enterprises need: runtime isolation to contain failures; policy enforcement at the filesystem and network layers; enterprise identity integration so agents respect user permissions; auditing and governance hooks for compliance; and runtime hardening against vulnerabilities. The SAP and NVIDIA collaboration addresses all these through OpenShell embedded in the SAP Business AI Platform. Additionally, since agents touch sensitive business data, they must understand roles, processes, and data boundaries. By providing these controls, the partnership enables organizations to safely move from AI assistants to autonomous agents that drive real productivity gains.