Nvidia and CrowdStrike launch security-first AI agents platform with 5x faster threat response

Nvidia's agentic AI stack is the first major platform to ship with security at launch, but governance gaps remain

For the first time on a major AI platform release, security shipped at launch -- not bolted on 18 months later. At Nvidia GTC this week, five security vendors announced protection for Nvidia's agentic AI stack, four with active deployments, one with validated early integration. The timing reflects how fast the threat has moved: 48% of cybersecurity professionals rank agentic AI as the top attack vector heading into 2026. Only 29% of organizations feel fully ready to deploy these technologies securely. Machine identities outnumber human employees 82 to 1 in the average enterprise. And IBM's 2026 X-Force Threat Intelligence Index documented a 44% surge in attacks exploiting public-facing applications, accelerated by AI-enabled vulnerability scanning. Nvidia CEO Jensen Huang made the case from the GTC keynote stage on Monday: "Agentic systems in the corporate network can access sensitive information, execute code, and communicate externally. Obviously, this can't possibly be allowed." Nvidia defined a unified threat model designed to flex and adapt for the unique strengths of five different vendors. Nvidia also names Google, Microsoft Security and TrendAI as Nvidia OpenShell security collaborators. This article maps the five vendors with embargoed GTC announcements and verifiable deployment commitments on record, an analyst-synthesized reference architecture, not Nvidia's official canonical stack. No single vendor covers all five governance layers. Security leaders can evaluate CrowdStrike for agent decisions and identity, Palo Alto Networks for cloud runtime, JFrog for supply chain provenance, Cisco for prompt-layer inspection, and WWT for pre-production validation. The audit matrix below maps who covers what. Three or more unanswered vendor questions mean ungoverned agents in production. The five-layer governance framework This framework draws from the five vendor announcements and the OWASP Agentic Top 10. The left column is the governance layer. The right column is the question every security leader's vendor should answer. If they can't answer it, that layer is ungoverned. Five-layer governance audit matrix. Three or more unanswered vendor questions indicate ungoverned agents in production. [runtime enforcement] = inline controls active during agent execution. [pre-deployment] = controls applied before artifacts reach runtime. [pre-prod validation] = proving-ground testing before production rollout. [AI Factory validated design] = Nvidia reference architecture integration, not OpenShell-launch coupling. CrowdStrike's Falcon platform embeds at four distinct enforcement points in the Nvidia OpenShell runtime: AIDR at the prompt-response-action layer, Falcon Endpoint on DGX Spark and DGX Station hosts, Falcon Cloud Security across AI-Q Blueprint deployments, and Falcon Identity for agent privilege boundaries. Palo Alto Networks enforces at the BlueField DPU hardware layer within Nvidia's AI Factory validated design. JFrog governs the artifact supply chain from the registry through signing. WWT validates the full stack pre-production in a live environment. Cisco runs an independent guardrail at the prompt layer. CrowdStrike and Nvidia are also building what they call intent-aware controls. That phrase matters. An agent constrained to certain data is access-controlled. An agent whose planning loop is monitored for behavioral drift is governed. Those are different security postures, and the gap between them is where the 4% error rate at 5x speed becomes dangerous. Why the blast radius math changed Daniel Bernard, CrowdStrike's chief business officer, told VentureBeat in an exclusive interview what the blast radius of a compromised AI agent looks like compared to a compromised human credential. "Anything we could think about from a blast radius before is unbounded," Bernard said. "The human attacker needs to sleep a couple of hours a day. In the agentic world, there's no such thing as a workday. It's work-always." That framing tracks with architectural reality. A human insider with stolen credentials works within biological limits: typing speed, attention span, a schedule. An AI agent with inherited credentials operates at compute speed across every API, database, and downstream agent it can reach. No fatigue. No shift change. CrowdStrike's 2026 Global Threat Report puts the fastest observed eCrime breakout at 27 seconds and average breakout times at 29 minutes. An agentic adversary doesn't have an average. It runs until you stop it. When VentureBeat asked Bernard about the 96% accuracy number and what happens in the 4%, his answer was operational, not promotional: "Having the right kill switches and fail-safes so that if the wrong thing is decided, you're able to quickly get to the right thing." The implication is worth sitting on. 96% accuracy at 5x speed means the errors that get through arrive five times faster than they used to. The oversight architecture has to match the detection speed. Most SOCs are not designed for that. Bernard's broader prescription: "The opportunity for customers is to transform their SOCs from history museums into autonomous fighting machines." Walk into the average enterprise SOC and inventory what's running there. He's not wrong. On analyst oversight when agents get it wrong, Bernard drew the governance line: "We want to keep not only agents in the loop, but also humans in the loop of the actions that the SOC is taking when that variance in what normal is realized. We're on the same team." The full vendor stack Each of the five vendors occupies a different enforcement point the other four do not. CrowdStrike's architectural depth in the matrix reflects four announced OpenShell integration points; security leaders should weigh all five based on their existing tooling and threat model. Cisco shipped Secure AI Factory with AI Defense, extending Hybrid Mesh Firewall enforcement to Nvidia BlueField DPUs and adding AI Defense guardrails to the OpenShell runtime. In multi-vendor deployments, Cisco AI Defense and Falcon AIDR run as parallel guardrails: AIDR enforcing inside the OpenShell sandbox, AI Defense enforcing at the network perimeter. A poisoned prompt that evades one still hits the other. Palo Alto Networks runs Prisma AIRS on Nvidia BlueField DPUs as part of the Nvidia AI Factory validated design, offloading inspection to the data processing unit at the network hardware layer, below the hypervisor and outside the host OS kernel. This integration is best understood as a validated reference architecture pairing rather than a tight OpenShell runtime coupling. Palo Alto intercepts east-west agent traffic on the wire; CrowdStrike monitors agent process behavior inside the runtime. Same cloud runtime row, different integration model and maturity stage. JFrog announced the Agent Skills Registry, a system of record for MCP servers, models, agent skills, and agentic binary assets within Nvidia's AI-Q architecture. Early integration with Nvidia has been validated, with full OpenShell support in active development. JFrog Artifactory will serve as a governed registry for AI skills, scanning, verifying, and signing every skill before agents can adopt it. This is the only pre-deployment enforcement point in the stack. As Chief Strategy Officer Gal Marder put it: "Just as a malicious software package can compromise an application, an unvetted skill can guide an agent to perform harmful actions." Worldwide Technology launched a Securing AI Lab inside its Advanced Technology Center, built on Nvidia AI factories and the Falcon platform. WWT's vendor-agnostic ARMOR framework is a pre-production validation and proving-ground capability, not an inline runtime control. It validates how the integrated stack behaves in a live AI factory environment before any agent touches production data, surfacing control interactions, failure modes, and policy conflicts before they become incidents. Three MDR numbers: what they actually measure On the MDR side, CrowdStrike fine-tuned Nvidia Nemotron models on first-party threat data and operational SOC data from Falcon Complete engagements. Internal benchmarks show 5x faster investigations, 3x higher triage accuracy in high-confidence benign classification, and 96% accuracy in generating investigation queries within Falcon LogScale. Kroll, a global risk advisory and managed security firm that runs Falcon Complete as its MDR backbone, confirmed the results in production. Because Kroll operates Falcon Complete as its core MDR platform rather than as a neutral third-party evaluator, their validation is operationally meaningful but not independent in the audit sense. Industry-wide third-party benchmarks for agentic SOC accuracy do not yet exist. Treat reported numbers as indicative, not audited. The 5x investigation speed compares average agentic investigation time (8.5 minutes) against the longest observed human investigation in CrowdStrike's internal testing: a ceiling, not a mean. The 3x triage accuracy measures one internal model against another. The 96% accuracy applies specifically to generating Falcon LogScale investigation queries via natural language, not to overall threat detection or alert classification. JFrog's Agent Skills Registry operates beneath all four CrowdStrike enforcement layers, scanning, signing, and governing every model and skill before any agent can adopt it -- with early Nvidia integration validated and full OpenShell support in active development. Six enterprises are already in deployment EY selected the CrowdStrike-Nvidia stack to power Agentic SOC services for global enterprises. Nebius ships with Falcon integrated into its AI cloud from day one. CoreWeave CISO Jim Higgins signed off on the Blueprint. Mondelēz North America Regional CISO Emmett Koen said the capability lets his team "focus on higher-value response and decision-making." MGM Resorts International CISO Bryan Green endorsed WWT's validated testing environments, saying enterprises need "validated environments that embed protection from the start." These range from vendor selection and platform validation to production integration. The signal is converging across buyer types, not uniform at-scale deployment. What the five-vendor stack does not cover The governance framework above represents real progress. It also has three holes that every security leader deploying agentic AI will eventually hit. No vendor at GTC closed any of them. Knowing where they are is as important as knowing what shipped. What running five vendors actually costs The governance matrix is a coverage map, not an implementation plan. Running five vendors across five enforcement layers introduces real operational overhead that the GTC announcements did not address. Someone has to own policy orchestration: deciding which vendor's guardrail wins when AIDR and AI Defense return conflicting verdicts on the same prompt. Someone has to normalize telemetry across Falcon LogScale, Prisma AIRS, and JFrog Artifactory into a single incident workflow. And someone has to manage change control when one vendor ships a runtime update that shifts how another vendor's enforcement layer behaves. A realistic phased rollout looks like this: start with the supply chain layer (JFrog), because it operates pre-deployment and has no runtime dependencies on the other four. Add identity governance (Falcon Identity) second, because scoped agent credentials limit blast radius before you instrument the runtime. Then instrument the agent decision layer (Falcon AIDR or Cisco AI Defense, depending on your existing vendor footprint), then cloud runtime, then local execution. Running all five simultaneously from day one is an integration project, not a configuration task. Budget for it accordingly. What to do before your next board meeting Here is what every CISO should be able to say after running the framework above: "We have audited every autonomous agent against five governance layers. Here is what's in place, and here are the five questions we are holding vendors to." If you cannot say that today, the issue is not that you are behind schedule. The issue is that no schedule existed. Five vendors just shipped the architectural scaffolding for one. Do four things before your next board meeting: The scaffolding is necessary. It is not sufficient. Whether it changes your posture depends on whether you treat the five-layer framework as a working instrument or skip past it in the vendor deck.

CrowdStrike Unveils Secure-by-Design AI Blueprint for AI Agents Built with NVIDIA

Architecture will integrate protection from the Falcon platform with NVIDIA OpenShell to run safer, autonomous AI agents both locally on DGX Spark and in the cloud CrowdStrike unveiled a Secure-by-Design AI Blueprint built with NVIDIA that integrates protection from the CrowdStrike Falcon platform directly into NVIDIA OpenShell, an open-source runtime that enforces policy-based guardrails to make autonomous agents safer to deploy. The architecture integrates security natively into the AI agent stack, enabling organizations to operationalize autonomous systems with governance, visibility, and control from development through runtime, wherever agents run. As organizations shift from copilots to AI agents that think, reason, and act autonomously at machine speed, security models must evolve. AI agents introduce a fundamentally different security challenge as privileged identities with direct access to data, applications, compute resources, and other agents. Traditional static controls were not designed to govern systems that move at the speed of AI. Securing AI agents requires continuous enforcement across the AI stack, not point in time controls - delivered at machine speed. By integrating the Falcon platform directly into the NVIDIA OpenShell runtime, the Secure-by-Design AI Blueprint can embed security at the foundation of autonomous systems. Part of the NVIDIA Agent Toolkit, the open-source OpenShell runtime provides isolated sandboxes with private inference and built-in policy enforcement. The Falcon platform extends protection to local agents running on NVIDIA DGX Spark or NVIDIA DGX Station, and can also extend security to agents in the cloud that are built on the open-source NVIDIA AI-Q Blueprint for deep research. Organizations will gain unified visibility and continuous runtime monitoring and enforcement to constrain unsafe behavior, prevent prompt manipulation, and enforce policy across the full AI lifecycle. Key capabilities of the Secure-by-Design AI Blueprint include: * AI Policy Enforcement Across the Agent Stack: Falcon® AI Detection and Response (AIDR) will integrate with the OpenShell runtime to secure every prompt, response, and agent action in real time. * Endpoint Protection for Local AI Agents: Falcon® Endpoint Security will secure local agents on NVIDIA DGX Spark or DGX Station running OpenShell, enforcing host-level controls and continuous behavioral monitoring across system activity and agent execution. * Cloud Runtime Protection for AI Agent Deployments: Falcon® Cloud Security will protect agents built based on the NVIDIA AI-Q Blueprint in cloud and data center environments, delivering unified visibility and runtime controls across infrastructure and AI workloads. * Identity-Based Governance for Agent Access: Falcon® Next-Gen Identity Security will deliver dynamic identity management for local agents, enforcing access controls across data, APIs, and services so agents operate within defined privilege boundaries. CrowdStrike and NVIDIA are also advancing intent-aware controls that govern how agents plan and execute tasks, enabling flexible autonomy while limiting the blast radius of unintended or malicious behavior. "As we enter the agentic era, agents no longer simply assist - they act," said Daniel Bernard, Chief Business Officer, CrowdStrike. "This shift fundamentally changes the security equation, and security must be embedded into the AI stack itself. Together with NVIDIA, we are delivering a Secure-by-Design architecture that enables organizations to operationalize agents with confidence and control." "Autonomous agents will fundamentally reshape how we work," said Justin Boitano, Vice President, Enterprise Platforms, NVIDIA. "By integrating CrowdStrike's security platform with the NVIDIA Agent Toolkit, we're enabling enterprises to build and scale safer, autonomous AI agents to help transform their operations, empower every employee, and securely generate intelligence at the speed of business." "AI infrastructure is moving from experimentation to mission-critical production," said James Higgins, Chief Information Security Officer, CoreWeave. "As we scale GPU-accelerated environments, AI agents must be observable, governed, and resilient by design. The collaboration between CrowdStrike and NVIDIA secures AI systems at the foundation - enabling high-performance AI environments without compromising control." The Secure-by-Design AI Blueprint reinforces CrowdStrike's position as cybersecurity for enterprise AI - embedding security directly into the AI stack, wherever AI lives.

CrowdStrike Accelerates Agentic MDR with NVIDIA, Demonstrating 5x Faster Investigations and 3x Higher Triage Accuracy

CrowdStrike leverages the NVIDIA Agent Toolkit to supercharge agentic MDR investigations with higher triage accuracy and enable custom agent development through Charlotte AI AgentWorks CrowdStrike announced an expanded collaboration with NVIDIA to advance Agentic Managed Detection and Response (MDR) using the NVIDIA Agent Toolkit, featuring open NVIDIA Nemotron models and NVIDIA NeMo Data Designer to power specialized security agents and speed investigative workflows. CrowdStrike will also be expanding Charlotte AI AgentWorks with support for NVIDIA Nemotron 3 Super, enabling organizations to build custom AI agents leveraging the most efficient, intelligent open model. Early internal testing with CrowdStrike Falcon® Complete Next-Gen MDR demonstrates up to 5x faster investigations1 and more than 3x higher triage accuracy in high-confidence benign classification performance2 when powered by NVIDIA Nemotron Nano and Nemotron Super models - supercharging Agentic MDR. As adversaries increasingly leverage AI to accelerate reconnaissance, evasion, and lateral movement, security teams must operate at machine speed and scale. Teams process thousands of detections daily, often requiring manual review to separate signal from noise. With persistent talent shortages and cost constraints, improving speed and precision without increasing headcount has become a strategic imperative. Agentic MDR represents the next evolution of managed defense - where AI-native agents augment expert analysts to streamline high-volume workflows, elevate decision quality, and scale elite protection across enterprise environments. CrowdStrike and NVIDIA are also working together to boost autonomous agent security by integrating the NVIDIA OpenShell open-source runtime with the Falcon platform through a Secure-by-Design AI Blueprint. "Adversaries are already using AI to move faster and scale their operations," said Daniel Bernard, Chief Business Officer at CrowdStrike. "The future of managed defense isn't adding more analysts - it's embedding AI agents directly into SOC operations to give analysts superpowers. With Falcon Complete Next-Gen MDR, we're applying advanced reasoning models to automate investigation and triage while maintaining expert oversight. Together with NVIDIA, we're accelerating the shift toward Agentic MDR." "AI reasoning models and synthetic data are transforming how enterprises operationalize intelligence," said Justin Boitano, Vice President, Enterprise AI Products at NVIDIA. "Together with CrowdStrike, we're bringing secure, autonomous AI agents into security operations - enabling organizations to reason through threats, act in real time, and continuously strengthen their cyber resilience." "CrowdStrike's use of advanced AI reasoning in Falcon Complete Next-Gen MDR marks a significant step forward in managed defense," said David Burg, Global Group Head of Cyber and Data Resilience at Kroll. "By accelerating investigations and sharpening triage accuracy, it enables our teams to deliver faster, high-quality outcomes for clients around the world." Advancing Agentic MDR CrowdStrike evaluated NVIDIA Nemotron models across a range of potential Falcon Complete Next-Gen MDR use cases to orchestrate investigative workflows and automate high-volume Tier 1 analysis while preserving analyst oversight. The NVIDIA Nemotron models were customized with synthetic data generated with NVIDIA NeMo Data Designer. NeMo Data Designer learns data patterns from expert insights and first-party telemetry to generate high-quality synthetic data, creating structured training signals that enhance model accuracy and consistency across investigation workflows. Internal benchmarking conducted by CrowdStrike and NVIDIA of Nemotron Nano and Nemotron Super models validates measurable performance gains, including up to 5x faster investigations and more than 3x higher triage accuracy for a significant reduction in manual triage workload. Fine-tuning the NVIDIA Nemotron Nano model achieved 96% accuracy in generating investigation queries within Falcon® LogScale, delivering a natural-language interface that boosts agent investigative efficiency.