Enterprise AI doubles down on guardrails

Google is turning enterprise AI from a build-your-own-agent project into a managed system with permissions, checks, and runtime controls. (cloud.google.com) At Google Cloud Next on April 22, Google launched Gemini Enterprise Agent Platform as the successor to Vertex AI for agent work, combining model building, agent building, orchestration, DevOps, and security in one platform. Google said the product is designed to “build, scale, govern, and optimize” agents for business use. (cloud.google.com) Google’s own pitch is that companies are moving from asking whether they can build an agent to asking how to manage “thousands of them.” Sundar Pichai called the platform “mission control for the agentic enterprise” in Google’s Cloud Next announcement. (blog.google) An AI agent is software that can call tools, query company data, and take actions across workflows instead of just answering prompts. Google’s platform adds an Agent Runtime for deploying and managing agents in production, plus centralized oversight for Google-built, third-party, and in-house agents. (docs.cloud.google.com 1) (docs.cloud.google.com 2) That operational layer now sits next to access controls written in plain business terms. Google’s Gemini Enterprise documentation says administrators can assign predefined Identity and Access Management roles and even restrict users to specific apps by granting permissions at the app level instead of the whole project. (docs.cloud.google.com 1) (docs.cloud.google.com 2) Security companies are plugging into that control plane. Check Point said on April 22 that it will integrate its AI Defense Plane with Gemini Enterprise Agent Platform to add agent discovery, governance, and “real-time behavioral protection” for enterprises deploying AI agents at scale. (checkpoint.com) Cisco made a similar move the same day. Cisco said its AI Defense product now extends to Google Cloud environments, including Gemini Enterprise Agent Platform, agentic workflows, and retrieval-augmented generation pipelines that connect models to private data. (blogs.cisco.com) Wiz is pushing the same message from the cloud security side. In its Cloud Next announcement, Wiz said it was expanding AI application coverage from AI-generated code through “AI and agent studios” and into cloud runtime, framing the problem as continuous visibility rather than one-time review. (wiz.io) Netskope’s role is less tied to a single new Google launch, but its existing integration with Wiz shows where the market is heading: shared telemetry, real-time risk signals, and policy enforcement that follows workloads across cloud environments. Netskope says the integration feeds Wiz cloud findings into Netskope for proactive defense across hyperscaler platforms. (netskope.com) (wiz.io) The shift is away from standalone copilots and toward control planes that can approve an agent before launch, watch it while it runs, and show a human who can do what. Google’s new platform, and the vendor stack forming around it, treats enterprise AI less like a chatbot and more like software that needs identity, logging, and guardrails from day one. (cloud.google.com) (zdnet.com)