Aviatrix Operationalizes the Containment Era with the Industry’s First Containment Platform for AI Agents

Zero Trust for AI Workloads and Aviatrix AgentGuard Deliver Workload-Level Containment Across Every Cloud and Every Compute Model

Santa Clara, Calif., April 29, 2026 (GLOBE NEWSWIRE) — Aviatrix® today launched the industry’s first Containment Platform purpose-built for AI agents, extending the Aviatrix Cloud Native Security Fabric to enforce Communication Governance across every AI workload — VMs, Kubernetes clusters, and serverless functions — without agents or code changes. The launch includes Zero Trust for AI Workloads, now generally available and Aviatrix AgentGuard, now in early access.

The product launch coincides with a separate Aviatrix announcement that declares the Containment Era, which represents a fundamental shift in how enterprises must defend cloud infrastructure, anchored by four new resources available today. The Containment Era shifts the focus from “Did we detect it?” to “What is our blast radius and how do we contain it?”

Why AI Requires Containment Architecture

Every AI agent in an enterprise deployment is a machine identity making autonomous decisions about what systems and resources to access next. According to industry research, only 5 to 20 percent of enterprises have controls in place to limit where a workload can communicate. For the remaining 80 to 95 percent, there is no architectural constraint on what a compromised workload can reach, and an AI agent that is compromised, or that hallucinates, has the blast radius of the entire network. 

The Cascade, a 2026 supply chain attack campaign attributed to TeamPCP that affected 36 percent of enterprise cloud environments at the time of compromise, demonstrated what happens when an attack is indistinguishable from legitimate activity, and the network architecture does not constrain where compromised code can reach. Like SolarWinds, Log4j, and 3CX before it, the Cascade differed in execution but shared the same post-compromise dynamic: no workload-level enforcement, unlimited lateral movement, and no limit on what compromised agents could reach or send.

“Agentic AI systems are designed to reach across services, data stores, and boundaries. That reach is the feature. Ungoverned, it is also the risk,” said Chris McHenry, Chief Product Officer at Aviatrix. “Aviatrix’s Cloud Native Security Fabric enforces a single and non-negotiable principle across every cloud and every workload: each workload can only communicate with what it is explicitly permitted to reach, without agents or code changes. By containing  reach by design, it prevents AI-driven failures or compromises from cascading into enterprise-wide events.”

Zero Trust for AI Workloads

Zero Trust for AI Workloads, now generally available, extends Aviatrix’s Cloud Native Security Fabric to secure AI agents, large language model proxies, and agentic frameworks without requiring application or infrastructure changes. The capability provides three enforcement mechanisms for enterprises:

• Allow and deny access to external AI services through WebGroups, governing which services any given workload can call.
• Block shadow AI with default-deny allowlists, ensuring that only approved AI services can be reached from sanctioned workloads.
• Apply network-layer enforcement immediately across every workload and region, with universal policy propagation.

Aviatrix is also publishing validated containment reference architectures for the three largest AI platforms in enterprise production: AWS Bedrock Agents, Zero Trust for Azure AI Foundry Agents, and Zero Trust for Enterprise MCP, the first enterprise-grade containment architecture for Model Context Protocol developed with Obot and Microsoft. The reference architectures are available in the Resources section below.

“Every enterprise running AI agents is running MCP servers — often more than they realize. Without governance at the gateway and the network, a compromised agent’s blast radius extends to everything those servers can reach,” said Shannon Williams, President, Obot AI. “Obot governs which MCP servers an agent can call. Aviatrix governs where those servers can reach. That two-layer control is what enterprise agentic AI actually requires.” 

Aviatrix AgentGuard

According to IBM’s 2025 Cost of a Data Breach Report, shadow AI adds an average of $670,000 in additional breach costs per incident, and 97 percent of organizations that experienced an AI-related breach lacked proper access controls. Aviatrix AgentGuard, now in early access, is the industry’s first Containment Platform purpose-built for AI agents. It discovers every agent running across VMs, Kubernetes clusters, and serverless functions — authorized and shadow — maps the LLMs, tools, and data each agent connects to, and builds a continuous risk profile. AgentGuard then extends the Aviatrix Cloud Native Security Fabric to enforce Communication Governance at the agent workload, governing what each agent can reach and what can reach it. The most common exfiltration vectors — data posting to public code and file-sharing services — are blocked by default. For organizations deploying on AWS Bedrock AgentCore or Azure AI Foundry, Aviatrix AgentGuard delivers validated secure architectures from day one. Advanced AI Observability and Guardrails — detecting and blocking prompt injection and data loss at the conversation level — will be available in Q3 2026.

The Containment Era: Establishing a New Security Standard

“Detection tells you what happened. Containment determines how bad it gets,” said Doug Merritt, Chief Executive Officer of Aviatrix. “Today’s products are how we deliver containment for the workloads that matter most in 2026. AI agents that can reach anywhere are liabilities. AI agents governed by architecture are assets. When prevention fails and detection is too slow, containment decides whether the incident becomes a breach.”

Aviatrix Cloud Native Security Fabric is shipping infrastructure already running in production at Fortune Global 500 enterprises. One such enterprise was running a compromised component when the Cascade supply chain attack campaign hit. Same payload, same vulnerability as at other affected organizations. At organizations without workload-level containment, the attack completed in under three hours. At the Aviatrix customer, zero credentials were exfiltrated.

Availability and Resources:

• Zero Trust for AI Workloads: Generally available now for Aviatrix Platform-as-a-Service customers with gateways deployed at aviatrix.ai/products/zero-trust-for-workloads/zero-trust-for-ai-workloads/
• Aviatrix AgentGuard (Early Access): Request access at aviatrix.ai/products/zero-trust-for-workloads/agentguard/
• Validated Containment Architectures: aviatrix.ai/products/zero-trust-for-workloads/agentguard/validated-containment-architecture/
• Containment Era research series: aviatrix.ai/resources/solutions/the-containment-era/ 

About Aviatrix

Aviatrix® is pioneering the Cloud Native Security Fabric — the architecture the Containment Era requires. The Cloud Native Security Fabric governs every workload communication path across every cloud, every VPC, every Kubernetes cluster, and every serverless function, from a single policy plane. One rule. Universal propagation. Enforced at the workload, not at a chokepoint. Trusted by more than 500 of the world’s leading enterprises. For more information, visit aviatrix.ai.

CONTACT: Aviatrix
888-311-8328
[email protected]

Disclaimer: The above press release comes to you under an arrangement with GlobeNewswire. UKNewshour.com takes no editorial responsibility for the same.