Aviatrix Ushers in 'Containment Era' to Secure AI Agents

SANTA CLARA, CA – April 29, 2026 – Cloud security firm Aviatrix today announced a major strategic shift in defending enterprise infrastructure with the launch of the industry's first Containment Platform for AI agents. The move, which includes the general availability of its "Zero Trust for AI Workloads" and an early access program for "Aviatrix AgentGuard," signals the company's declaration of a new "Containment Era" in cloud security—a paradigm that prioritizes architectural control over the blast radius of a potential breach, rather than relying solely on post-event detection.

As enterprises rapidly adopt autonomous AI agents, they are simultaneously creating a new and formidable security challenge. Aviatrix's new platform aims to address this head-on by extending its Cloud Native Security Fabric to enforce strict communication governance across every AI workload, from virtual machines to Kubernetes clusters and serverless functions, all without requiring agents or modifications to application code.

The New Imperative: Containing the AI Blast Radius

The rise of agentic AI marks a significant evolution from the large language models (LLMs) that first captured public attention. Unlike LLMs that primarily respond to prompts, AI agents are designed for autonomous action, making independent decisions about which systems and data stores to access. This autonomy, while a powerful feature, introduces unprecedented risk. If an AI agent is compromised by an attacker or “hallucinates” due to flawed logic, its potential for damage—its blast radius—could encompass the entire enterprise network.

Industry research highlights a critical vulnerability gap, indicating that only 5 to 20 percent of enterprises have implemented the necessary controls to limit where a workload can communicate. This leaves the vast majority of organizations architecturally exposed. The 2026 supply chain attack campaign known as “the Cascade,” which impacted over a third of enterprise cloud environments, serves as a stark reminder of this danger. Like previous major incidents such as SolarWinds and Log4j, the attack exploited a lack of workload-level enforcement, allowing for unchecked lateral movement once inside a network.

“Agentic AI systems are designed to reach across services, data stores, and boundaries. That reach is the feature. Ungoverned, it is also the risk,” said Chris McHenry, Chief Product Officer at Aviatrix. The company argues that without a containment architecture, a single compromised agent can become an autonomous intruder, indistinguishable from legitimate activity as it moves freely across internal systems.

From Detection to Architectural Defense

Aviatrix’s declaration of the “Containment Era” represents a direct challenge to the status quo of cybersecurity. For years, the industry has focused on improving detection and response times. However, this reactive posture is proving insufficient against automated, high-speed attacks and the inherent risks of autonomous systems. The new paradigm shifts the fundamental security question from “Did we detect it?” to “What is our blast radius and how do we contain it?”

“Detection tells you what happened. Containment determines how bad it gets,” stated Doug Merritt, Chief Executive Officer of Aviatrix. “When prevention fails and detection is too slow, containment decides whether the incident becomes a breach.”

This philosophy is put into practice through the Aviatrix Cloud Native Security Fabric, which embeds explicit communication policies directly into the cloud infrastructure itself. This creates a foundational layer of security that governs every possible communication path for every workload. The policy is simple and non-negotiable: each workload can only communicate with resources it is explicitly permitted to reach. The effectiveness of this approach was demonstrated for one Fortune Global 500 customer during the Cascade attack. While other organizations suffered data exfiltration within hours, the Aviatrix customer, despite running the same compromised component, saw the attack completely contained with zero credentials lost.

Taming the Agents: Inside the Containment Platform

To execute this vision for AI, Aviatrix has introduced two key capabilities. The first, Zero Trust for AI Workloads, is now generally available. It provides enterprises with concrete enforcement mechanisms to govern AI communication, allowing them to allowlist approved external AI services, block the use of unsanctioned “shadow AI” tools, and apply network-layer rules universally across all environments instantly.

Shadow AI has become a particularly costly problem. According to IBM's 2025 Cost of a Data Breach Report, incidents involving shadow AI add an average of $670,000 to breach costs, and a staggering 97 percent of AI-related breaches occurred in organizations that lacked proper access controls.

The second, more targeted capability is Aviatrix AgentGuard, now available in early access. This is the core of the new platform, purpose-built to discover every AI agent running across an organization's cloud environments—both authorized and shadow. It maps their connections to LLMs, tools, and data, builds a continuous risk profile, and then enforces granular communication governance. By default, it blocks common data exfiltration vectors, such as attempts to post data to public code repositories or file-sharing sites.

To facilitate adoption, Aviatrix is publishing validated containment reference architectures for major AI platforms, including AWS Bedrock Agents and Azure AI Foundry. A key collaboration with Obot and Microsoft has also produced the first enterprise-grade containment architecture for the Model Context Protocol (MCP). “Obot governs which MCP servers an agent can call. Aviatrix governs where those servers can reach,” explained Shannon Williams, President of Obot AI. “That two-layer control is what enterprise agentic AI actually requires.”

Navigating the Crowded Cloud Security Landscape

Aviatrix is entering a competitive field where cloud titans like AWS and Microsoft, along with established security vendors like Palo Alto Networks and Zscaler, all offer solutions for cloud security. However, Aviatrix is differentiating itself by focusing on the architectural layer below the application. While other solutions may focus on securing user access to applications (Zero Trust Network Access) or identifying misconfigurations (Cloud Security Posture Management), Aviatrix secures the app-to-app and workload-to-workload traffic within the cloud fabric itself.

This approach is designed not to replace other security tools but to complement them. For instance, an alert from a posture management tool like Wiz can be amplified by Aviatrix's fabric into an immediate, real-time network enforcement action. By operating at the infrastructure level without requiring agents or code changes, the platform aims to eliminate friction with DevOps teams and provide security that is both pervasive and developer-friendly.

By building a security architecture that contains the reach of AI by design, Aviatrix contends that enterprises can transform AI agents from potential liabilities into governed, trustworthy assets. This enables organizations to innovate and adopt powerful AI capabilities more quickly and safely, ensuring that the inevitable security incident does not escalate into an enterprise-wide catastrophe. The Zero Trust for AI Workloads capability is available now, and enterprises can request access to the Aviatrix AgentGuard early access program through the company's website.