NetFoundry Tackles AI Security With New Open Source Zero Trust Enclave

CHARLOTTE, N.C. – March 24, 2026 – As enterprises race to integrate artificial intelligence into their core operations, a fundamental conflict has emerged, slowing deployments and alarming security leaders. NetFoundry today announced a direct response to this challenge with the release of a secure AI enclave, extending its open-source OpenZiti platform to protect AI workloads with a zero-trust framework.

The new capabilities, which include zero-trust gateways for Master Control Programs (MCPs) and Large Language Models (LLMs), are designed to solve what the company calls the "AI Connectivity Conundrum." This is the inherent tension between granting powerful AI agents broad access to valuable enterprise data and securing the massively expanded attack surface their deployment creates. The open-source release is now available, with the company also launching an early access program for a related commercial cloud offering.

The AI Security Imperative

The rapid adoption of AI has introduced a new class of security risks that traditional network defenses are ill-equipped to handle. To deliver business value, AI agents and LLMs must connect to data sources spread across clouds, data centers, and edge environments. However, this connectivity creates significant vulnerabilities. Industry analysis confirms that security concerns are a primary barrier to broader agentic AI adoption, with many organizations struggling to govern their AI ecosystem.

Unlike traditional applications, advanced AI agents can behave less like predictable APIs and more like autonomous, privileged users. Without strict containment, a compromised agent could act as a super-user, exfiltrating data or causing damage at machine speed. The unique vulnerabilities of AI systems, such as prompt injection, data poisoning, and model theft, further complicate the security landscape. Exposing AI tooling on a network creates a uniquely attractive and high-value target for sophisticated attackers.

This reality forces a difficult trade-off for security and IT teams: either lock down AI systems so tightly that they become ineffective or open up network access and accept a significant increase in risk. This operational drag often means AI projects are stalled for weeks or months waiting for complex firewall rule changes and security reviews, stifling the very innovation they are meant to foster.

An Identity-First Approach to AI Security

NetFoundry's new capabilities propose to eliminate this trade-off by fundamentally changing how AI systems connect and communicate. Instead of relying on traditional IP-based access controls and static API keys, the OpenZiti-based solution builds on an identity-first model where every component—from the AI agent to the LLM and the data resource—is assigned a unique, strong cryptographic identity.

"Agentic AI breaks traditional network assumptions," said Galeal Zino, CEO and Founder of NetFoundry, in the announcement. "Enterprises can't scale AI using IP-based access controls and static API keys. But with our new Identity-first AI capabilities, enterprises can secure their AI solutions while rolling them out faster and operating them more effectively because agents and MCPs do not get any network access or any API keys."

Under this paradigm, authorization occurs at the service level, not the network level. Connections are only established after an identity is verified against a specific policy for a given service. The core components are lightweight software gateways deployed alongside the AI agents and in front of protected resources. Crucially, all connections are initiated outbound from these components to a network overlay. This design means that all AI systems and data resources remain invisible to both the public internet and internal networks, effectively making them 'dark.' As a result, inbound firewall rules can remain set to "deny-all," with no exceptions needed for AI workloads.

This approach provides identity-based microsegmentation without the complexities of managing IP addresses or VLANs. Every connection is ephemeral, continuously authenticated, and fully auditable, providing a detailed log of which identity accessed which service under what policy.

The Power of an Open Source Foundation

Basing this advanced security model on OpenZiti, a mature and widely used open-source platform, is a significant aspect of the announcement. OpenZiti, which operates under an Apache 2.0 license, has a healthy and active community, with its main GitHub repository showing thousands of stars and hundreds of forks. The project is supported by a dedicated community forum, extensive documentation, and a wide array of SDKs for languages like Python, Go, Java, and C#, facilitating integration into diverse development environments.

By building its AI enclave on this open-source foundation, NetFoundry provides a level of transparency and community-driven validation that is critical for security infrastructure. Developers and security architects can inspect the code, contribute to its development, and adapt the platform to their specific needs. This open approach fosters trust and can accelerate the development of robust, adaptable solutions for the fast-evolving challenges of AI security, preventing vendor lock-in for a critical piece of the enterprise technology stack.

Streamlining AI Deployment in a Competitive Market

Beyond the security enhancements, the operational benefits are a key focus. For platform and DevOps teams, the model allows them to publish services and define access policies once, rather than repeatedly reconfiguring networks. For application teams and data scientists, it enables self-service connectivity for their AI agents without waiting on IT for firewall or VPN changes. This promises to dramatically reduce friction and accelerate the time-to-market for new AI initiatives.

NetFoundry enters a competitive and rapidly growing AI security market. Established cybersecurity giants like Palo Alto Networks and Zscaler, as well as specialized startups, are all racing to provide solutions that govern AI usage and protect against new threats. Many of these competitors are also incorporating zero-trust principles into their offerings. However, NetFoundry's approach, rooted in its open-source, identity-based overlay network that renders services invisible by default, offers a distinct architectural solution to the problem.

To help organizations adopt these capabilities, the company has also announced a limited early access program for its commercial cloud offering. This managed service aims to further simplify the deployment and ongoing operations of internal AI platforms by abstracting away infrastructure management while providing end-to-end visibility. This focus on operational simplicity, combined with a robust security foundation, aims to provide enterprises with the confidence to accelerate their AI initiatives without compromise.