Nvidia's agentic AI stack is the first major platform to ship with security at launch, but governance gaps remain

question is whether the wrong thing in that 4% margin can execute before detection. With agentic systems, that window can be seconds.

Who else is in the Nvidia OpenShell security ring?

Three other vendors announced integrations that meet the same timing criteria as the five launch partners.

Google’s Gemini Security brings its Gemini 2.0 Flash model to Nvidia’s Nemoclaws security service. Gemini Security can reason over telemetry from Nvidia’s Nemesis threat-detection system, prioritizing risks in real time. Google is also releasing a public cloud-native model for agentic threat detection, trained on Gemini’s own telemetry, that plugs into Nemoclaws as a reasoning engine. The integration is not part of OpenShell, but it uses the same Nemesis telemetry pipeline.

Microsoft Security AI Factory is a validated design that runs Microsoft Defender and Purview across Nvidia’s AI Factory stack. Defender XDR and Entra ID are enforced at the prompt and identity layers. Purview governs data residency and classification inside agent workflows. The design is not part of OpenShell, but it uses the same BlueField DPU enforcement layer as Palo Alto Networks.

Trend Micro