NVIDIA and SAP: Building Trustworthy AI Agents for the Enterprise
At SAP Sapphire 2025, NVIDIA and SAP announced an expanded collaboration to bring security and governance to specialized AI agents operating in enterprise systems. By embedding NVIDIA OpenShell—an open-source runtime for autonomous agent security—into the SAP Business AI Platform, the partnership addresses the critical trust gap when agents gain access to core business data and workflows. Below, we explore the key questions around this initiative.
- What exactly is this new collaboration between NVIDIA and SAP?
- What is NVIDIA OpenShell and how does it work?
- Why does trust matter more for autonomous agents than for AI assistants?
- How does the application layer play a role in agent security?
- What contributions are SAP engineers making to OpenShell?
- How does NVIDIA's experience as an SAP customer shape this collaboration?
- What technologies work together to enable trustworthy agentic AI?
What exactly is this new collaboration between NVIDIA and SAP?
The expanded partnership, unveiled at SAP Sapphire 2025, integrates NVIDIA OpenShell into the SAP Business AI Platform. OpenShell is an open-source runtime that provides isolated execution environments, policy enforcement at the filesystem and network layers, and infrastructure-level containment. This ensures that when autonomous AI agents perform tasks in finance, procurement, supply chain, or manufacturing, they operate within strict security and governance boundaries. Additionally, SAP engineers are now co-developing OpenShell alongside NVIDIA, contributing enhancements back to the open-source project. The result is a robust foundation for deploying specialized agents in production environments without compromising trust or control.
What is NVIDIA OpenShell and how does it work?
OpenShell is an open-source runtime designed to securely develop and deploy autonomous AI agents. It creates isolated execution environments that limit what an agent can see, access, or modify. Policy enforcement occurs at the filesystem and network layers, meaning an agent cannot accidentally (or maliciously) write to sensitive directories or communicate with unauthorized endpoints. Infrastructure-level containment ensures that even if an agent's logic fails—due to unexpected inputs or adversarial attacks—the damage is contained. Within the SAP Business AI Platform, OpenShell becomes the default security layer for all SAP AI agents, including those custom-built in Joule Studio, SAP's environment for building end-to-end enterprise agents.
Why does trust matter more for autonomous agents than for AI assistants?
Traditional AI assistants typically suggest actions but leave final decisions to human users. Autonomous agents, however, can directly touch systems of record, cross application boundaries, and operate without step-by-step human review. This shift dramatically changes the trust equation. An agent that can initiate a payment, update an inventory record, or adjust a supply chain schedule needs clearly defined boundaries, policy enforcement, and a complete audit trail before it can safely enter production. Without these safeguards, rogue outputs could corrupt business data or violate compliance rules. The collaboration between NVIDIA and SAP directly addresses this by embedding security controls at the runtime level.
How does the application layer play a role in agent security?
NVIDIA CEO Jensen Huang describes AI as a five-layer stack: energy, chips, infrastructure, models, and applications. The application layer is where AI creates economic value and drives productivity. SAP sits at the core of this layer for many enterprises, running critical workflows in finance, procurement, supply chain, and manufacturing. For agents to operate safely here, they must understand roles, processes, permissions, and data boundaries. They also need an execution environment that limits what an agent sees, what it can do, and where inference runs. By embedding OpenShell into SAP's platform, the partnership ensures that security and governance are baked into the application layer itself.
What contributions are SAP engineers making to OpenShell?
SAP engineers are actively working alongside NVIDIA's team to further develop the OpenShell open-source codebase. Their focused contributions target exactly what enterprises need to run agentic AI in production: runtime hardening to resist attacks, policy modeling to express complex business rules, enterprise identity integration to tie agent actions to real users, and auditing and governance hooks so every agent decision can be traced. This co-development effort ensures that OpenShell evolves with real-world enterprise requirements, not just theoretical use cases. Because SAP uses its own products internally, the engineers bring firsthand experience of the operational challenges agents face in large-scale deployments.
How does NVIDIA's experience as an SAP customer shape this collaboration?
NVIDIA itself is a long-standing SAP customer, running finance, supply chain, and logistics on SAP systems. This gives both companies a shared context for what enterprise-grade governance requires in practice. When NVIDIA and SAP talk about policy enforcement, identity integration, and audit trails, they are not starting from theory. They are drawing on actual lessons learned from managing real data and workflows at scale. This practical perspective ensures that the security measures built into OpenShell are neither academic nor over-engineered—they address genuine pain points that arise when autonomous agents interact with enterprise resources. The collaboration thus benefits from NVIDIA's dual role as both technology partner and experienced user.
What technologies work together to enable trustworthy agentic AI?
The partnership combines several key technologies. At the core is NVIDIA OpenShell, which provides the isolated execution environment and policy enforcement. It runs within the SAP Business AI Platform, which already offers role-based access, process control, and data governance. For custom agents, Joule Studio acts as the development environment, allowing developers to build and manage end-to-end agents while relying on OpenShell's security layer. Together, these technologies create a stack where every agent action is contained, logged, and inline with enterprise policies. This integrated approach means enterprises can deploy specialized agents in finance, procurement, supply chain, and manufacturing with confidence that trust is not sacrificed for automation.
Related Articles
- Amazon's 'Reacher' Scores Early Season 5 Renewal: 3 Key Takeaways for Fans
- AI in Software Development: A Comprehensive Q&A
- Demystifying Agent Reasoning: A Q&A Guide to Parsing, Analyzing, and Fine-Tuning with the Hermes Dataset
- Choosing Your Default AI Model in Apple Intelligence: A Guide for iOS 27
- Garlic: Nature's Mosquito Birth Control? Yale Study Reveals Surprising Pest Control Potential
- 10 Hidden OAuth Token Risks That Cyberattackers Exploit – And How to Close Them
- 5 Key Updates in Microsoft's Redesigned Windows 11 Run Menu
- Mastering CAN Bus Monitoring with CANopenTerm: A Step-by-Step Guide