How SAP and NVIDIA Are Building a Trustworthy Foundation for Enterprise AI Agents

Introduction: The Rise of Specialized AI Agents in Enterprise Systems

From finance and procurement to supply chain and manufacturing, specialized AI agents are increasingly embedding themselves into enterprise systems—the very places where critical business decisions are made, data is accessed, and workflows run at massive scale. These autonomous agents promise to boost productivity by automating complex tasks, but they also introduce new challenges around security, governance, and trust.

Source: blogs.nvidia.com

At the recent SAP Sapphire conference, NVIDIA founder and CEO Jensen Huang joined SAP CEO Christian Klein's keynote via video to announce an expanded collaboration between the two companies. This partnership is designed to help enterprises deploy specialized agents with robust security and governance controls, ensuring that autonomous AI can operate safely within production environments.

OpenShell: The Runtime Security Layer for Enterprise Agents

Central to this collaboration is SAP's integration of NVIDIA OpenShell—an open-source runtime for securely developing and deploying autonomous AI agents—into the SAP Business AI Platform. OpenShell provides isolated execution environments, policy enforcement at the filesystem and network layers, and infrastructure-level containment that protects against failures or misbehavior in agent logic.

Within the SAP Business AI Platform, OpenShell acts as the runtime security layer for all SAP AI agents, including custom agents built in Joule Studio, SAP's environment for building and managing end-to-end enterprise agents. This means every agent that touches sensitive business processes operates within a sandboxed environment where its actions are tracked, limited, and auditable.

Importantly, SAP engineers are co-designing OpenShell alongside NVIDIA, contributing enhancements back to the open-source project. Their focus is on what enterprises need to run agentic AI in production: runtime hardening, policy modeling, identity integration, and auditing hooks.

The Trust Equation: From Assistants to Autonomous Agents

The shift from AI assistants to autonomous agents fundamentally changes the trust equation. An assistant might recommend an action, but an agent can touch systems of record, cross application boundaries, and operate without human review at every step. To be production-ready, such agents need clearly defined boundaries, enforced policies, and a complete audit trail.

This is precisely what the SAP-NVIDIA collaboration addresses. By embedding OpenShell as the foundational security layer, enterprises gain the confidence that their AI agents will not inadvertently cause damage or violate compliance requirements. The solution ensures that agents understand roles, processes, permissions, and data boundaries—and that their execution environment strictly limits what they can see, do, and where inference runs.

Why the Application Layer Matters

NVIDIA CEO Jensen Huang has famously described AI as a five-layer cake: energy, chips, infrastructure, models, and applications. Applications sit at the top, where AI generates economic value and drives productivity for knowledge workers. As a global leader in enterprise applications and business AI, SAP occupies a pivotal position in this top layer.

How SAP and NVIDIA Are Building a Trustworthy Foundation for Enterprise AI Agents — Source: blogs.nvidia.com

SAP's platforms manage finance, procurement, supply chain, and manufacturing workflows—precisely where agents must operate within policy, identity, and process controls. This makes SAP's role at the core of enterprise operations a key driver for the adoption of agentic AI. Business agents need to be context-aware: they must recognize organizational roles, understand business processes, respect permission structures, and stay within predefined data boundaries.

Co-developing the Agentic AI Foundation

NVIDIA brings a unique perspective to this partnership: it is a longstanding SAP customer that runs its own finance, supply chain, and logistics on SAP. This shared context gives both companies firsthand insight into what enterprise-grade governance requires in practice.

SAP engineers are working side-by-side with NVIDIA's team to further develop OpenShell's open-source codebase. Their contributions focus on practical requirements for deploying agentic AI in production: runtime hardening, policy modeling, integration with enterprise identity systems, and hooks for auditing and governance. The result is a security layer that is both technically robust and deeply aligned with real-world enterprise needs.

Conclusion: A Trustworthy Path Forward for Agentic AI

The collaboration between SAP and NVIDIA addresses a critical enterprise requirement: deploying trustworthy AI agents that can work autonomously without compromising security or compliance. By embedding OpenShell into SAP's Business AI Platform and co-developing its capabilities, both companies are laying the groundwork for a new era of intelligent automation—one where agents are powerful yet contained, autonomous yet auditable.

As more enterprises explore agentic AI, this partnership sets a standard for how to balance innovation with governance. The message is clear: trust is not an afterthought—it must be built into the very foundation of the technology.

Tags: