Two infrastructure products targeting enterprise AI agent governance shipped within 24 hours of each other this week. TrueFoundry launched Agent Gateway, a unified control plane for managing agents across frameworks, and Kakunin released a cryptographic compliance shield that enforces security constraints on agent tool execution within Google Gemini and OpenAI ecosystems.

The parallel launches address the same gap: enterprises deploying AI agents at scale have no standardized way to register, discover, govern, or audit what those agents do.

TrueFoundry Agent Gateway

Agent Gateway provides a centralized registry and governance layer for AI agents regardless of which framework built them, according to TrueFoundry. Agents running on Amazon Bedrock, Google Vertex AI, LangGraph, Google ADK, custom HTTP services, or internal frameworks can all register within the same operational surface.

Once registered, an agent becomes discoverable across the organization, accessible through centralized role-based access control (RBAC), observable through unified metrics and traces, and governable through a consistent policy layer.

The product includes native support for Google’s Agent-to-Agent (A2A) protocol, which handles stateful, collaborative agent workflows. TrueFoundry notes that in several enterprise evaluations, A2A support has already become a hard requirement, with REST-only gateways eliminated immediately because they cannot support agent-to-agent workloads.

Governance extends to MCP-powered tool access, allowing security policies to apply directly to autonomous tool invocations rather than only to user traffic. TrueFoundry claims the gateway handles 350+ requests per second on a single vCPU with approximately 10ms latency, and supports SaaS, self-hosted, VPC, and air-gapped deployments.

TrueFoundry was recognized in Gartner’s Hype Cycle for Platform Engineering 2026, according to the company’s website.

Kakunin Cryptographic Compliance Shield

Kakunin’s approach operates at a different layer. Rather than managing agent registration and discovery, it secures what agents actually do when they execute tools.

The SDK uses X.509 certificate validation at the cryptographic layer, according to Kakunin’s PRWeb announcement. Before an agent executes local code, the system validates that it possesses the required permission scope (e.g., trade.execute, file.write). During execution, it dynamically halts operations if the agent’s certificate has been revoked or suspended. All sessions, prompts, responses, tool successes, and error anomalies are logged in tamper-evident audit trails.

“Autonomous agents are executing high-value, real-world tasks, but without strict boundaries, they represent a massive security risk,” said Palash Bagchi, Kakunin’s founder, in the PRWeb release.

The SDK ships with integrations for Google Antigravity SDK, OpenAI Swarm, OpenAI Assistants API, LangChain, LlamaIndex, CrewAI, and AutoGen, plus native middlewares for Next.js and client libraries for Go, TypeScript, and Python. Kakunin is targeting compliance with the EU AI Act and MiCA (Markets in Crypto-Assets) regulation.

Two Layers, One Problem

The two products are complementary rather than competitive. Agent Gateway answers “which agents exist, who can invoke them, and how are they performing?” Kakunin answers “when an agent executes a tool, does it have cryptographic proof of authorization?”

Enterprises deploying agents in regulated environments need both layers. A control plane without tool-level enforcement leaves execution ungoverned. Cryptographic tool validation without a discovery and registry layer leaves organizations blind to which agents exist and what they connect to.

The simultaneous appearance of both products, alongside Databricks Omnigent’s multi-agent orchestration layer, suggests the enterprise agent governance market has moved from “nice to have” to a hard deployment dependency in the span of weeks.