NEWS
Xage Bets Agentic AI Security Belongs in NVIDIA’s Silicon
Xage Security, a Zero Trust access vendor that protects much of America’s energy pipeline network, said on May 31 it will run its agentic AI controls directly on NVIDIA’s Vera BlueField-4 STX, the chipmaker’s new secure-by-design storage processor for AI factories. The move puts identity-based policy enforcement into the silicon where AI data moves, rather than on the host servers running the workloads. It is a small announcement with a large signal underneath it.
The headline event is a co-marketing tie-up between a mid-size security firm and the most valuable chipmaker on earth. The development worth tracking is structural: enterprise AI security is sliding off the general-purpose processor and into a dedicated piece of networking silicon, and Xage is one of a dozen security companies now lining up to run on the same chip.
Xage Bolts Its Zero Trust Layer Onto NVIDIA’s Storage Chip
The integration connects Xage Zero Trust for Agentic AI with NVIDIA DOCA (Data Center-on-a-Chip Architecture, the software stack that runs on BlueField processors) and the Vera BlueField-4 STX platform. The pitch is that Xage gets to observe and govern what AI agents see and do at the line speed of the storage path, without touching the host software or slowing the workload it is protecting.
That last part matters more than it sounds. Most security tooling for AI runs as an agent or sidecar on the same server as the model, competing for the same compute and adding latency. By pushing enforcement onto the DPU (data processing unit, the offload chip that sits between the network and the server), the security check happens before traffic ever reaches the host. NVIDIA claims its DOCA security layer can run runtime threat detection up to 1,000x faster than existing agentless tools and enforce network and file-access policy at speeds of up to 800Gb/s.
Xage is not the only name on the slide, and it is not the senior partner. What it brings is a track record in environments where a missed access decision has physical consequences, which is the argument it is making to enterprises now bolting autonomous agents onto sensitive systems.
Why AI Security Is Moving Off the CPU and Into the DPU
For two decades, the host CPU was where security software lived. It inspected traffic, checked identities, and logged behavior, all while sharing cycles with the application it guarded. Agentic AI breaks that arrangement. When thousands of autonomous agents are reading context memory, calling APIs, and writing files at storage line rate, a host-based inspector becomes a tax and a bottleneck at the same time.
NVIDIA’s answer is to bake the enforcement point into the storage processor itself. The result is a different division of labor between where work runs and where it gets policed.
| Attribute | Host-based security | In-silicon (DPU) enforcement |
|---|---|---|
| Where it runs | On the server CPU, beside the workload | On the BlueField processor, before the host |
| Performance cost | Consumes host compute, adds latency | Offloaded, designed to preserve workload speed |
| Bypass risk | An agent on the host can evade host agents | Sits in the data path, harder to route around |
| Scale ceiling | Limited by server resources | Up to 800Gb/s policy enforcement |
What BlueField-4 Carries
The chip underneath is built for size. NVIDIA’s BlueField-4, unveiled at its GTC conference, pairs an NVIDIA Vera CPU with a ConnectX-9 SuperNIC (a high-speed network interface) and 64 Arm cores, supporting 800Gb/s of throughput. The company says it delivers roughly six times the compute of the prior BlueField-3 and can support AI factories up to four times larger. STX, the storage variant, adds a context-memory layer aimed at the long-context reasoning that agentic systems need.
NVIDIA puts the platform’s efficiency gains at four times the energy efficiency of traditional CPU-based storage and five times the tokens per second. Those are the company’s own figures, drawn from its BlueField-4 STX storage architecture announcement, and they describe a platform that does not ship in volume until later this year.
The DOCA Security Trio
The security itself comes from three DOCA microservices. DOCA Vault is meant to ensure only authorized AI workloads can reach specific files with specific permissions. DOCA Argus provides visibility into agent behavior and workload activity. DOCA Flow isolates network traffic across multi-tenant environments so one customer’s agents cannot wander into another’s data.
Xage’s job is to sit on top of that plumbing and supply the identity logic: which user, which agent, which model, which tool, and what each is allowed to touch. The silicon enforces; the security vendor decides the rules. That split is the whole reason NVIDIA needs partners rather than shipping a finished product, and it is why more details on the chip live on NVIDIA’s BlueField data processing unit page.
The Identity Explosion Forcing the Shift
None of this would matter if agents behaved like ordinary software. They do not. An AI agent can take a sequence of actions, call external services, spawn sub-agents, write and run code, and pick up new permissions at runtime, all without a human in the loop. Each of those agents carries credentials, and credentials are what attackers go after.
The scale of the problem is the part most coverage skips. Machine accounts already swamp human ones, and the gap is widening fast.
- 45 to 1 is the ratio of non-human identities (NHIs, the tokens and service accounts machines use to authenticate) to human identities in a typical enterprise, rising to 144 to 1 in cloud-native environments.
- Two thirds of enterprises have already suffered a breach through a compromised non-human identity, now cited as the fastest-growing attack vector in enterprise infrastructure.
- 92% of organizations are not confident their legacy identity tools can manage AI and NHI risk, according to research summarized by the World Economic Forum’s analysis of non-human identity risk.
That last gap is the opening every vendor in this race is chasing. The credentials an agent carries, not the model weights, are the soft target, a point we made in detail in our look at why AI security starts with identity rather than the model.
A Dozen Security Vendors Now Crowd the Same Silicon
Here is the detail that makes the Xage news a trend rather than a transaction. Xage is one entry on a cybersecurity partner roster that NVIDIA published alongside the STX launch, and the company it keeps is heavyweight.
The named security partners building on BlueField-4 STX include Akamai, Armis, Check Point, Cisco, CrowdStrike, EQTY, F5, Fortinet, Palo Alto Networks, TrendAI, Xage Security, and Zscaler. That is most of the enterprise security industry agreeing to run on one company’s chip. Two readings follow, and both are true at once.
The optimistic reading is validation: when CrowdStrike, Palo Alto Networks, and a critical-infrastructure specialist all pick the same enforcement layer, the DPU stops being a networking curiosity and becomes the place AI security gets done. The skeptical reading is crowding. When a dozen vendors plug into identical DOCA microservices on identical silicon, the silicon is doing the heavy lifting, and the question shifts to what each software partner adds that the next one does not. Differentiation gets harder when everyone shares the same foundation.
For NVIDIA, the crowd is the point. Every security vendor that integrates makes BlueField stickier and the AI factory more dependent on NVIDIA’s stack, from the GPU down to the storage controller. For the partners, the calculation is simpler: be on the chip, or risk being routed around by it.
What Xage Carries Into the AI Factory
Xage’s claim to a seat is its history in places where access control is not abstract. The company, led by founder and chief executive Duncan Greatwood, a former Apple executive whose social-search startup Topsy was acquired by Apple in 2013, built its Zero Trust platform for industrial and operational technology before pivoting to AI. It says it protects more than 60% of US midstream energy infrastructure, the pipelines and processing that move oil and gas.
The AI push is recent and fast. Xage launched its Zero Trust for AI line in 2025, signed a first customer within days, and closed an additional $15 million in equity funding on the back of that demand, per the company’s own record-growth announcement on Zero Trust for AI. Co-founder and chief technology officer Susanto Irwan runs the engineering side.
Greatwood frames the BlueField work as treating AI infrastructure the way the industry already treats power grids and pipelines.
AI factories are becoming the new critical infrastructure, and they require critical-infrastructure-grade security protection. As autonomous AI agents gain access to sensitive data, APIs, applications, and core systems, organizations need unbypassable visibility into and control over what those agents can see, do, and change.
That said, Greatwood is the chief executive of a company whose product depends on the integration succeeding, and the word doing the most work in his statement is unbypassable, a property that is easy to assert and hard to prove before the hardware is in customers’ hands.
The Part That Hasn’t Shipped Yet
Strip away the launch language and a few hard caveats remain. STX-based platforms are not expected from NVIDIA’s storage partners until the second half of 2026, so the line-speed enforcement described here is a design promise, not a deployed result. The dramatic performance figures, the 1,000x detection speed and the 800Gb/s enforcement rate, are NVIDIA’s internal benchmarks against its own framing of legacy tools, not independent measurements.
There is also the lock-in question that the crowded partner list raises but does not answer. Anchoring AI security to one vendor’s silicon solves a real bottleneck and concentrates a great deal of trust in a single supply chain. Enterprises that standardize on BlueField for security are making the same bet they already made on NVIDIA for compute, and doubling down on one company is a strategy with a known failure mode.
If the silicon ships on time and the enforcement holds up under independent testing, in-chip security becomes the default architecture for agentic AI, and the software vendors who got on early own the relationships. If the hardware slips or the benchmarks soften in the field, the announcements made this spring will read as positioning ahead of a market that had not arrived yet, and the real contest moves to whoever can prove their controls work before the next budget cycle closes.
Carnival Data Breach Exposes 6 Million in a Repeat Failure
US Smartphone Shipments Slip 3% as Memory Costs Loom
Microsoft Fixes Windows 11 KB5089549 Update Install Failure
Oregon Upgrades 911 for Smartphones in a Slow National Shift
AI Outages Drive Downtime Costs to a Record $600 Billion
Xbox’s Own Game Pass Page Leaked Seven Showcase Games Early
How to Set Up Android Guest Mode (and Why Samsung Lacks It)
Samsung Boosts Galaxy Z Fold 8 Output as Flip 8 Gets Cut
Singapore Bets on Parent Coaching, Not a Ban, on Kids’ Screens
Preston’s Red Phone Boxes Return as LED Screens With Ad Consent
Andreessen Horowitz Bets $2.2B on Crypto’s Quiet Cycle
Cathie Wood Calls SpaceX IPO Demand ‘Voracious’ Ahead Of $1.75T Debut
Ghana CSA Plants Office In Ho As Volta Cybercrime Climbs
Hormuud Bets $19 Down Will Finally Pull Somalia Online
Google’s Buried Page Reveals 500 Niche Websites Still Making Cash
Apple Strikes Preliminary Deal For Intel To Make iPhone And Mac Chips
Metalenz Polar ID Hides Face Unlock Under OLED Smartphone Screens
Google AI Overviews Adds Subscribed Label, Reddit Quotes Inline
Asha Sharma Reshuffles Xbox Leadership In Race To Project Helix
Audible Faces Nationwide Class Action Over Expiring Credits
-
CRYPTO4 weeks agoAndreessen Horowitz Bets $2.2B on Crypto’s Quiet Cycle
-
CRYPTO3 weeks agoCathie Wood Calls SpaceX IPO Demand ‘Voracious’ Ahead Of $1.75T Debut
-
NEWS4 weeks agoGhana CSA Plants Office In Ho As Volta Cybercrime Climbs
-
APPS4 weeks ago
Google’s Buried Page Reveals 500 Niche Websites Still Making Cash
-
NEWS4 weeks agoHormuud Bets $19 Down Will Finally Pull Somalia Online
-
NEWS3 weeks agoApple Strikes Preliminary Deal For Intel To Make iPhone And Mac Chips
-
NEWS4 weeks agoMetalenz Polar ID Hides Face Unlock Under OLED Smartphone Screens
-
AI3 weeks agoGoogle AI Overviews Adds Subscribed Label, Reddit Quotes Inline