Anthropic and Nvidia Launch Zero-Trust Architectures for AI Agents

Anthropic and Nvidia have released competing zero-trust security architectures designed to isolate AI agent credentials from untrusted code execution. Anthropic's Managed Agents, launched April 8 in public beta, splits agents into three isolated components. A brain handles reasoning, hands execute code in disposable Linux containers, and a session maintains an append-only event log. OAuth tokens and API credentials never enter the execution sandbox. Instead, session-bound tokens are sent to a dedicated proxy that fetches real credentials from an external vault. Anthropic reports the design reduced median time-to-first-token Nvidia's NemoClaw, released March 16 in early preview, stacks five enforcement layers around the agent. The architecture uses Landlock, seccomp, and network namespace isolation at the kernel level. Default-deny outbound networking requires explicit operator approval via YAML-based policy. A real-time Terminal User Interface logs every action, network request, and blocked connection for complete audit trails. Research from the Cloud Security Alliance presented at RSAC found that 79 percent of organizations already use AI agents, but only 14.4 percent report full security approval for their entire agent fleet. A CSA survey found that 68 percent cannot distinguish agent activity from human activity in their logs. The architectures differ in credential proximity. Anthropic structurally removes credentials from the blast radius. NemoClaw gates credentials through policy layers. Both approaches address the default monolithic pattern where agents hold OAuth tokens, API keys, and git credentials in the same environment where they execute generated code. Pricing for Anthropic's Managed Agents is $0.08 per session-hour of active runtime plus standard API token costs. NemoClaw is available as an open-source early preview.