Enigma AI Secures Asset-to-Asset Communication with Trust Governance

For years, enterprise security has focused heavily on the perimeter and user access, yet a critical vulnerability has remained largely unaddressed: the implicit trust governing communication between internal systems. Enigma Networks has announced the general availability of its Internal Trust Governance platform, Enigma AI, designed to systematically close this gap. The platform introduces a new control plane for zero trust, moving beyond simple detection to continuously determine and validate which asset-to-asset communications are both necessary and safe across an organization’s network.

The company’s leadership points to a historical oversight in cybersecurity strategy. “After decades perfecting identity governance for users, internal networks continue to operate largely on blind trust,” stated Bob Moul, CEO of Enigma Networks. He draws a direct parallel to the evolution of Identity and Access Management (IAM), which became essential for securing user access. “Every enterprise has IAM. Now they need Enigma AI to close the final gap in zero trust,” Moul emphasized. This addresses a core weakness where, after an initial breach, attackers can move laterally with ease due to over-permissive internal trust relationships.

This internal network blind spot is increasingly untenable. The cybersecurity industry is shifting from a “prevent breach” to an “assume breach” mindset, and regulators are demanding proof of effective internal controls. Traditional security tools like segmentation and network detection often fall short because they enforce static rules or compare traffic to historical baselines. The fundamental flaw is that these tools detect deviation but never question whether a communication should exist in the first place. If the baseline itself is permissive, normal activity and dangerous exposure become indistinguishable.

Enigma AI was built to make that critical determination. Instead of asking if traffic looks unusual, it continuously evaluates whether observed behavior aligns with an asset’s defined purpose. At its core is a continuously learned trust model of the internal network. This model maps assets, communication paths, and expected behaviors to validate trust relationships. The platform then drives enforcement through integrations with existing security controls. Its lightweight, agentless architecture aims to provide governance without operational friction, moving beyond mere alerts to actionable insight.

The introduction of this platform represents what Enigma calls the completion of a zero trust architecture. The first two established layers are identity governance (IAM) and access governance (via tools like Zero Trust Network Access). The new, essential third layer is internal network governance, or what the company terms ZTNX. This layer governs the majority of enterprise network traffic, asset-to-asset communication, which has historically operated on implicit, unexamined trust and is the primary terrain attackers exploit.

Mark Viglione, CTO of Enigma Networks, explained the driving motivation behind the platform’s development. “I spent years watching security teams drowning in network telemetry but starving for actual insight,” he said. Existing tools generated endless logs and alerts but failed to answer the most fundamental question for security leaders and regulators: which internal communications should be trusted? “That frustration drove us to build Enigma AI – a platform that finally delivers governance, not just data,” Viglione concluded. The platform systematically determines legitimacy based on what assets are and what they are designed to do.

(Source: HelpNet Security)