Broadcom Launches Zero-Trust Runtime for AI Agents

Broadcom has introduced a new secure runtime environment designed to bring autonomous AI applications into governed enterprise production. The offering, VMware Tanzu Platform agent foundations, extends the established code-to-production simplicity of the Tanzu Platform to the world of AI agents. This move aims to help organizations transition from isolated pilot projects to scalable, secure deployments on VMware Cloud Foundation (VCF), providing a unified operational model for both traditional and AI-driven workloads.

The shift from experimental AI to enterprise-grade systems demands robust governance and operational control. Traditional platforms often fall short when AI agents take on tasks involving software execution and autonomous decision-making. Companies frequently find their AI initiatives trapped in silos, disconnected from vital business data and core IT management tools. This new platform addresses that gap by delivering a pre-engineered Platform as a Service (PaaS) environment specifically for AI agents, built directly on the trusted VCF infrastructure layer. This allows platform engineering teams to manage AI services using the same familiar tools they employ for other critical applications, without requiring deep specialization in AI or data science.

Security is foundational to the design. The agentic runtime enforces a strict, deny-by-default contract between developers and infrastructure, ensuring agents operate strictly within their authorized parameters. This is achieved through several key innovations. An immutable supply chain utilizes trusted Buildpacks to automatically build, patch, and verify agent containers, removing the risks associated with unverified code and potential embedded malware. Structural secrets isolation prevents agents from accessing each other’s credentials during runtime, effectively blocking lateral movement attacks; this protection is extended across infrastructure and external SaaS connections through integration with VMware vDefend. Furthermore, zero-trust networking and sandboxing impose predefined resource limits to contain runaway processes. Connectivity is never open by default, with access explicitly granted only through secure service bindings, stopping agents from wandering into unauthorized data.

For developers, the platform accelerates time-to-value. Teams can begin quickly using a pre-built agent framework, with governed access to models, Model Context Protocol (MCP) servers, and curated marketplace services provided by the IT organization. Integrated, enterprise-ready data services are available, including VMware Tanzu for Postgres with pgvector, alongside caching, streaming, and AI memory services from Spring AI.

Managing agents at scale is streamlined for day-two operations. The foundations programmatically leverage VCF IaaS APIs to abstract infrastructure complexity, ensuring agents and their dependent services have the necessary compute, networking, and storage resources. It utilizes VMware vSphere Kubernetes Service (VKS) to deliver scalable marketplace services. The environment features an elastic infrastructure that automatically scales resources up and down to optimize cost and performance for both short-lived and long-running agents. It also provides four layers of high availability with self-healing capabilities to maintain the resilience of mission-critical autonomous applications. A centralized AI gateway offers control over tool and model availability, usage, costs, and safety filters across both public and private models hosted on VCF.

Industry voices highlight the platform’s strategic importance. “Agentic application development is evolving fast,” said Purnima Padmanabhan, General Manager of the Tanzu Division at Broadcom. “Tanzu Platform agent foundations give you a quick start to move your agentic ideas into production today on a modern private cloud with VMware Cloud Foundation 9.”

Security concerns are a major barrier to adoption, particularly in regulated sectors. “Because of MomentumAI’s deep roots in mission-critical VCF and Tanzu Platform environments, we recognize the value of extending the benefits of a private cloud PaaS to agentic applications,” stated Joe Fitzgerald, CEO of MomentumAI. “Together with VCF and Tanzu, MomentumAI can provide a secure-by-default runtime with the reliability and governance capabilities our customers need to de-risk agentic applications.”

The need for a guided path forward is clear. “Outside of the tech industry organizations struggle with how to get started with agentic AI. We see a real need for guidance, frameworks, and SDKs,” concluded Matthew Flug, IDC Research Manager for Intelligent Application Modernization & Deployment Platforms. “With this new release, Tanzu Platform can help these organizations move from a crawl phase to a walk phase, ensuring they can leverage executive buy-in that translates into scalable, value-generating agentic AI.”