The Announcement
Wallarm has launched the AI Control Platform, a unified architecture designed to bring runtime discovery, behavioral visibility, and inline policy enforcement to enterprise AI workloads. The platform is generally available on AWS Marketplace today, built in partnership with AWS, and is positioned as a foundational architecture that will expand through 2026. Two initial products ship at launch: AI Hypervisor, which traces AI agent behavior, model provider calls, and data access at runtime, and Infrastructure Discovery, which continuously maps AWS resources and surfaces Security Hub findings in context. With EU AI Act enforcement beginning in August 2026, Wallarm is framing this release as a compliance-readiness play as much as a security one.
The Bigger Picture
Enterprise AI Has a Governance Deficit
Enterprise AI adoption has accelerated well ahead of the organizational and technical infrastructure required to manage it responsibly. The figures Wallarm cites in its launch materials paint an uncomfortable picture: nearly 80% of organizations have experienced data incidents involving generative AI, and nearly three-quarters of corporate AI tools in active use are rated high or critical risk. These are not edge cases. They reflect a structural gap between the speed of AI deployment and the maturity of AI governance.
That gap is amplified by how enterprises actually adopt AI today. According to ECI Research’s 2025 AI Builder Summit survey, half of enterprise AI leaders say their organizations still rely primarily on public AI tools like ChatGPT or Copilot. That stat is telling: a meaningful share of enterprise AI usage is happening through tools that were never designed for enterprise governance, audit trails, or policy enforcement. Wallarm’s platform is built precisely for the moment when organizations move from opportunistic AI experimentation to production-scale deployment, which is exactly the transition the market is navigating right now.
What This Means for ITDMs
For CIOs and CISOs, the core value proposition here is closing the gap between AI deployment and AI governance without making security the bottleneck. That’s a meaningful distinction. Most security-first approaches to AI governance either slow deployment through manual review cycles or produce alerts that security teams can’t act on in real time. Wallarm’s closed-loop architecture, which connects discovery to behavioral observation to inline enforcement, is designed to make continuous governance a runtime property rather than a periodic audit exercise.
The EU AI Act compliance angle strengthens the business case materially. Organizations operating in regulated industries that cannot demonstrate auditable AI governance by August 2026 face real legal exposure. The AI Hypervisor’s continuous compliance evidence generation, specifically designed to satisfy EU AI Act and SOC 2 requirements, converts what might otherwise be a discretionary security investment into a compliance-driven procurement decision. That changes the buying dynamic considerably.
The AWS Marketplace availability matters here too. It could reduce procurement friction and allow organizations to apply existing AWS committed spend toward Wallarm’s platform. For enterprises that have already made large AWS commitments, that’s a practical accelerant to adoption.
The economics of agentic AI also create urgency that wasn’t present in earlier AI cycles. ECI Research’s 2025 AI Builder Summit survey found that two-thirds of enterprise AI leaders have already implemented multi-agent collaboration in live or pilot workflows. As agent-to-agent interactions proliferate, the attack surface expands in ways that traditional perimeter security models simply weren’t designed to address. Wallarm’s end-to-end session tracing, which follows every interaction from initial prompt through model and tool calls and back to the user, is architected for this new interaction model.
What This Means for Developers and Platform Engineers
From a technical standpoint, the most significant design choice Wallarm has made is the no-code-change deployment model. AI Hypervisor operates from runtime behavior without requiring per-container agents or modifications to application code. That removes a primary adoption barrier for development teams that are already managing significant infrastructure complexity.
For platform engineers running AI workloads on Kubernetes, the ability to get runtime visibility into what AI services are actually doing, which model providers they’re calling, what data they’re accessing, and what’s leaving the environment, without instrumenting each workload individually, is useful. The cost attribution capability, which maps AI usage back to the team or user driving it, aims to address a FinOps problem that organizations running large-scale AI workloads are beginning to feel acutely.
The Infrastructure Discovery component’s relationship graph approach, continuously mapping AWS resources and their dependencies while placing Security Hub findings directly on the affected assets, responds to a real operational challenge. Security findings divorced from infrastructure context are slow to act on. Placing them in the live asset graph accelerates triage.
Developers should note that the platform is explicitly positioned as a foundation for expanding capabilities through 2026. Specific upcoming functionality beyond the two launch products was not disclosed. Teams evaluating Wallarm today are partly betting on roadmap, which merits scrutiny during any procurement process.
Competitive Positioning
Wallarm is entering a space that is attracting significant attention from both established security vendors and a growing cohort of AI-native entrants. What differentiates the Wallarm approach is the integration of API security and AI security into a single enforcement plane. Most existing approaches treat these as separate problems: API gateways handle API traffic, and AI security tools address model behavior and prompt injection. Wallarm’s argument is that separating them creates blind spots, because AI agents increasingly interact with external systems through APIs, and those interactions are where data exfiltration risks often materialize.
Looking Ahead
The Governance Layer Becomes Mandatory Infrastructure
The broader trajectory here is clear: AI governance is moving from a best practice to a mandatory infrastructure layer for enterprise AI. The EU AI Act deadline in August 2026 is the near-term forcing function for European operations, but similar regulatory pressure is building in other jurisdictions, and enterprise risk and compliance teams are increasingly treating AI governance requirements as non-negotiable regardless of geography.
ECI Research’s 2025 AI Builder Summit survey found that 44% of enterprise AI leaders have only moderate confidence that AI agents can act autonomously without human intervention. That figure signals that the market has not yet resolved the trust problem at the core of autonomous AI deployment. Platforms that provide continuous behavioral visibility and inline enforcement, rather than relying on pre-deployment reviews or post-incident analysis, are well positioned as that trust gap narrows.
What to Watch Through 2026
Wallarm has explicitly committed to expanding the AI Control Platform’s capabilities through 2026. The areas most worth watching are how the platform handles multi-cloud environments beyond AWS, how it scales to address agent-to-agent workflows as those patterns mature, and whether the compliance evidence generation expands to cover regulatory frameworks beyond EU AI Act and SOC 2. Organizations evaluating the platform today should probe those roadmap commitments directly rather than assuming them.
For ITDMs: the question is no longer whether AI governance infrastructure is necessary. It is whether you build it before or after a material incident forces the decision. Wallarm’s launch makes the case for before.
Stay Ahead of Application Development Trends
Get weekly analyst insights, research notes, event coverage, and AppDevANGLE updates delivered directly to your inbox.
Subscribe for Weekly Insights
Join technology leaders, practitioners, and GTM teams following the trends shaping modern software delivery.
Looking for deeper research access?
Explore ECI Research reports, survey insights, and market analysis through the ECI Research Portal.
