Google Just Built An HR System For Agents

9 min

•Apr 28, 2026about 1 month ago

Summary

Google retired Vertex AI and launched the Gemini Enterprise Agent Platform, a comprehensive control plane for managing AI agents at scale. The platform introduces identity, registry, access control, and observability systems—essentially an HR system for non-human workers. This shift reflects the enterprise AI market's maturation from building individual agents to governing fleets of them.

Insights

AI agent governance is now a critical enterprise infrastructure problem requiring identity, access control, audit trails, and performance monitoring—the same systems used for human employees
Most enterprises already have shadow agents running across multiple platforms (Zapier, Copilot, LangChain) with no central visibility or governance, creating security and compliance risks
The competitive battleground has shifted from model superiority to control plane dominance; Google's platform play positions it as the orchestration layer regardless of which AI model companies choose
Agent-to-agent protocols (A2A) enable cross-vendor interoperability in production, allowing Salesforce, Google, and ServiceNow agents to coordinate without knowing each other's internals
The containerization of agents (300 sandboxed agents per second on GKE) mirrors the application virtualization shift of 2015, compressing years of infrastructure evolution into a single product release

Trends

Enterprise AI governance becoming a board-level and CISO-level concern, not just a developer tool considerationShadow agent proliferation across departments creating unmanaged security and compliance risks similar to shadow SaaS in 2015Decoupling of model choice from infrastructure choice; enterprises can now select best-of-breed models while standardizing on a single control planeAgent identity and zero-trust verification becoming table stakes for enterprise AI platformsCross-vendor agent orchestration moving from research to production at scale (150 organizations running A2A v1)Rapid containerization and sandboxing of agents enabling massive parallel execution with isolation guaranteesControl plane commoditization risk; compute will become commodity but orchestration/governance layers will command premium pricingEnterprise AI adoption accelerating faster than governance frameworks can be built, creating compliance gapsAgent observability and simulation becoming critical for production safety and debuggingAnthropic's revenue model (80% enterprise API on Google Cloud infrastructure) revealing structural dependencies in the AI stack

Topics

AI Agent Identity and Authentication Enterprise AI Governance and Compliance Shadow Agent Inventory and Discovery Agent Access Control and Policy Enforcement Agent Observability and Monitoring Agent Simulation and Evaluation Cross-Vendor Agent Orchestration Zero-Trust Verification for AI Systems AI Agent Registry and Directory Services Prompt Injection Attack Prevention Agent Performance Review and Audit Trails Containerization and Sandboxing of Agents Enterprise AI Control Plane Strategy SPIFFE Standard for Agent Identity Agent-to-Agent Protocol (A2A)

Companies

Google

Retired Vertex AI and launched Gemini Enterprise Agent Platform with comprehensive agent governance, identity, and or...

Anthropic

Crossed $1B annualized revenue with 80% from enterprise API; largest Google Cloud TPU customer despite being Google's...

Salesforce

Referenced as example of agent that can orchestrate with other vendors' agents through A2A protocol in production

ServiceNow

Referenced as example of agent that can orchestrate with other vendors' agents through A2A protocol in production

Microsoft

Implied through Copilot reference as platform where enterprises are building shadow agents without central governance

LangChain

Referenced as framework where enterprises are building multiple shadow agents without central visibility or approval

LangGraph

Referenced as one of multiple agent frameworks that can interoperate through Google's A2A protocol

Crew AI

Referenced as one of multiple agent frameworks that can interoperate through Google's A2A protocol

Autogen

Referenced as one of multiple agent frameworks that can interoperate through Google's A2A protocol

Zapier

Referenced as platform where enterprises are building shadow agents without central governance

Kubernetes

Referenced for SPIFFE standard that Google adopted for agent identity, enabling integration with existing infrastructure

People

Stephen Forte

Host and primary analyst delivering the episode's analysis and recommendations

Sundar Pichai

Announced the shift from building individual agents to managing thousands at Google Cloud Next in Las Vegas

Thomas Kurian

Described agent identity system as zero trust verification at every orchestration step

Quotes

"the conversation has gone from can we build an agent to how do we manage thousands of them?"

Sundar Pichai•Google Cloud Next, Las Vegas

"Every agent has the equivalent of a badge that cannot be cloned cannot be shared and gets reissued daily"

Stephen Forte•Agent identity section

"The cloud platform decision and the model decision have decoupled. The fight is no longer about whose model is best. The fight is about whose control plane runs your agent fleet"

Stephen Forte•Platform strategy section

"Compute price will commoditize. Control plane will not."

Stephen Forte•Closing recommendations

"Most companies are about to discover they already have a shadow agent problem"

Stephen Forte•Shadow agent section

Full Transcript

Welcome to the AI Brief from the YPO Technology Network. I'm Stephen Forte. On today's episode, Google retired Vertex AI in a single afternoon, replaced it with something the company is calling mission control for the agentic enterprise, and in the process gave every AI agent inside an enterprise the same identity, directory listing, and audit trail your human employees have had since the 1990s. By the end of this, you will know what actually changed, why it is bigger than a rebrand, and the two questions to put to your CIO this week. Last week in Las Vegas at Google Cloud Next, Sundar Pichai walked on stage and said the line that frames the entire 2026 enterprise AI agenda. Quote, the conversation has gone from can we build an agent to how do we manage thousands of them? Then his team unveiled the product to back it up. The Gemini Enterprise Agent Platform, one unified environment for building, scaling, governing, and optimizing AI agents. Vertex AI, the platform Google has been building for half a decade, was retired the same morning. Not deprecated, retired. Today we are going to read it that way. As an HR system, because what Google shipped is not a developer tool. It is a personnel system for non-human workers. Here is why this matters to you specifically. If you have ever onboarded an employee, you know the drill. They get an identity. They get a directory entry so other people can find them. They get an access policy that defines what they can touch. They get a manager who watches their work. And they get a performance review. Every one of those exists for a reason. Because at scale, you cannot run a company on trust alone. You run it on systems. Until last week, the AI agents inside your company had none of those things. Now they do. Let me walk you through what Google actually shipped. in HR terms. First, the identity. Google built something called agent identity. Every agent on the platform is assigned a unique cryptographic identity based on the SPIFI standard with XMOIF 109 certificates that rotate every 24 hours Translated every agent has the equivalent of a badge that cannot be cloned cannot be shared and gets reissued daily. Thomas Kurian, who runs Google Cloud, called it zero trust verification at every orchestration step. Give them credit for that choice. SPIFI is the right standard. It is the same primitive Kubernetes uses for service identity, which means it slots into infrastructure your team already runs. Second, the directory. They shipped agent registry, which is essentially the yellow pages of every agent and every tool inside your environment. Who is this agent? What does it do? What can it call? Who owns it? If you have ever asked your IT team how many SaaS tools the company actually pays for and gotten a shrug, you understand why this matters. The registry is what turns an unknown population into an inventory. Third, the access control agent gateway sits between the agents and everything else they want to touch. Google described it as air traffic control. It enforces policy. It blocks prompt injection attacks. It stops data leaks. Same idea as the firewall sitting between your employees and the open internet. Except this firewall is built for entities that move at machine speed and ask for things in natural language. Fourth, the performance review. They shipped agent simulation, agent evaluation, and agent observability. Simulation lets you stress test an agent against thousands of synthetic users before you let it touch a real customer. Evaluation scores it in production. Observability gives you the open telemetry trace of every step the agent reasoned through. So when an agent does something stupid, and they will, you can pull the equivalent of a security camera replay and see exactly which decision went wrong. So agent identity, agent registry, agent gateway, plus simulation, evaluation, observability, that is the HR system. Build, scale, govern, optimize. Those are Google's four words, but the better way to remember it is hire, deploy, supervise, review. You might think this is just a Vertex rebrand. It is not, and here is why. The numbers Google disclosed last week tell you the agent economy is no longer a 2027 forecast Gemini Enterprise grew 40 quarter over quarter in paid monthly active users Eight million seats are now live across 2,800 enterprises. The agent-to-agent protocol they shipped, called A2A Version 1, is in production at 150 organizations and lets agents on completely different frameworks, LangGraph, Crew AI, Autogen, hand off tasks to each other without knowing each other's internals. A Salesforce agent can call a Google agent that calls a ServiceNow agent across vendors. Real production traffic today. One more number because it lands the point. Google Kubernetes engine now spins up 300 sandboxed agents per second per cluster with G-Visor isolation. That is not a research demo. that is the containerization moment for agents. The same shift that happened to applications around 2015, except compressed into one product release. Picture a $400 million industrial distributor in Ohio. The CFO has an agent reconciling invoices. Marketing has three agents pulling competitive intel. The service desk has an agent triaging tickets. Engineering has two agents writing internal tools. Procurement has one watching commodity prices. None of them know about each other. None of them are in a registry. The CFO does not know the marketing agents exist. The CISO does not know any of them exist. Every one of them has access to a different slice of customer data. Here is my read. Most companies are about to discover they already have a shadow agent problem. Marketing built one in Zapier. Finance built one in Copilot. Engineering built three in Langchain. Nobody can name them all. Google did not invent that problem last week. The problem already existed. Google just made it visible by shipping the system that requires you to inventory, identify, and govern every one of them, which means your CIO is about to get the same uncomfortable question your CISO got in 2015 about shadow SaaS. How many of these are running and who approved them Before I get to what to do about it one final piece of evidence The agent layer is the new platform fight And this is the structural reveal of this episode Anthropic crossed billion in annualized revenue in April. 80% of that revenue is enterprise API. Most of that compute runs on Google Cloud TPUs. Anthropic, the company building the model many of your teams are betting on, is now Google Cloud's largest TPU customers. Sit with that for a second. Google's most direct AI model competitor is also Google's biggest infrastructure customer. The cloud platform decision and the model decision have decoupled. The fight is no longer about whose model is best. The fight is about whose control plane runs your agent fleet, regardless of whose model you choose. Google just made the most credible bid yet to be that control plane, and they did it the same week they signed up the competitor's revenue. If I were sitting in your seat this quarter, I'd do two things. First, run an agent inventory before your board asks for one, not a project, not a committee, a list, names, owners, what they touch, what they can call. If your CIO cannot produce that list inside two weeks, that is itself the answer. Second, do not let the control plane decision get made by whoever has the loudest cloud bill. Pick it the way you would pick an HRIS for governance, audit, identity, and the safety of the people relying on the data inside it. Compute price will commoditize. Control plane will not. One CEO mirror question to leave you with. Could you today name every agent already running inside your company? Not approve, not audit, just name. If the answer is no, and for almost every company listening, it will be, then the most expensive thing you can do this quarter is wait for the registry to fill itself in. The compute will commoditize. The control plane will not. That is the YPO Tech Network AI Brief for Tuesday, April 28th. I am Stephen Forte. If this was useful, send it to a fellow member. I will be back Wednesday with more. Until then, stay sharp.