Enterprise AI governance moves from theory to budget line
Enterprise AI governance is the discipline of controlling how AI systems, agents, and identities access data, make decisions, and leave audit trails across complex organisations. It spans identity governance, AI agent oversight, and autonomous agent security, tying together technical controls, policies, and monitoring tools so leaders can prove who did what, when, and with which permissions. That once-abstract concern is rapidly becoming a budgeted priority. New funding for Willow, Opal Security, and Zaro reveals how investors see the same pattern: enterprises are deploying AI agents and automation faster than they can control or audit them. The risk is no longer hypothetical. Companies report agent-related incidents, over-scoped credentials, and fragmented workflows that make it hard to track responsibility. As AI systems run continuously in the background, governance is evolving from compliance checkbox to operational necessity.
Willow targets autonomous agent security and access controls
Willow focuses on autonomous agent security by building an agentic access governance layer that sits between AI tools and enterprise systems. Its USD 7 million (approx. RM32.2 million) seed round is aimed at giving organisations visibility and granular control over how AI agents connect to internal tools such as Claude, ChatGPT, Gemini, and developer environments like Cursor and Codex. According to Willow, 79% of companies have introduced AI agents and 73% run multi-agent systems, yet 65% reported AI agent-related incidents in the past 12 months. Willow’s response is to monitor which agents employees already use, detect risky or unauthorised integrations, and limit what actions each agent can perform. Co-founder and CEO Eyal Ben Ezra describes the platform as a third way between locking AI down and letting it run unchecked, giving security teams detailed oversight without blocking innovation.
Opal Security unifies identity governance for humans, services, and AI agents
Opal Security tackles identity governance by treating AI agents as first-class identities alongside humans and services. The company secured USD 23 million (approx. RM105.8 million) in new funding, bringing total funding to USD 59 million (approx. RM271.4 million), to expand its AI-native access governance platform. Opal brings agents into the same access graph, reviews, ownership structures, and policy-as-code workflows used for traditional identities. That unified model lets teams scope each identity to its task and shrink the blast radius when something fails. Opal’s Paladin AI engine analyses access requests at scale and passes only the riskiest decisions to humans. Customers such as Databricks, Notion, Cloudflare, and Scale AI use the platform to modernise their identity stack, with Databricks alone running 86,000 just-in-time access requests through Opal. The result is continuous oversight over both human and non-human actors in AI-heavy environments.
Zaro builds an AI-native workspace to connect data, tools, and agents
Zaro attacks a different governance gap: fragmented knowledge and context across AI tools. Backed with USD 5.1 million (approx. RM23.5 million) in pre-seed funding, the startup is building an AI-native workspace that connects enterprise data, workflows, decisions, and history into a shared context layer. AI agents, applications, and workflows operate on top of this layer so that information from one process can inform another, instead of being trapped in isolated tools. Co-founder and CEO Michael Bajwa notes that agents worked well in isolation but struggled together because “the intelligence never compounds because the context never carries over.” By pairing this context layer with application-building tools and a marketplace of pre-configured workflows, Zaro aims to help enterprises reuse institutional knowledge, reduce conflicting decisions, and maintain clearer audit trails as AI agents act across departments and systems.
Convergence of governance: from point tools to AI-native control planes
Taken together, Willow, Opal Security, and Zaro show how enterprise AI governance is shifting from scattered tools to AI-native control planes. Willow focuses on AI agent oversight and autonomous agent security, wrapping access controls around thousands of possible integrations. Opal Security extends identity governance to every identity—human, non-human, and agentic AI—while automating reviews and just-in-time permissions. Zaro adds a shared context layer that connects data and workflows so AI decisions can be traced and reused. The funding surge reflects growing concern over compliance, audit trails, and operational risk as autonomous systems become more complex and opaque. Enterprises are no longer content with basic AI experimentation; they want detailed control over who or what acts in their systems, how those actions are authorised, and how outcomes can be inspected when something goes wrong.
