NVIDIA and ServiceNow announced an expanded collaboration to deliver autonomous AI agents for enterprise environments, with ServiceNow introducing Project Arc — a self-evolving desktop agent designed for knowledge workers including developers and IT teams. The partnership combines NVIDIA’s accelerated computing infrastructure with ServiceNow’s AI Control Tower governance framework.
According to NVIDIA’s announcement, Project Arc connects natively to the ServiceNow AI Platform through Action Fabric to provide governance, auditability and workflow intelligence for every autonomous desktop agent action. The system can access local file systems, terminals and installed applications on user machines.
Enterprise AI Infrastructure Demands Scale
The shift from AI experimentation to production deployment is creating new infrastructure requirements across industries. VentureBeat reported that organizations are moving beyond pilots and proofs of concept to deploy AI across real workloads for actual business users.
“AI in general is shifting everything we do, not only in technology, but across all vertical industries, from regulated industries like banking, health care, government, education to non-regulated industries like manufacturing and retail,” Tarkan Maner, president and chief commercial officer at Nutanix, told VentureBeat.
The transition presents practical challenges. Thomas Cornely, EVP of product management at Nutanix, explained the complexity: “It’s one thing to do an experiment, to do a prototype. It’s a different thing to take that prototype and deploy it for 10,000 employees.”
Agentic AI Creates New Operational Complexity
Agentic AI systems introduce multi-step workflows across applications and data sources with autonomous capabilities that create unprecedented operational demands. Enterprises must now manage multiple agents running simultaneously, handle unpredictable real-time workloads, and coordinate infrastructure access across teams.
“We went from people focusing on training models to chatbots to now doing agents, where the demand and pressures on AI infrastructure are growing exponentially,” Cornely said.
The ServiceNow-NVIDIA partnership addresses these challenges by providing specialized autonomous agents with built-in safety controls and enterprise-grade governance. The collaboration spans the full technology stack, combining NVIDIA’s accelerated computing with ServiceNow’s workflow context and AI governance capabilities.
Security Training Platform Raises $3 Million
San Francisco-based Herd Security raised $3 million in funding led by Aspiron Ventures to expand its AI-powered security training platform. According to SecurityWeek, the company’s agentic AI solution provides continuous security training and simulation that adapts to evolving threat landscapes.
Herd’s platform enables security and GRC teams to deliver interactive microlessons across Slack, Teams, and learning management systems. The solution parses imported policies, security data, and compliance frameworks to generate micro-training content based on organizational needs and active threats.
“Threats evolve daily, and organizations aren’t equipping security professionals with the tools to turn what they know into relevant programs that engage employees when it matters most,” said Brandon Min, Herd Security co-founder and CEO.
The funding will support expansion into HR and AI training categories, optimization of video generation capabilities, and growth of Herd’s partnership ecosystem.
Critical MCP Vulnerability Affects 200,000 Servers
Researchers at OX Security discovered a systemic vulnerability in Anthropic’s Model Context Protocol (MCP) that affects an estimated 200,000 server instances globally. VentureBeat reported that MCP’s STDIO transport executes any operating system command without sanitization or execution boundaries.
The architectural flaw allows arbitrary command execution through MCP’s default connection method for AI agents communicating with local tools. OX Security researchers confirmed the vulnerability across six live production platforms with paying customers and identified over 10 CVEs rated high or critical.
Affected platforms include LiteLLM, LangFlow, Flowise, Windsurf, Langchain-Chatchat, Bisheng, DocsGPT, GPT Researcher, Agent Zero, and LettaAI. The researchers found 7,000 servers on public IPs with active STDIO transport and extrapolated the 200,000 total from that sample.
MCP serves as the open standard for AI agent-to-tool communication, adopted by OpenAI in March 2025 and Google DeepMind subsequently. Anthropic donated the protocol to the Linux Foundation in December 2025 after downloads exceeded 150 million.
What This Means
The convergence of enterprise AI agent deployment and security concerns highlights the critical infrastructure challenges facing organizations scaling AI beyond experimentation. While partnerships like NVIDIA-ServiceNow address governance and operational complexity, the MCP vulnerability demonstrates how rapidly adopted AI standards can introduce systemic security risks across the ecosystem.
Enterprise AI adoption is accelerating despite these challenges, with companies prioritizing governance frameworks and security training platforms to manage autonomous agent deployments. The $3 million investment in Herd Security reflects growing demand for AI-powered security solutions that can adapt to evolving threats at enterprise scale.
The MCP vulnerability particularly underscores the need for security-first approaches in AI infrastructure development, as open standards gain widespread adoption before comprehensive security reviews.
FAQ
What is ServiceNow Project Arc and how does it work with NVIDIA?
Project Arc is ServiceNow’s autonomous desktop agent for knowledge workers that connects to the ServiceNow AI Platform through Action Fabric. The NVIDIA partnership provides accelerated computing infrastructure while ServiceNow’s AI Control Tower ensures governance and auditability for agent actions.
How serious is the MCP vulnerability discovered by OX Security?
The vulnerability affects an estimated 200,000 MCP server instances globally and allows arbitrary command execution without sanitization. It has generated over 10 high or critical CVEs across major AI platforms including LiteLLM, LangFlow, and Windsurf.
Why are enterprises struggling to scale AI from pilots to production?
Moving from AI experimentation to production requires managing multiple autonomous agents simultaneously, handling unpredictable real-time workloads, and coordinating infrastructure access across teams. The complexity grows exponentially as organizations deploy agents for thousands of employees rather than small pilot groups.
Related news
- NVIDIA Isaac GR00T N1.7: Open Reasoning VLA Model for Humanoid Robots – HuggingFace Blog
- Managing cyber security risk in the AI and post-quantum era – KPMG – Google News – AI Security
- Nvidia Stock Is Having a Great Day. It’s Still One of the Year’s Worst Chip Stocks. – Barron’s – Google News – NVIDIA
