Two Submissions, One Mission
In 2025-2026, NIST issued two separate calls for input on AI agent governance:
- NIST-2025-0035: AI Agent Security — how should autonomous AI agents be secured in enterprise environments?
- NCCoE Agent Identity & Authorization — how should AI agents be identified, authenticated, and authorized?
We submitted detailed responses to both. Not because we had to. Because we could.
What We Submitted
Submission 1: AI Agent Security (NIST-2025-0035)
Our response addressed agent identity, authorization, tool governance, audit logging, and multi-agent security boundaries. Every recommendation was grounded in JieGou’s production infrastructure — not theoretical frameworks, but systems running in enterprise environments.
Key areas covered:
- Agent identity and authentication (SSO/SAML/OIDC)
- Tool governance and sandboxing (245 governed MCP servers)
- Multi-agent security boundaries (cascading hierarchy controls)
- Audit logging with tamper-evident records
This submission is confirmed on Regulations.gov.
Submission 2: Agent Identity & Authorization (NCCoE)
Our NCCoE response covered all 6 question categories in the concept paper, grounded in JieGou’s production agent identity infrastructure:
- SSO/SAML/OIDC integration for agent authentication
- 6-role RBAC with 20 granular permissions
- Tool approval gates with configurable policies
- Cascading agent hierarchy for multi-agent deployments
- Shared memory isolation between agent instances
- Comprehensive audit logging across all agent actions
Why This Matters
For Enterprise Procurement
NIST alignment is increasingly referenced in federal contracts, government-adjacent RFPs, and enterprise procurement criteria. Having verifiable NIST submissions — not just claims of alignment — provides procurement teams with evidence they can independently verify.
For the Industry
NIST standards shape how the U.S. government defines AI agent governance requirements. These standards cascade into enterprise compliance frameworks, industry certifications, and regulatory expectations. By participating in the standards-making process, we help ensure that agent governance requirements reflect production realities.
For Competitive Credibility
No other AI agent platform — not OpenAI/Frontier, not Salesforce, not ServiceNow, not Microsoft, not CrewAI, not LangGraph — has submitted to either NIST call. JieGou has submitted to both.
This isn’t a claim that can be retroactively matched. NIST RFI comment periods close permanently. The submissions are public records. This moat only strengthens with time.
The Governance Stack Behind the Submissions
Every NIST focus area maps to production governance infrastructure:
| NIST Focus Area | JieGou Governance Layer |
|---|---|
| Agent Identity | Layer 1: Identity (SSO/SAML/OIDC) |
| Authorization | Layer 2: RBAC (6 roles, 20 permissions) |
| Tool Governance | Layer 3: Tool Approval Gates |
| Escalation Controls | Layer 4-5: Trust Escalation + Approval Workflows |
| Multi-Agent Security | Layer 6-7: Agent Hierarchy + Memory Isolation |
| Audit & Traceability | Layer 8: Audit Logging (tamper-evident) |
| Policy Enforcement | Layer 9-10: Compliance Policies + Department Scoping |
| Quality Monitoring | Layer 10: Quality Monitoring + GovernanceScore |
What Comes Next
These submissions are the beginning, not the end. As NIST develops AI agent governance standards, JieGou will continue to participate in the standards-making process. Our goal: ensure that the standards governing AI agents reflect the depth required for enterprise deployment.
View the NIST Submissions page. Explore the 10-Layer Governance Stack. Calculate your GovernanceScore.