Data security company Fortanix Inc. announced a new joint solution with NVIDIA: a turnkey platform that allows organizations to deploy agentic AI within their own data centers or sovereign environments, backed by NVIDIAβs "confidential computing" GPUs.
βOur goal is to make AI trustworthy by securing every layerβfrom the chip to the model to the data," said Fortanix CEO and co-founder Anand Kashyap, in a recent video call interview with VentureBeat. "Confidential computing gives you that end-to-end trust so you can confidently use AI with sensitive or regulated information.β
The solution arrives at a pivotal moment for industries such as healthcare, finance, and government β sectors eager to embrace AI but constrained by strict privacy and regulatory requirements.
Fortanixβs new platform, powered by NVIDIA Confidential Computing, enables enterprises to build and run AI systems on sensitive data without sacrificing security or control.
βEnterprises in finance, healthcare and government want to harness the power of AI, but compromising on trust, compliance, or control creates insurmountable risk,β said Anuj Jaiswal, chief product officer at Fortanix, in a press release. βWeβre giving enterprises a sovereign, on-prem platform for AI agentsβone that proves whatβs running, protects what matters, and gets them to production faster.β
Secure AI, Verified from Chip to Model
At the heart of the FortanixβNVIDIA collaboration is a confidential AI pipeline that ensures data, models, and workflows remain protected throughout their lifecycle.
The system uses a combination of Fortanix Data Security Manager (DSM) and Fortanix Confidential Computing Manager (CCM), integrated directly into NVIDIAβs GPU architecture.
βYou can think of DSM as the vault that holds your keys, and CCM as the gatekeeper that verifies whoβs allowed to use them," Kashyap said. "DSM enforces policy, CCM enforces trust.β
DSM serves as a FIPS 140-2 Level 3 hardware security module that manages encryption keys and enforces strict access controls.
CCM, introduced alongside this announcement, verifies the trustworthiness of AI workloads and infrastructure using composite attestationβa process that validates both CPUs and GPUs before allowing access to sensitive data.
Only when a workload is verified by CCM does DSM release the cryptographic keys necessary to decrypt and process data.
βThe Confidential Computing Manager checks that the workload, the CPU, and the GPU are running in a trusted state," explained Kashyap. "It issues a certificate that DSM validates before releasing the key. That ensures the right workload is running on the right hardware before any sensitive data is decrypted.β
This βattestation-gatedβ model creates what Fortanix describes as a provable chain of trust extending from the hardware chip to the application layer.
Itβs an approach aimed squarely at industries where confidentiality and compliance are non-negotiable.
From Pilot to ProductionβWithout the Security Trade-Off
According to Kashyap, the partnership marks a step forward from traditional data encryption and key management toward securing entire AI workloads.
Kashyap explained that enterprises can deploy the FortanixβNVIDIA solution incrementally, using a lift-and-shift model to migrate existing AI workloads into a confidential environment.
βWe offer two form factors: SaaS with zero footprint, and self-managed. Self-managed can be a virtual appliance or a 1U physical FIPS 140-2 Level 3 appliance," he noted. "The smallest deployment is a three-node cluster, with larger clusters of 20β30 nodes or more.β
Customers already running AI modelsβwhether open-source or proprietaryβcan move them onto NVIDIAβs Hopper or Blackwell GPU architectures with minimal reconfiguration.
For organizations building out new AI infrastructure, Fortanixβs Armet AI platform provides orchestration, observability, and built-in guardrails to speed up time to production.
βThe result is that enterprises can move from pilot projects to trusted, production-ready AI in days rather than months,β Jaiswal said.
Compliance by Design
Compliance remains a key driver behind the new platformβs design. Fortanixβs DSM enforces role-based access control, detailed audit logging, and secure key custodyβelements that help enterprises demonstrate compliance with stringent data protection regulations.
These controls are essential for regulated industries such as banking, healthcare, and government contracting.
The company emphasizes that the solution is built for both confidentiality and sovereignty.
For governments and enterprises that must retain local control over their AI environments, the system supports fully on-premises or air-gapped deployment options.
Fortanix and NVIDIA have jointly integrated these technologies into the NVIDIA AI Factory Reference Design for Government, a blueprint for building secure national or enterprise-level AI systems.
Future-Proofed for a Post-Quantum Era
In addition to current encryption standards such as AES, Fortanix supports post-quantum cryptography (PQC) within its DSM product.
As global research in quantum computing accelerates, PQC algorithms are expected to become a critical component of secure computing frameworks.
βWe donβt invent cryptography; we implement whatβs proven,β Kashyap said. βBut we also make sure our customers are ready for the post-quantum era when it arrives.β
Real-World Flexibility
While the platform is designed for on-premises and sovereign use cases, Kashyap emphasized that it can also run in major cloud environments that already support confidential computing.
Enterprises operating across multiple regions can maintain consistent key management and encryption controls, either through centralized key hosting or replicated key clusters.
This flexibility allows organizations to shift AI workloads between data centers or cloud regionsβwhether for performance optimization, redundancy, or regulatory reasonsβwithout losing control over their sensitive information.
Fortanix converts usage into βcredits,β which correspond to the number of AI instances running within a factory environment. The structure allows enterprises to scale incrementally as their AI projects grow.
Fortanix will showcase the joint platform at NVIDIA GTC, held October 27β29, 2025, at the Walter E. Washington Convention Center in Washington, D.C. Visitors can find Fortanix at booth I-7 for live demonstrations and discussions on securing AI workloads in highly regulated environments.
About Fortanix
Fortanix Inc. was founded in 2016 in Mountain View, California, by Anand Kashyap and Ambuj Kumar, both former Intel engineers who worked on trusted execution and encryption technologies. The company was created to commercialize confidential computingβthen an emerging conceptβby extending the security of encrypted data beyond storage and transmission to data in active use, according to TechCrunch and the companyβs own About page.
Kashyap, who previously served as a senior security architect at Intel and VMware, and Kumar, a former engineering lead at Intel, drew on years of work in trusted hardware and virtualization systems. Their shared insight into the gap between research-grade cryptography and enterprise adoption drove them to found Fortanix, according to Forbes and Crunchbase.
Today, Fortanix is recognized as a global leader in confidential computing and data security, offering solutions that protect data across its lifecycleβat rest, in transit, and in use.
Fortanix serves enterprises and governments worldwide with deployments ranging from cloud-native services to high-security, air-gapped systems.
"Historically we provided encryption and key-management capabilities," Kashyap said. "Now weβre going further to secure the workload itselfβspecifically AIβso an entire AI pipeline can run protected with confidential computing. That applies whether the AI runs in the cloud or in a sovereign environment handling sensitive or regulated data.
