The Control Plane Question:
Governance, Action Fabric, and Who Governs Enterprise Agents

ServiceNow's Knowledge 2026 conference in Las Vegas was the defining enterprise AI event of the week, and arguably the most significant product moment the company has staged in its history. The centrepiece was a substantial expansion of the Autonomous Workforce, ServiceNow's suite of AI specialists designed to complete entire business processes without human involvement. The new specialists span IT operations, site reliability, customer relationship management, HR, finance, legal, procurement, security, and risk. These are not chatbots that hand work back to a human. They are role-scoped agents with defined permissions, embedded in the workflows enterprises already run on ServiceNow's platform. Early deployment numbers from production customers are material: ServiceNow's own internal IT specialist resolves service desk cases 99% faster than human agents. Docusign is targeting autonomous resolution of 90% of all IT tickets. The city of Raleigh reports a 98% deflection rate on employee requests, saving a full month of staff time.

The more strategically significant announcement was the expansion of ServiceNow's AI Control Tower. First launched in 2025 as a visibility and management tool, it has now evolved into a genuine enforcement layer. It discovers, observes, governs, secures, and measures AI agents regardless of where they run, adding 30 new enterprise integrations across AWS, Google Cloud, Microsoft Azure, SAP, Oracle, and Workday. Real-time alerts have replaced periodic audits. Runtime behaviour monitoring, powered by the Traceloop acquisition, gives administrators live visibility into how agents reason and where they make decisions. Critically, the Control Tower can now shut down an agent with elevated permissions in real time. ServiceNow offered AI Control Tower free for one year to enterprises ready to deploy it, a stated value of two million dollars per deployment.

Microsoft brought Agent 365 to general availability for commercial customers this week, the same day it announced registry sync with AWS Bedrock and Google Cloud connections. IT teams can now automatically discover, inventory, and perform basic lifecycle governance across agents built on any of the three major cloud platforms. Policy-based controls and runtime blocking via Intune and Defender are entering public preview in June. The OpenAI Agents SDK also shipped two meaningful updates: native sandbox execution as a first-class primitive, removing the developer-configured runtime problem that caused production reliability failures, and a model-native agent control loop that keeps planning and tool selection inside the model's reasoning chain rather than a Python-side loop. The practical result is fewer malformed tool calls and better failure recovery for teams running agents in production.

The most consequential coding agent update this week was not a benchmark score. It was GitHub's move of secret scanning in the GitHub MCP server to general availability. When a developer or a coding agent generates code that contains an exposed API key, a database credential, or a private certificate, that code can now be scanned before it is committed or before a pull request opens. The feature works inside any MCP-compatible agent or IDE, including GitHub Copilot CLI and VS Code, and it honours existing push protection settings at the repository or organisation level. This closes a specific and costly failure mode: agent-generated code that looks correct but contains a leaked credential that surfaces in a security audit weeks later. The cost of that failure in a regulated industry is typically far higher than the cost of the tooling that prevents it.

GitHub also shipped its April and early May VS Code update, covering releases v1.116 through v1.119. Semantic search across workspaces and grep-style queries across GitHub repositories and organisations are now live, meaning a coding agent can search by meaning rather than by keyword across an entire codebase or organisation. An experimental feature called Chronicle lets developers query their own chat history to recall which files they touched, which decisions they made, and which pull requests they referenced in previous sessions. For teams where multiple developers use Copilot across a shared codebase, this represents a step toward institutional memory that persists beyond a single session. The update also delivered meaningful infrastructure improvements: smarter prompt caching, deferred tool loading, and purpose-built agentic tools that reduce token consumption without changing agent behaviour, which has direct cost implications for teams running Copilot at scale.

On the Claude Code side, the trajectory numbers from earlier in the year continue to frame the broader market picture. The tool reached a 46% "most loved" rating among developers surveyed in early 2026, against Cursor at 19% and GitHub Copilot at 9%. That is a rapid reversal from a year ago and reflects the tool's positioning around large-codebase reasoning, autonomous multi-file editing, and async Slack-based workflows that do not require a developer to be watching a terminal. For CTOs evaluating whether to increase AI tooling investment or add engineering headcount, the data point that matters is not the satisfaction score. It is the statistic that AI now generates 46% of all new code in professional projects, combined with a 55% productivity improvement in code output. The composition of your engineering team in two years will reflect whether you integrated these tools early or late.

Workday used Knowledge 2026 week to announce a substantial expansion of its AI agent capabilities across HR and finance systems. The headline product is Sana from Workday, now generally available as a conversational AI interface spanning both HR and finance data. Alongside it, Workday shipped specialised agents for payroll, financial auditing, planning, and contract negotiation, and added governed real-time SQL access to live Workday data for Databricks and Snowflake analytics users. For operations leaders who have been waiting for AI in HR and finance to graduate from chatbot to workflow automation, the Workday expansion is worth a serious evaluation. Sana is not a standalone product bolted on to the platform. It operates across the same data layer that Workday customers already use for employee records, compensation, and financial reporting.

In legal AI, Steno raised a growth round in a development that reinforces legal transcript analysis as one of the best-validated enterprise AI verticals of 2026. Steno operates as both a court reporting firm and a technology company, which gives its Transcript Genius product access to real litigation workflow data that pure-software competitors cannot replicate. The product uses generative AI to analyse transcripts, index testimony for search retrieval, and help legal teams build case strategy faster. For GCs and outside counsel, the business case is clear: faster transcript analysis and testimony indexing compresses discovery timelines, which is one of the largest controllable cost variables in litigation. Thousands of law firms use Steno monthly, and the funding round is pointed at penetrating deeper into the AmLaw 200.

In accounts receivable, Fazeshift raised a notable seed or Series A round this week, targeting a long-neglected corner of enterprise finance. Applying modern AI to legacy accounts receivable processes addresses a problem that most CFOs know exists but rarely has a dedicated software category. Automating the identification, chasing, and reconciliation of receivables can materially improve cash flow timing without adding headcount, which is one of the cleaner business cases in enterprise automation: the savings are direct and measurable within a quarter of deployment.

The most structurally significant orchestration development this week was not a new product. It was a pricing model. ServiceNow's Action Fabric, announced at Knowledge 2026, is a metered integration layer that external AI agents must pass through to access data and execute workflows inside the ServiceNow platform. Anthropic's Claude is the launch partner, with a direct connector to Action Fabric. The pricing is action-based: customers pay according to how many operations an AI agent completes via the layer. This is the first time a major enterprise platform has made action-based pricing explicit and public for external agent access. SAP moved in the same direction but took a stricter approach, updating its API policy to restrict third-party agent access outside of SAP-endorsed architectures. For enterprise procurement teams, this week marks the moment when agent-based pricing became a line item to model, not a future consideration.

Salesforce's Headless 360 announcement from TDX 2026, which continued to generate deployment activity and strategic commentary this week, represents the same structural shift from a different angle. Headless 360 converts the Salesforce platform into a programmable, agent-first surface by exposing Customer 360 data, workflows, business logic, and audit trails as APIs, MCP tools, and CLI commands. AI coding agents connected to Headless 360 can now reach years of accumulated customer context, including open escalations, renewal timelines, breached SLAs, and relationship history, without navigating a UI. The Agent Fabric layer within the announcement brings multiple vendor agents under one governed control plane with deterministic orchestration and centralised LLM governance across an entire enterprise AI landscape.

The n8n community published a detailed framework assessment this week noting that workflow automation has shifted from convenience software to business infrastructure. The analysis is instructive for operations teams still evaluating where to place orchestration investment: the most robust enterprise agent architectures in 2026 combine deterministic workflow logic for high-stakes process steps with probabilistic AI reasoning in between. The teams running the most reliably are not treating agents as fully autonomous. They are defining hard handoffs and fixed approval gates at the points where a wrong decision is expensive, and letting AI handle the reasoning within those rails. That hybrid architecture is now the recommended pattern from both the ServiceNow and Salesforce product organisations, and it reflects what the most mature enterprise deployments look like in production.

ElevenLabs Conversational AI 2.0 shipped two updates in its v1.5 release series this week that address the two most common objections enterprises raise when evaluating voice agents for customer-facing deployments. Adaptive Interruption Handling uses a trained audio-based model to detect and manage user interruptions with 86% precision and 100% recall at 500 milliseconds of overlap, with backchannel filtering built in. The practical result is that the agent does not cut the customer off mid-sentence and does not mistake a brief acknowledgement sound for an actual interruption. Dynamic Endpointing uses an adaptive model to determine when a caller has genuinely finished speaking, rather than pausing, which eliminates the most common source of awkward silences in voice agent calls. Both features are available with preemptive generation on by default, meaning the agent begins preparing a response before the caller has fully finished, reducing perceived latency to sub-second levels on standard telephone connections.

The IBM watsonx partnership announced in March 2026 continues to expand ElevenLabs' reach into enterprise contact centres at scale. For large organisations that have standardised on IBM infrastructure, the partnership provides a tested path to deploying ElevenLabs voice quality within an existing enterprise contract and security framework, rather than standing up a new vendor relationship. The platform landscape continues to split along predictable lines: ElevenLabs leads on voice quality and multilingual support with 11,000 voice options across 70 languages; Vapi leads on multi-provider orchestration flexibility, processing 62 million monthly calls; Retell leads on telephony-native deployment for organisations that need structured dialog flows and enterprise compliance features from day one; and Bland remains the choice for high-volume outbound sales campaigns where call volume, not call quality, is the primary variable. Each platform has a distinct buyer profile, and choosing the wrong one typically surfaces in the third month of deployment when the gap between demo and production performance becomes clear.

The Five Eyes cybersecurity agencies, representing the US, UK, Canada, Australia, and New Zealand, released guidance this week warning that rapid rollouts of agentic AI carry meaningful security risks, particularly when agents can take actions across business systems. The guidance recommends considering simpler automation for repetitive tasks where possible and treating agentic systems as potentially unreliable until security practices and evaluation methods mature. This is the first coordinated government-level advisory directed specifically at agentic AI deployment rather than AI in general, and it carries weight precisely because it comes from the same agencies that issue guidance on national infrastructure security. For enterprise leaders, the advisory is not a reason to halt deployment. It is a mandate to formalise the security documentation that most pilot deployments have not yet produced: allowed actions, data access scope, escalation rules, audit logs, and a documented shutoff plan, for every agent, before it goes into production.

Novo Nordisk announced a full-enterprise OpenAI partnership this week, embedding AI across drug discovery, clinical trials, manufacturing, supply chains, and commercial operations, with full deployment planned by end of 2026. The scale of the commitment is notable not for the technology involved but for the governance model: the CEO framed the goal as accelerating scientists rather than replacing them, and acknowledged that AI would reduce future hiring growth. For C-suite leaders watching how peer organisations are framing AI deployment to employees, boards, and regulators, the Novo Nordisk announcement is a useful reference for how a global enterprise communicates a full-operations AI commitment without triggering the workforce anxiety that similar announcements have generated elsewhere.

ServiceNow and Accenture launched a forward deployed engineering programme at Knowledge 2026 that addresses one of the most consistent bottlenecks in enterprise AI deployment: the gap between a successful pilot and production at scale. The programme embeds ServiceNow's AI engineering team alongside Accenture's industry-specific teams inside mutual customers' environments, building agentic workflows that run in production before organisation-wide rollout begins. The explicit goal is closing the pilot-to-production gap that data consistently shows affects the majority of enterprise AI programmes. For companies that have completed successful pilots but have not converted them to production workloads, the programme signals that the major consultancies and platform vendors are now building structured services around this specific failure point.