Keycard And Smallstep Anchor AI Agent Runtime Security To Verified Infrastructure

Keycard brings runtime governance to AI agents, while Smallstep extends proven hardware-backed identity to ensure every session starts from verified infrastructure

SAN FRANCISCO, March 23, 2026 (GLOBE NEWSWIRE) -- Keycard, the provider of identity and access for AI agents, and Smallstep, the Device Identity Platform™, today announced a product integration that brings hardware-rooted trust to runtime AI agent governance. As coding agents move into production and take action across shell commands, MCP tools, cloud APIs, and internal services, organizations need more than visibility, they need a way to govern what agents do in real time and ensure those actions originate from trusted, verified environments.

Keycard is helping define a new layer of AI security focused on runtime control. Its platform gives organizations a way to govern agent behavior as it happens by enforcing policy on every tool call an agent takes. That helps CISOs and security teams close one of the most urgent gaps in agentic AI: visibility and control over what agents actually do once they begin operating inside production systems.

But runtime governance is only as strong as the environment in which the agent is running.

That is where Smallstep comes in. Smallstep brings proven, production-grade identity to the integration through cryptographic attestation and short-lived, non-exportable credentials. Built on ACME Device Attestation (ACME-DA), developed in collaboration with Apple and Google, Smallstep verifies that agent sessions begin in known, compliant environments before credentials are issued. Already deployed at scale in major enterprise environments, Smallstep provides the mature trust foundation that allows AI agent governance to extend beyond policy and into high-assurance enforcement.

Together, Keycard and Smallstep close the gap between runtime governance and hardware-rooted trust. Keycard governs what the agent can do: which tools it can invoke, which credentials it can receive, and how each action is scoped, audited, and revoked. Smallstep proves where that governed session is running by binding credentials to verified infrastructure and trusted execution environments. The result is a unified chain of trust that ties each tool call back to a verified environment, a human identity, an agent, and a task.

“AI agents need more than access. They need guardrails that hold up while they’re actually doing work,” said Ian Livingstone, co-founder and CEO of Keycard. “Keycard governs each tool call at runtime, and Smallstep brings attested runtime context. That means every action can be scoped, attributed, and revoked.”

“The next perimeter is not just who the agent is — it’s where the agent is running,” said Mike Malone, founder and CEO of Smallstep. “Together with Keycard, we give security teams a way to root AI governance in verified infrastructure, so every action is enforceable, attributable, and built on real trust.”

As coding agents move into production, CISOs tend to hit the same three walls: they cannot verify where agents are running, they cannot rotate secrets fast enough, and they cannot audit what agents actually did.

The Keycard and Smallstep integration addresses all three directly.

Govern agents at runtime. Keycard governs the agent session and enforces policy on every tool call and credential issuance, including shell commands, MCP tools, API calls, and agent-generated scripts. Credentials are ephemeral, task-scoped, and identity-bound, making agent actions governable in real time instead of after the fact.

Start from a trusted execution environment. Smallstep uses attestation to ensure an agent only receives credentials if it is running in known, compliant infrastructure, including managed devices and trusted workload environments. No attestation, no certificate, no access.

Replace static secrets with short-lived credentials. Smallstep’s “badges not keys” model replaces long-lived X.509 certificates, SSH keys, and embedded secrets with automatically issued, short-lived credentials. Keycard then scopes access dynamically at runtime, reducing the blast radius of compromised credentials and eliminating static secrets from .env files, MCP configs, and scripts.

Produce a full audit trail. Together, the two platforms make it possible to attribute every action to an environment, user, agent, and task, giving security teams the visibility they need across MCP workflows, CLIs, APIs, and agent-generated tooling.

This partnership brings together Keycard’s runtime governance for autonomous agents, giving organizations visibility, control, and revocation at the moment an agent acts, with Smallstep’s device identity infrastructure. Smallstep is built for automated environments, using short-lived certificates and streamlined issuance to ensure actions originate from trusted, compliant devices. Together, they provide a foundation for adopting AI agents with enforceable controls with a hardware-backed trust model.

The Keycard and Smallstep integration is now open for early access sign-up. To learn more, visit the joint Smallstep and Keycard booth #2045 in Moscone South Hall at RSAC Conference 2026 in San Francisco, or stop by Keycard’s booth #2351.

About Keycard

Keycard’s mission is to unlock the power of AI agents by giving developers and enterprises the foundations they need to build and adopt trusted agentic applications at scale. Its identity and access platform provides real-time, contextual guardrails, enabling the transition from static, human-driven workflows to machine-driven, autonomous, agentic applications. Keycard is a remote-first company and backed by Andreessen Horowitz, Boldstart Ventures and Acrew Capital. For more information, visit: https://www.keycard.ai/.

About Smallstep

Smallstep is the Device Identity Platform that links trust to verified hardware and infrastructure, so access, actions, and automation originate from known, compliant environments. Using cryptographic device attestation and short-lived, hardware-backed credentials, Smallstep replaces passwords, SSH keys, and VPN clients with automatic, certificate-based access and phishing-resistant MFA. Built on ACME Device Attestation, developed in collaboration with Apple and Google, Smallstep helps organizations reduce credential theft and lateral movement while bringing governance to unmanaged devices, trusted workloads, Shadow AI, agentic AI workflows, and MCP servers. With broad integrations across identity providers and device management systems, Smallstep helps organizations operationalize NIST Zero Trust principles and support CMMC-aligned requirements across enterprise and mission environments.

Media Contacts

Smallstep
Michelle Schafer, Merritt Group
schafer@merrittgrp.com

Keycard
Amber Rowland for Keycard
amber@therowlandagency.com