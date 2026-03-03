Enigma Networks has announced the general availability of its Internal Trust Governance platform, Enigma AI, which continuously determines and validates which communications are necessary and safe across enterprise networks. Just as identity and access management (IAM) governs trust for users, Enigma AI governs trust between internal systems and assets, introducing a new control plane for zero trust that determines not only what is happening inside the network, but what should be happening.

“After decades perfecting identity governance for users, internal networks continue to operate largely on blind trust,” said Bob Moul, CEO of Enigma Networks. “IAM became essential when organizations realized they couldn’t secure users and applications without first identifying and controlling access. We’re doing the same thing for internal networks and assets. Every enterprise has IAM. Now they need Enigma AI to close the final gap in zero trust.”

The internal network blind spot

For decades, IAM has rigorously governed trust for users, determining who they are, what they can access, and whether their behavior remains appropriate over time. Internal networks, by contrast, have historically operated on implicit trust, treating allowed communication as legitimate by default.

That assumption is no longer defensible. Once attackers gain a foothold, over-permissive internal trust allows rapid lateral movement, credential abuse, and data exfiltration.

With the industrialization of cyberattacks using AI, the industry is quickly moving from a “prevent breach” to an “assume breach” philosophy and regulators are increasingly demanding proof that internal controls are working. Yet most internal security tools were not designed to answer the most fundamental question security leaders and regulators now ask: Which internal systems should be trusted to communicate, and why?

From detection to determination

Traditional segmentation and network detection tools enforce static rules or compare observed traffic against historical baselines. Detection flags deviation, whether traffic looks unusual. But if that baseline already incorporates over-permissive trust relationships, normal becomes indistinguishable from exposure. Detection never asks whether the communication should exist at all.

Enigma AI was purpose-built to make that determination, continuously evaluating whether observed behavior aligns with each asset’s defined purpose, and driving enforcement through integration with existing controls. The shift is from detection to determination: not does this look unusual, but should this exist.

At the core of the platform is a continuously learned trust model of the internal network, mapping assets, communication paths, and expected behaviors to determine whether internal trust relationships remain valid. With its lightweight, agentless architecture, Enigma AI delivers governance without friction, not just enforcement and alerts.

Completing the zero trust architecture

Zero trust transformed how enterprises govern identity and access. But it left the interior of the network ungoverned. Three parallel layers now form a complete trust governance architecture:

Identity governance (IAM) – governs who has access, to what, under what conditions

– governs who has access, to what, under what conditions Access governance (ZTNA) – controls how users and devices connect to resources, continuously verified

– controls how users and devices connect to resources, continuously verified Internal network governance (ZTNX) – determines what is happening inside the network, and whether it should be

That third layer did not exist. Internal asset-to-asset communication, the majority of enterprise network traffic and the primary terrain attackers exploit for lateral movement, has operated entirely on implicit, unexamined trust.

Enigma Networks delivers on its vision for ZTNX with its Internal Trust Governance platform, systematically determining which internal communications are legitimate, necessary, and appropriate based on what assets are and what they exist to do.

“I spent years watching security teams drowning in network telemetry but starving for actual insight,” said Mark Viglione, CTO of Enigma Networks. “Tools would generate endless logs and alerts, but couldn’t answer the fundamental question: which internal communications should we trust? That frustration drove us to build Enigma AI – a platform that finally delivers governance, not just data.”