These 5 Companies Secretly Control AI
TL;DR
The real AI gatekeepers aren’t model companies — Nate argues that Cloudflare, Stripe, Okta, Oso, Snowflake, Datadog, AWS, and Vercel increasingly decide whether an agent can actually reach production because they control runtime, identity, data, payments, and observability.
Compute gets agents online, but control infrastructure gets them deployed — GPUs and data centers matter for serving models, but the harder production questions are operational: where an agent runs, what it remembers, who it acts for, what it can spend, and who can stop it.
Runtime is becoming a strategic control surface — Cloudflare’s Agents SDK uses durable objects with SQL, websockets, and scheduling; AWS Bedrock AgentCore bundles runtime, memory, identity, and observability; and Vercel’s AI Gateway turns routing, budgets, and monitoring into part of the stack.
Agent identity is the make-or-break problem inside enterprises — Nate highlights Oso, Okta, WorkOS, Microsoft Entra, and AWS AgentCore Identity as critical because agents operate with delegated authority across systems like Google, Slack, GitHub, and Salesforce, where fuzzy permissions become dangerous fast.
If an agent touches business data or money, governance is the product — Snowflake Cortex, Databricks Mosaic AI, and BigQuery/Gemini are trying to keep agents inside the company’s semantic layer, while Stripe, Visa, Mastercard, and Amex are racing to define trusted rails for agentic commerce.
Observability and kill switches are not optional extras — Datadog, LangSmith, Braintrust, Langfuse, and AWS are converging on ways to track agent work end-to-end, and Nate stresses that a real kill switch must exist across runtime, identity, gateway, framework, and payments—not just as a prompt that says “stop.”
Summary
The surprise list of companies that actually control agents
Nate opens by flipping the usual assumption: the companies deciding whether your agent ships are often not OpenAI or Anthropic, but operators like Cloudflare, Stripe, Okta, Oso, Datadog, and Snowflake. His core point is simple but sharp: models are only one piece of the agent economy, while infrastructure companies increasingly control where agents run, what they know, what they can spend, and who can shut them down.
Compute matters, but it’s not the bottleneck people think
He quickly acknowledges the familiar AI infrastructure story—GPUs, power, data centers, networking, capex—but says that only answers whether AI can be served at scale. Once agents start doing real work, the bottleneck becomes governability: memory, approvals, authority, budgets, and intervention all have to be handled by infrastructure, not by the model itself.
Runtime is now a control point: Cloudflare, AWS, and Vercel
Nate spends real time on the idea that agents need more than stateless prompt-response loops; they need memory, scheduled execution, recovery, streaming, and tool coordination. That’s why he spotlights Cloudflare’s durable objects, AWS Bedrock AgentCore, and Vercel AI Gateway as different versions of the same thesis: runtime itself is becoming a strategic place to control agent behavior.
Identity gets weird the second an agent acts for a human
This is where he brings in Oso, Okta, WorkOS, Entra, and AWS identity. A user logging into an app is one thing; an agent acting across Google, Slack, GitHub, Salesforce, and a RAG pipeline is another entirely, especially when approvals happen asynchronously and secrets can’t just be handed over forever. His phrase is memorable: the dangerous agent isn’t necessarily the most capable one, but the one with “very fuzzy authority.”
Data platforms want to become the safe place where agents reason
Nate then moves into Snowflake and Databricks, arguing that agents are only as good as the governed meaning of the data they touch. He lists the classic failure modes—wrong joins, stale docs, mistaken metrics, unauthorized retrieval—and frames Snowflake Cortex and Databricks Mosaic AI as attempts to keep agents inside the semantic layer where business truth about ARR, customers, churn, and forecasts actually lives.
Money raises the stakes fast, and Stripe knows it
Once agents can issue refunds, make purchases, or move money, the control problem becomes much more serious. Nate says Stripe is uniquely well positioned because it already sits in the middle of payments, fraud, disputes, billing, issuing, treasury, and merchant onboarding, while Visa, Mastercard, and Amex are making a different bet: proving that agent transactions can run through the same institutional trust chain as card payments.
You’re not just logging agents—you’re watching work happen
He argues observability is badly underrated because agent failures often look valid on the surface: correct syntax, wrong tool, authorized data, wrong conclusion, or loops that quietly burn tokens. That’s where Datadog, LangSmith, Braintrust, Langfuse, and AWS come in, all trying in different ways to create one operational view that ties together traces, costs, tool calls, policies, and evals.
The kill switch, the seven questions, and the story that makes it real
Near the end, Nate turns practical: pick one workflow—support refunds, claims, usage checks—and answer seven questions about runtime, identity, data, tools, payments, observability, and who can stop the system. He lands the point with a story from a data-team leader describing agents “hacking around” human permission structures, which captures the whole thesis: agents do not respect org charts, so your governance model has to compensate.
Was This Useful?
Share
Keep Reading
Make Alcreon Yours
Tune your feedFive quick questions, and the feed ranks what matters to you first.Or just get notified
The weekly Echo. Signal worth keeping in your inbox.
Every new piece, announced on X.
Read Next
See all
Playbook
The Retirement Email Isn't a Warning
Model retirements now arrive every few weeks; the config-eval-rehearsal loop turns each deprecation email from a fire drill into an afternoon swap.

Playbook
The Cheapest Model That Passes
OpenRouter lists 400 models behind one API. The fix for choosing isn't a better leaderboard, it's a four-step protocol that ends in a real eval.

Playbook
Cheap Models, Hard Tasks
Most agent workflows route every step to the frontier model by default. The bill scales with how chatty the agent gets, even when most steps don't need that brain.