Competitive Landscape

AgentApproved vs Traditional Certification

The agent trust space is maturing fast. AIUC-1, CSA STAR for AI, ISO 42001, and hardware attestation from Yubico and HID Global are all solving real problems. Here's how AgentApproved fits in — and why you probably need more than one layer.

The Three Layers of Agent Trust

No single standard can secure the agent economy. Trust requires three distinct layers, each answering a different question at a different frequency.

Layer 1

Identity

"Who is this agent?"

Cryptographic proof of the agent's identity — who created it, who delegated authority to it, and what credentials it holds.

NIST NCCoE AI Agent Identity, HID Global PKI, Yubico Role Delegation Tokens, OAuth 2.1, MCP auth

Layer 2

Certification

"Has the organisation been audited?"

Periodic, human-led assessment of the organisation's governance, processes, and controls around AI development and deployment.

AIUC-1 (quarterly + annual), ISO 42001 (annual), CSA STAR for AI (periodic), SOC 2 for AI

Layer 3

Runtime Attestation

"Is this agent behaving right now?"

Continuous, automated verification that a specific agent instance is operating within compliance boundaries at this moment — not last quarter, not last year, right now.

AgentApproved (24hr certificates), continuous monitoring, behavioural evidence chains

They certify the organisation. We certify the agent. You need both.

Traditional certification proves your company has good governance. Runtime attestation proves your agent is following it.

Detailed Comparison

	AIUC-1	ISO 42001	CSA STAR for AI	AgentApproved
What it certifies	AI agent product	Organisation's AI management system	Cloud AI security controls	Individual agent instance at runtime
Assessment type	Third-party audit + adversarial testing	Management system audit	Self-assessment (L1) or third-party (L2)	Automated, evidence-based
Frequency	Quarterly tech + annual operational	Annual (with surveillance audits)	Periodic renewal	Continuous (24-hour certificate expiry)
Time to certify	Weeks to months	Months	Days (L1) to weeks (L2)	Seconds
Cost	Enterprise pricing (tens of thousands)	$10K-$100K+ (audit fees)	Free (L1), audit costs (L2)	$0.01 per attestation
Who does the work	Human auditors	Human auditors + internal team	Self (L1), auditors (L2)	The agent itself (automated)
Captures drift?	Quarterly testing catches some	No — snapshot of management system	No — point-in-time	Yes — every 24 hours minimum
Machine-readable?	PDF certificate	PDF certificate	Structured (AI-CAIQ)	Ed25519-signed JSON, API-verifiable
Agent-to-agent trust	Not designed for this	Not designed for this	Not designed for this	Core use case — agents verify each other
Regulatory frameworks	EU AI Act, NIST AI RMF, ISO 42001, MITRE ATLAS	ISO/IEC standards family	AICM, ISO 42001, NIST AI RMF	EU AI Act Art 12, Singapore MGF, AIUC-1, extensible
Notable adopters	UiPath, Intercom, ElevenLabs	Enterprise-wide	Microsoft, Zendesk (L2)	Early-stage (launched March 2026)

How They Work Together

Consider a financial services company deploying an AI agent that processes loan applications:

ISO 42001 ensures the company has an AI management system — policies, roles, risk assessments, and governance structures are in place.
AIUC-1 certifies the agent product itself — the vendor has passed third-party audits across data privacy, security, safety, reliability, accountability, and societal impact. Quarterly adversarial testing ensures robustness.
CSA STAR for AI verifies cloud security controls — the deployment environment meets security standards.
AgentApproved proves that this specific agent instance, right now, today is logging its decisions, handling errors properly, escalating to humans when uncertain, and staying within its authorised scope. The 24-hour certificate expires and must be renewed — compliance is continuous, not assumed.

Each layer answers a question the others cannot. Removing any one creates a gap.

The Blind Spots of Periodic Certification

Traditional certification models were designed for deterministic software that behaves identically between audits. AI agents break this assumption:

Non-determinism: The same agent responds differently to the same input depending on model state, context window, and retrieval results. Behaviour between audits is unpredictable.
Model updates: When a foundation model provider ships an update (which happens regularly), agent behaviour can change materially without any change to the deployer's code.
Prompt drift: Research has documented behavioural degradation of up to 46% over 500 interactions. An agent certified as compliant today may drift out of compliance by next week.
Adversarial evolution: Attack techniques evolve faster than quarterly audit cycles. Jailbreaks discovered on Tuesday may not be tested until the next quarterly assessment.

This isn't a criticism of periodic certification — it's a recognition that agents need an additional, faster feedback loop.

Hardware Attestation: The Identity Layer

Yubico's partnership with Delinea (announced March 2026) introduces Role Delegation Tokens — hardware-attested proof that a specific human approved a specific agent action using a physical YubiKey. HID Global is evolving PKI to issue digital certificates for AI agents, addressing dynamic identity lifecycles and capability attestation.

These are Layer 1 solutions: they answer "who is this agent?" and "who authorised it?" Runtime attestation answers the complementary question: "what has this agent been doing since that authorisation?" Hardware identity + runtime behaviour = complete trust picture.

Add Runtime Attestation to Your Trust Stack

Already certified with AIUC-1, ISO 42001, or CSA STAR? AgentApproved proves your agents are living up to that certification every day.

Get Started Free