A startup you likely haven’t heard of just expanded its footprint across Microsoft’s AI ecosystem—and landed enterprise customers like drug discovery firm Owkin and travel tech company Forge Holiday Group. Geordie, which builds runtime observability and governance controls for autonomous AI agents, announced this week that it has added two senior leaders, closed new enterprise deployments, and tightened its technical alignment with Microsoft’s agent framework.
The news pulls agent governance out of the sidelines and into a distinct enterprise security category. As Microsoft and other platforms push Copilot-enabled agents that can execute multi-step business processes, security teams are scrambling to monitor, audit, and constrain bot behavior in real time. Geordie’s trajectory shows that market demand is real—and that tooling purpose-built for AI agents is moving from optional to essential.
The Leadership Bench Deepens
Geordie named Maya Stirling as Chief Technology Officer and David Luan as Vice President of Product, the company confirmed in a statement shared with Windows News. Stirling most recently led platform security engineering at a major cloud service provider, while Luan joins from a decades-long career building observability products at Splunk and Datadog. The appointments double Geordie’s C-suite in a single week and signal a serious ramp-up in product development.
“Maya and David bring exactly the muscle we need to scale our agent governance platform for the Fortune 500,” said Geordie CEO Rebecca Hertz. “Enterprises are deploying agents into production now, not next year. They need runtime visibility and enforcement that works across any agent framework, including Microsoft’s.”
Why Agent Governance Is Suddenly P0
AI agents—software that can plan, reason, and act across applications without human step-by-step guidance—are flooding enterprise roadmaps. Microsoft 365 Copilot already integrates agentic capabilities, and Power Platform’s AI Builder lets low-code developers stitch together autonomous workflows. Gartner predicts that by 2028, 33% of enterprise software applications will include agentic AI, up from less than 1% in 2024.
The problem: traditional security stacks are blind to agent activity. Identity and access management (IAM) tools see a service principal, but not the multi-step reasoning an agent performs. SIEM solutions receive telemetry from individual API calls, not the intent behind a sequence of actions. This gap leaves organizations vulnerable to prompt injection, privilege escalation, business logic abuse, and unintended consequences—like an agent misbooking thousands of hotel rooms or corrupting a clinical trial dataset.
Geordie addresses the gap by instrumenting agents at runtime. Its lightweight SDK or proxy intercepts agent actions, parses the chain of thought, and maps each step against a declarative policy engine. Security teams can set rules like “an agent must never delete records,” “it must request human approval for transactions over $10,000,” or “it cannot export PII to a non-approved environment.” All activity streams into a dashboard that shows not just what happened, but why the agent took an action.
Microsoft Integration Gets Concrete
The startup’s deepening alignment with Microsoft is more than marketing. Geordie has built dedicated connectors for the Microsoft Copilot ecosystem, including the Copilot extensibility platform, Power Automate, and Azure AI Foundry. Its policy engine ingests signals from Microsoft Entra ID and Microsoft Purview, mapping agent identities to data classification labels and insider risk indicators. The result is a governance layer that understands both the technical and compliance context of an agent’s decisions.
One enterprise customer, Forge Holiday Group—which operates vacation rental and travel services across Europe—is using Geordie to oversee AI agents that automatically rebook guests during property closures. The agents access Entra ID-authenticated APIs, read booking data, and communicate with property management systems. With Geordie, the travel company sets guardrails that block rebooking attempts if the new property exceeds a budget threshold or lies outside the original city. Without runtime governance, Forge’s security team would have no way to enforce that business rule across autonomous actions.
“We’re not just logging what the agent did; we’re actively steering it,” said Forge Holiday Group CISO Maria Lundström in a prepared statement. “Geordie plugs a hole that existing Microsoft tooling doesn’t cover—agent-specific runtime control. It’s a missing piece in the Microsoft security story.”
Owkin Brings Agent Governance to Life Sciences
Owkin, a French-American AI biotech, uses federated learning and AI agents to accelerate drug discovery across hospital networks. Data privacy regulations like HIPAA and GDPR are paramount, and Owkin’s agents must traverse healthcare datasets without exposing protected health information. The company tapped Geordie to enforce data residency and anonymization policies in real time, automatically halting any agent action that would export raw patient data outside an approved enclave.
“Our agents operate on some of the most sensitive data in the world,” said Owkin’s Head of AI Infrastructure, Thomas Clozel. “Traditional DLP tools are static and rule-based. They can’t understand that an agent is about to send a summary email containing derived statistics that still constitute PHI. Geordie’s semantic policy layer catches that, because it sees the chain of reasoning.”
The Owkin deployment underscores a critical feature: Geordie’s policies can inspect not just API payloads but the intent behind an action by analyzing the agent’s internal reasoning trace. For models that output a plan before executing, Geordie parses that plan against natural-language policies, bridging the gap between security intent and agent behavior.
A New Category Takes Shape
Industry analysts are taking note. “Agent governance is the new identity governance—it’s about controlling what a non-human identity does, not just who it is,” said Rohan Narasimhan, principal analyst at Enterprise Security Research, who was briefed on the Geordie announcement. “Microsoft has poured billions into Copilot and autonomous agents, but the security story today is mostly about authentication and permissions. If an agent hallucinates a malicious plan or gets prompt-injected, you need runtime interception. Geordie is one of the first to productize that.”
That productization momentum is evident in Geordie’s customer pipeline. The company reports that it tripled its number of paid enterprise deployments in the first quarter of 2025 compared to all of 2024, though it declined to provide absolute figures. Pricing is based on the number of monitored agent interactions per month, with an enterprise tier that includes dedicated policy engineering support and custom AI model fine-tuning for threat detection.
How Geordie Fits with Microsoft’s Own Security Roadmap
Microsoft has been building its own agent governance capabilities, notably through Microsoft Purview’s AI hub and new controls for Copilot extensibility. The company recently introduced tenant-wide policies to block certain plugins and data sources from Copilot agents, and it extended Purview’s data loss prevention to AI prompts and responses. But these controls are primarily traffic-based and lack the deep runtime introspection that Geordie provides.
Rather than competing, Geordie is positioning itself as a complement. Its architecture integrates with Microsoft’s monitoring and policy enforcement points, pulling signals from where Microsoft already instruments—Entra ID, Defender for Cloud, Purview—and adding its own agent-centric context. The result for joint customers is a unified view: the SOC analyst sees an agent-generated alert in Sentinel alongside Geordie’s explanation of the agent’s reasoning, enabling faster triage.
Microsoft has not publicly commented on the partnership, but Geordie’s inclusion in multiple Microsoft co-sell agreements suggests a warm relationship. The startup is a member of the Microsoft for Startups Pegasus Program and was featured at Microsoft Ignite as an emerging security partner for Copilot.
The Technical Architecture: How Runtime Observability Works
For the IT professional, Geordie’s approach is worth a closer look. The platform deploys as a containerized sidecar or a lightweight SDK that hooks into an agent framework’s middleware. For Microsoft’s Semantic Kernel and AutoGen-based agents, Geordie provides a native integration that intercepts function calls and prompts before execution. The system then evaluates the planned action against a policy graph that combines attribute-based access control (ABAC) rules with natural-language intent checks.
Policies can be written in a declarative language or plain English, thanks to a large language model (LLM) that translates policy statements into executable constraints. For example, an admin can type: “An agent may only access customer data if the customer has explicitly opted in for AI processing.” Geordie’s engine automatically maps that to database schemas and API parameters, then enforces it at runtime.
All intercepted actions, including blocked attempts, are logged immutably to an audit trail that integrates with Microsoft Sentinel, Splunk, or any SIEM via OpenTelemetry. The trail includes the agent’s full reasoning trace, which can be replayed for forensic analysis. This depth of visibility is what sets Geordie apart from simpler loggers.
Enterprise Reactions and Early Lessons
Forge Holiday Group’s early experience highlights both the promise and the pain points of agent governance. During a pilot, Geordie’s system caught an agent that repeatedly tried to rebook a guest into a property that had been flagged for maintenance—a subtle logic error that traditional monitoring wouldn’t have caught because each API call was technically valid. The company’s IT team created a policy that blocks booking attempts on any property with an active maintenance ticket, a rule that previously required manual checks.
Owkin, meanwhile, discovered that one of its internal research agents occasionally attempted to read data from unapproved geographic regions. Geordie’s policy enforcement flagged the attempts immediately, and Owkin’s data governance team used the reasoning trace to retrain the agent’s prompting logic, reducing violations by 94% within a month.
These anecdotes point to a larger truth: agent governance is not just about security; it’s about reliability and compliance. As enterprises empower agents to act on their behalf, they need the same level of control they have over human employees—with the added twist that agents can move at machine speed and scale in milliseconds.
What’s Next for Geordie and the Market
The leadership expansion is just the beginning. Geordie plans to release a free tier for developers later this quarter, aiming to seed adoption in the open-source agent community. It is also working on an agent risk score, analogous to a credit score, that quantifies how likely an agent is to violate policy based on its design and training data. That feature could become a procurement requirement for enterprises vetting third-party agents.
The broader agent governance market is heating up. Established security vendors like CrowdStrike and Palo Alto Networks have hinted at agent-specific products, and cloud providers are building basic guardrails into their AI platforms. Microsoft itself may eventually build more robust runtime controls. But for now, Geordie’s first-mover advantage and deep Microsoft integration give it a head start.
“Organizations that wait for platform-native governance will be caught flat-footed,” said Narasimhan. “Agents are being deployed today, and the attack surface is real. Geordie’s progress shows that a standalone governance fabric can be deployed quickly and add immediate value, especially in heavily Microsoft-dependent shops.”
For Windows News readers managing Windows 11 enterprises with Copilot experiments underway, the takeaway is clear: if your organization is piloting autonomous agents, start evaluating runtime governance now. The infrastructure to control these new digital workers is emerging—and Geordie just made a compelling case that it should be on the shortlist.