Atsign AI platform wins Gold for zero-attack surface

Broadband-Testing has independently verified a combination of Atsign's AI Architect and Atsign Platform products as a zero-attack-surface approach for enterprise AI, awarding it a Gold Award from the European test lab.

The lab assessed the products in two live use cases and found the pairing let developers build end-to-end encrypted AI agents without open inbound TCP ports or connections. The review covered a remote telemetry monitoring application for a KRYZ-LPFM radio transmitter and Pembrook, a secure personal AI agent.

The finding speaks to one of the main barriers companies face when rolling out AI systems in large organisations: how to connect applications, agents and data without creating new points of exposure on corporate networks. Security teams have been wary of tools that rely on open ports, trusted intermediaries or complex cloud infrastructure, particularly when sensitive data is involved.

According to the test lab, the architecture blocked three common attack routes in both scenarios: port scanning, credential theft and man-in-the-middle attacks. AI Architect is a no-code visual blueprinting tool, while the Atsign Platform provides the underlying networking layer.

Test findings

The external report used unusually strong language in its conclusions. "For businesses looking to maximise their 'ideation to adoption' process with AI, what Atsign is offering, in terms of zero attack surface and policy control, is an absolute game changer. For CISOs, it means their AI hell is at an end; just use the Atsign Platform and every app will be secure before release. Using the combination of the Atsign Platform with Atsign AI Architect means that the entire dev process is hugely streamlined and optimised - and secure."

Atsign is presenting the result as independent evidence that its design can reduce the security trade-offs that often slow AI projects. The company develops software intended to help developers build AI agents and applications with security embedded in the underlying architecture rather than added later.

Aparna Rayasam, Chief Executive Officer of Atsign, said: "As companies race to deploy Agentic AI, traditional security is failing. Standard protocols require open network ports and trusted intermediaries, inviting attackers directly into the heart of the enterprise. Atsign's architecture fundamentally flips this script. Broadband-Testing's validation confirms what our customers already know: you don't have to choose between AI velocity and risk. By starting with a zero-attack surface and agent behavior restraints, organizations can confidently deploy agentic AI without the risk of exposing their data to the public internet."

The approach may be especially relevant as businesses move from experimenting with large language models to deploying autonomous or semi-autonomous agents connected to internal systems. Those systems often handle personal, commercial or operational data, making network and access design a central issue for chief information security officers.

Customer example

One customer cited is NeuroVitals, a healthcare-focused user of the technology. Rick Deacon, CISO and Head of Platform at NeuroVitals, has used the products to build an application that handles sensitive healthcare information.

"Atsign removes a lot of the infrastructure setup, the things I would normally need a sophisticated architect to create on AWS or GCP just to make sure it's secure," Deacon said.

He also highlighted the speed of development. "Using AI Architect and the Atsign Platform, I had the first working version of our MVP in just three hours, instead of the eight days of prompt optimization a much simpler app took me previously. The levels and layers of communication are entirely encrypted, and I have total peace of mind knowing that no one is going to see that data except the intended users."

The healthcare example adds weight because medical applications face some of the strictest requirements for confidentiality and data handling. It also illustrates the commercial pressure on suppliers to shorten development cycles while satisfying internal security teams and external compliance demands.

Broadband-Testing describes itself as a vendor-neutral testing operation that evaluates IT products and services. Its work is often used by technology buyers seeking third-party validation of security and infrastructure claims, especially when suppliers make broad assertions about reduced exposure to cyber attacks.

Here, the core claim is not simply that traffic is encrypted, but that the architecture removes the need for exposed inbound connections that attackers typically probe first. That distinction matters for enterprises because many security incidents begin with a discoverable service, a weakly protected credential or an intercepted connection.

The broader market backdrop is a surge in corporate spending on AI tools, paired with persistent concern from security leaders about how those tools connect to users, data stores and external services. Vendors across the sector are trying to reassure customers that AI can be deployed without opening new attack paths, but independent verification remains relatively scarce.

The report concluded that the architecture eliminated port scanning, credential theft and man-in-the-middle attacks in the two tested deployments.