GPT-5.5 API Opens, Claude Adds Security and Memory, Anthropic Teams with Blackstone and Goldman on Enterprise AI
GPT-5.5, Claude Security, agent memory, and Anthropic’s Blackstone venture pull enterprise AI deeper into managed platforms, raising control-layer stakes.
This week, the AI infrastructure layer completed a step change across three dimensions at the same time.
OpenAI made the GPT-5.5 API generally available and bundled MCP, hosted shell, computer use, cross-session memory, and related capabilities into a single endpoint, directly changing the answer to the question of “which infrastructure capabilities need to be built in-house.”
At the same time, Anthropic launched the Claude Security public beta and cross-session memory for Managed Agents in the same week, extending the boundary of AI from “content generation” to “active defense” and “long-running work.”
Google Cloud Next ’26 introduced the eighth-generation TPU, the Virgo data center network, and GKE Agent Sandbox supporting long-running operations of up to seven days, turning “where to run agents” into a decision with real cost differences.
Finally, Blackstone’s USD 1.7 billion data center REIT filing and the 90-day countdown to the EU AI Act arrived at the same time: capital markets are turning AI infrastructure into an asset class, while regulatory frameworks are turning AI compliance costs into budget items. Anthropic’s joint formation of an enterprise AI services company with Blackstone and Goldman Sachs marks its formal entry into the mid-market enterprise deployment layer. This is the first time the boundary between model providers and systems integrators has been actively broken.
I. GPT-5.5 API Becomes Generally Available: OpenAI Bundles Agent Infrastructure into a Single Endpoint
On April 24, OpenAI made GPT-5.5 fully available through the Chat Completions API and Responses API. It supports a 1 million-token context window and, for the first time, natively integrates MCP tool calling, hosted shell, apply patch, computer use, Skills, tool search, and web search within a single API endpoint. Hosted shell refers to a managed shell container in which the model can directly execute commands, while apply patch allows code changes to be applied directly. Pricing is USD 5 per 1 million input tokens and USD 30 per 1 million output tokens. The GPT-5.5 Pro version is priced at USD 30 / USD 180 per million tokens.
Since the GPT-5 series, OpenAI’s direction has been moving from “stronger models” toward “systems that can autonomously complete tasks.” This API general availability represents the full developer-layer implementation of that direction. MCP calls, shell execution, and state management — infrastructure components that engineering teams previously had to build themselves — are now hosted by OpenAI with SLA support.
For teams that have not yet started building agentic workflows, this significantly lowers the barrier to rapid prototyping and is likely to accelerate the spread of internal enterprise agent experiments. For teams that already have self-built agent frameworks, this requires a serious reassessment of build versus buy. Shell execution, MCP calls, and 1 million-token context are now API primitives. The key questions become: where is the boundary of infrastructure that still needs to be self-maintained, and where does vendor lock-in begin? The likely conclusion is that data isolation, cost routing, and multi-model switching logic remain worth building internally, while much of the task execution framework may no longer need to be self-built.
It is important to note that with GPT-5.5’s native MCP and hosted shell capabilities, vendors are absorbing more and more infrastructure into their own platforms. For most enterprises, this is positive in the short term, but it also introduces a systemic risk. When an enterprise uses GPT-5.5 Managed Agents, Anthropic Claude Managed Agents, and Google GKE Agent Sandbox at the same time, gaps in cost visibility, access auditing, and routing control will expand quickly. Each platform has its own billing logic, and no native middle layer spans all of them. AgentsFlare operates at this boundary, proxying calls across multiple agent platforms and providing unified token metering, cost attribution, and access auditing without changing application logic.
II. Claude Security Public Beta: AI-Native Vulnerability Scanning Is Reshaping the Enterprise Security Layer
On April 30, Anthropic announced that Claude Security had entered public beta, available to all Claude Enterprise customers, with support for Team and Max plans to follow. Built on Opus 4.7, Claude Security can scan an entire code repository, specified directories, or specific branches for vulnerabilities, and generate concrete patch recommendations for human review.
New capabilities in this public beta include targeted scanning for specific directories within repositories, structured triage tracking with reasons for dismissal, CSV and Markdown export, and webhooks that push scan results to tools such as Slack and Jira. Security partners include CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI, and Wiz. Consulting and implementation partners include Accenture, BCG, Deloitte, Infosys, and PwC.
The traditional workflow for enterprise code security is: static application security testing, or SAST, followed by human triage and developer remediation. The core pain points are high noise levels, including false positives, and the need to understand complex dependency chains. As a result, the remediation cycle for real vulnerabilities can be extremely long.
Claude Security’s thesis is that Opus 4.7’s reasoning capability over large codebases and complex dependencies can reduce false positives while directly producing usable patch recommendations, upgrading AI from “assisting code review” to “actively detecting vulnerabilities and recommending remediation paths.” For Claude Enterprise customers, this is a new capability that can be evaluated immediately without additional API integration. The key evaluation metric should not be “how many vulnerabilities it finds,” but “how much lower its false positive rate is compared with existing SAST tools.” False positive rate determines whether security teams are actually willing to embed it into CI/CD workflows.
Anthropic’s partner matrix is also worth analyzing separately. CrowdStrike, Wiz, and Palo Alto are core enterprise security vendors, which means Claude Security is positioned to integrate into existing security toolchains rather than replace them. This reduces procurement friction and makes it easier to pass the CISO review process. The participation of consulting partners such as BCG, Deloitte, and PwC suggests that this capability may enter large enterprises in the form of “AI security transformation projects,” rather than purely as a SaaS subscription.
It should also be noted that when Claude Security pushes scan results into enterprise systems through webhooks, that data chain itself needs governance. Which agent triggered which scan? How many Opus 4.7 tokens were consumed? Which system did the scan results flow into? These are precisely the issues that the observability layer needs to cover.
III. Cross-Session Memory for Managed Agents: Agents Move from One-Off Tools to Long-Running Workflows
Anthropic announced the public beta of Memory for Managed Agents, allowing agents built on the Claude Managed Agents platform to retain and apply learning across sessions. Technically, memory is stored as files in the file system and can be exported, edited, and managed through APIs, or operated directly in the Claude Console.
Enterprise control capabilities include complete audit logs for each session and agent operation, with support for rollback and data deletion, as well as fine-grained permission control. Enterprise-level stores can be configured as read-only, while user-level stores can be configured as read-write. Early adopters include Netflix, Rakuten, Wisedocs, and Ando. Netflix reported a 97% reduction in first-pass document processing errors and a 30% improvement in processing speed.
Stateless agents are the reality of most enterprise AI deployments today: each call starts from zero, and accumulated processing experience cannot be transferred across tasks. The memory layer addresses the question of “how to make agents improve as business operations continue,” not merely “how to make agents complete this task.”
The Netflix data point — a 97% error reduction — comes from a document validation scenario. This is highly repetitive, has clear quality standards, and benefits from experience accumulated across cases. It is exactly the type of task most likely to benefit from memory mechanisms. When evaluating this capability, enterprises should first identify internal agent workflows that are repetitive, standards-based, and supported by historical data. These will be the earliest use cases where ROI appears.
The file-system-level memory architecture means that data sovereignty is held by the enterprise. Compared with approaches where memory is stored in the vendor’s cloud, this lowers the acceptance threshold for security and compliance teams. At the same time, enterprises should consider that once the memory layer becomes a core asset in enterprise AI workflows, the platform to which that memory data is tied will determine how costly future vendor switching becomes. This does not negate the value of Managed Agents Memory. Rather, it means enterprises should assess data exportability and vendor migration costs at the time of procurement.
IV. Google Cloud Next ’26: Eighth-Generation TPU, Virgo Network, and Seven-Day Long-Running Agent Sandbox
On April 22, at Google Cloud Next ’26, Google announced a series of infrastructure-layer updates. The eighth-generation TPU introduces two independent chips and dedicated systems for the first time, optimized for the agentic era. Virgo Network is a new hyperscale data center network switching fabric that provides the underlying network support for AI Hypercomputer. GKE Agent Sandbox provides Axion-powered N4A CPU instances, with Google claiming a 30% higher price-performance ratio for agent workloads compared with other hyperscalers. Agent Runtime now supports long-running operations, extending the maximum runtime of a single task to seven days. Google also disclosed that over the past 12 months, 330 customers each processed more than 1 trillion tokens, while direct API calls process more than 16 billion tokens per minute.
Google’s core advantage in AI infrastructure competition has long been vertical hardware integration through TPUs and its global network. The Cloud Next ’26 announcements show that Google is systematically extending this advantage into agentic workloads. The message is no longer simply “my model is faster or cheaper,” but “the full infrastructure for running agents is cheaper here.”
For enterprises that already have data infrastructure built in the Google Cloud ecosystem, including BigQuery, Spanner, and GKE, these announcements directly reduce the cost of running agentic workloads on the same platform. Seven-day long-running support opens up use cases that were previously constrained, including analytical agents that accumulate context over time, long-cycle code refactoring tasks, and complex compliance review workflows.
Google’s claim that GKE Agent Sandbox delivers a 30% price-performance advantage should be independently validated through benchmarks using real business scenarios. It should not be used directly as the basis for procurement decisions. For enterprises whose workloads are distributed across multi-cloud environments, deciding which cloud platform to run agents on requires a parallel assessment of vendor lock-in risk. The stronger the platform capability, the higher the migration cost usually becomes.
V. Blackstone’s USD 1.7 Billion Data Center REIT Listing and the 90-Day Countdown to the EU AI Act
On May 4, Blackstone announced that Blackstone Digital Infrastructure Trust, or BDIT, aims to raise more than USD 1.7 billion through a U.S. listing, with proceeds directly tied to investment in data center assets. This is one of the first significant cases in which AI infrastructure assets are being institutionalized by mainstream institutional capital in REIT form.
At the same time, the full enforcement milestone for high-risk AI systems under the EU AI Act, August 2, 2026, is now within the 90-day countdown window. AI systems deployed in areas such as critical infrastructure, employment, education, essential services, and law enforcement may face penalties of up to EUR 35 million or 7% of total worldwide annual turnover, whichever is higher.
Blackstone’s decision to enter the data center sector through a REIT structure in Q2 2026 reflects a clear logic: the core requirements of AI infrastructure — power, cooling, network, and compute capacity — align closely with the real estate asset logic of long-term stable cash flows. Institutional capital is turning AI infrastructure into an asset category. This is an institutional signal that AI infrastructure is shifting from a “technology sector investment theme” to an “infrastructure asset class.” It also provides a new reference framework for enterprises reporting long-term AI infrastructure CapEx plans to boards.
The 90-day countdown to the EU AI Act creates clear time pressure for compliance teams. For enterprises deploying high-risk AI applications in the EU, system classification records, risk assessment documentation, and conformity statements must be completed before August. If internal legal teams or external counsel are engaged now, the timeline is tight but still workable. If the process is only started in July, there will not be enough time.
Auditable AI invocation logs, token-level data tracing, and cross-vendor access control are required not only for EU AI Act compliance documentation, but also as foundational capabilities before deploying agent workflows.
VI. Anthropic + Blackstone Establish an AI Services Company: Model Providers Formally Enter the Enterprise Deployment Layer
On May 4, Anthropic, together with Blackstone, Hellman & Friedman, and Goldman Sachs, announced the formation of a new enterprise AI services company focused on Claude deployment for mid-sized enterprises. Unlike Anthropic’s existing Partner Network, which is oriented toward systems integrators serving large enterprises, engineers at the new company will work side by side with Anthropic’s Applied AI team, directly participating in the construction and long-term operation of customer production systems.
The target customers are the mid-market segment that lacks internal AI engineering capabilities: community banks, mid-sized manufacturers, and regional healthcare systems. Investors include General Atlantic, Leonard Green, Apollo Global Management, GIC, and Sequoia Capital.
This is a structural signal that should be taken seriously. Before this, the commercial model of model providers such as Anthropic, OpenAI, and Google was to provide APIs and authorize systems integrators to handle implementation. The emergence of this new company means Anthropic has moved one step forward in the value chain. It is no longer only an API supplier, but is actively participating in the construction and operation of customer AI systems.
For mid-sized enterprises already deeply dependent on the Claude API, this services company may provide convenient engineering resources. But it will also deepen Anthropic’s access to client-side data, and this may be difficult to separate cleanly in contracts. The deeper question is: when an enterprise’s AI model is provided by Anthropic, and deployment and operations are also handled by an Anthropic-affiliated company, who safeguards the autonomy of AI data and system architecture?
Another detail worth unpacking is the composition of the investor group. Blackstone is also pushing forward the USD 1.7 billion data center REIT listing at the same time, as discussed above. Apollo and General Atlantic are also major infrastructure capital players. The shared logic among these investors is that mid-market enterprise AI deployment will be one of the largest service markets over the next three to five years, but historically there has been no scaled delivery body capable of serving it.
Anthropic provides the brand and technical endorsement, while private equity and asset managers provide capital and customer networks. The combination is designed for rapid scale. If you are a mid-sized enterprise, you are likely to see Anthropic-affiliated service providers proactively approach you about AI transformation projects over the next 12 months. This is an opportunity, but also a question that needs to be answered early: who do you want to control your AI infrastructure?
The value of an independent AI control layer and independent service providers in this context is that, whether the enterprise ultimately chooses an Anthropic services company, McKinsey Digital, or its own engineering team for delivery, ownership of data flows, auditing, and switching capability remains under enterprise control rather than embedded inside a vendor contract.
What Choices Does Enterprise AI Infrastructure Face in This Round?
Viewed together, this week’s six developments point to a clear structural theme: vendors are absorbing more and more agent infrastructure capabilities into their own platforms. This lowers enterprise build costs, but also increases the risk of dependence on a single platform.
GPT-5.5 natively integrates MCP, shell execution, and memory. Anthropic Managed Agents continue to expand agent runtime capabilities. Google GKE Agent Sandbox provides support for seven-day long-running operations. Each vendor is making its managed agent platform more complete and increasingly difficult to bypass.
Anthropic’s joint formation of an AI services company with Blackstone means that this integration has now extended from the API layer to the deployment services layer. Model providers are beginning to directly participate in building customer AI infrastructure, with an unprecedented depth of data access.
For enterprises, this is positive in the short term. But when an enterprise connects to three platforms at the same time, gaps in cost attribution, access auditing, and multi-model routing governance will expand quickly. What enterprises truly need to build in-house is not the agent execution framework, but a control layer independent of any single vendor: data isolation policies, cost routing logic, and multi-model switching capability.
The 90-day countdown to the EU AI Act points in the same direction. The auditable logs and access controls required for compliance cannot be completed by relying on a single vendor platform. They need to be recorded completely at the entry point of AI traffic.
This is where AgentsFlare sits as an independent AI Gateway and Control Plane: it is not tied to OpenAI, Anthropic, or Google Cloud. It provides unified token metering, cost attribution, access auditing, and multi-model routing across multiple agent platforms, allowing enterprises to retain full control over their own AI traffic even as vendor capabilities expand rapidly.