Tailscale unveils Aperture to govern workplace AI use

Tailscale has launched Aperture in open alpha, adding an identity-linked governance layer for organisations using AI tools and autonomous agents.

Aperture routes AI requests through a gateway that ties activity to a user or workload identity. It also centralises provider API keys and generates session histories that organisations can feed into existing security and policy systems.

The launch marks Tailscale's move from secure connectivity into AI governance. Many organisations now face a mix of employee use of public AI services, internal coding assistants, and agent workflows that can call tools and access data without direct human involvement.

Governance focus

Aperture records AI sessions and captures tool calls associated with those sessions. The goal is to give security and compliance teams a clearer view of what an AI tool did, which resources it accessed, and who initiated the activity.

Identity is the core organising principle. Aperture links each request and tool call to a known user or workload identity, instead of relying on shared credentials or post-incident reconstruction. This also helps address the spread of API keys across developer laptops, containers, and agent runtimes.

In this gateway model, provider API keys stay in a central location. Users and workloads connect through the gateway, and usage is tracked to identity. This reduces the number of long-lived secrets distributed across endpoints, which can be difficult to rotate and hard to audit.

Security context

Workplace AI adoption has increased the volume of sensitive information flowing into external services. One analysis of workplace AI usage found 34.8% of corporate data employees enter into AI tools is sensitive, with source code the most common category. A global study led by the University of Melbourne with KPMG found 48% of workers reported uploading sensitive company data into public AI tools.

Exposure can also come from internal deployments. Cisco Talos reported more than 1,100 publicly exposed Ollama large language model servers, and said it took minutes to identify most of them.

Tailscale is positioning Aperture as a control point that applies policy and logging at the moment AI requests are made. It is also pitching it as a way to standardise how developers and automated systems reach approved models.

Integrations and workflows

Aperture can export logs and events to a security information and event management system, fitting established monitoring, retention, and compliance processes. Tailscale is also working with partners including Oso, Cerbos, Apollo Research, and Cribl on authorisation and operational workflows for AI governance.

Aperture works in an existing tailnet and can be configured by pointing compatible coding agents to the gateway with a one-line change. It supports hosted and self-hosted AI endpoints. Supported providers at launch include OpenAI, Anthropic, Google Gemini, Amazon Bedrock, OpenRouter, and Vercel, alongside self-hosted endpoints.

It also works with coding agents and agent frameworks that allow a custom base URL, including Claude Code, Codex, and Gemini CLI. Tailscale is targeting governed AI coding assistance, agentic workflows that invoke tools, and AI-enabled automation in developer environments and CI systems.

Early users

Cribl and Corelight have used Aperture during the alpha period and have begun production rollouts, according to Tailscale.

Cribl said it is using Aperture to give developers access to approved models while collecting audit data.

"Aperture gives our developers easy access to company-approved AI models and gives us clear visibility into how those models are actually being used," said Clint Sharp, CEO, Cribl.

Corelight highlighted key management and operational simplicity when teams add or change models used by developers and automation.

"Aperture provides a single solution to several key sticking points with GenAI workflows. For one, it removes the headache of user API key management; your team just connects to Tailscale and has access to all their models without any other auth flow. It also makes addition of models incredibly easy, allowing your teams to keep up with the newest releases from providers. Aperture provides a single-pane of glass for metrics with incredible granularity, which provides great data for making decisions on your GenAI spend," said Louis Gardner, Director, Security Infrastructure & IT, Corelight.

Availability and pricing

Aperture is available in open alpha through a waitlist, with a gradual rollout planned. During the alpha period, it is available at no additional cost across Tailscale plans. Pricing details will be announced closer to broader availability.

Tailscale co-founder and CEO Avery Pennarun said the product responds to the speed of AI adoption and the gap between developer experimentation and security controls.

"The pressure to adopt AI is forcing organizations to take risks they would never accept elsewhere. Security teams are being asked to approve AI deployments without clear attribution, consistent controls, or audit trails. Tailscale Aperture ties AI usage to identity and provides centralized logging and governance, so companies can adopt AI faster without creating an unmanageable security gap," said Avery Pennarun, co-founder and CEO, Tailscale.