AI Governance & Security Framework Landscape: Comparative Analysis of Substrate Governance, Runtime Security, and Legacy Frameworks in 2026 Agentic Systems

This reference document provides a comparative analysis of eight AI governance and security frameworks across six dimensions: layer of control, core model, what the framework secures, strengths, and gaps in 2026 agentic system environments. The analysis covers APR-Series substrate governance, A2AS runtime security, OWASP AI Security & Privacy Guide, OWASP Top 10 for LLMs, ISO/IEC 5338, NIST AI RMF, MITRE ATLAS, and MOSAIC. The central finding is that existing frameworks were designed for a world where AI systems were models wrapped in applications, prompt injection was the dominant failure mode, and actions were reversible. That world ended in 2025. The 2026 agentic environment requires governance at the substrate layer — the execution environment, authority envelope, and semantic boundaries that agents operate within — not merely at the application or runtime layer. APR-Series defines the substrate-level invariants that agentic systems must satisfy. A2AS provides the runtime enforcement mechanisms that operate within those invariants. All other frameworks in this analysis operate below the substrate layer or govern organizational processes rather than agentic system behavior. The gap between what we deploy and what we govern is where the real risk in 2026 agentic systems lives. This reference is designed to make that gap visible.