Analyst(s): Brad Shimmin, Mitch Ashley
Publication Date: April 10, 2026

BMC Software has unveiled a major expansion of its AI capabilities across its Automated Mainframe Intelligence (AMI) and Control-M portfolios. By integrating the Model Context Protocol (MCP) and introducing a dedicated Agent Gateway within Control-M, BMC aims to neutralize the looming demographic cliff in mainframe expertise while providing the rigorous governance required for autonomous operations. This update firmly positions the mainframe as a first-class citizen in the hybrid cloud, prioritizing operational resilience and automated security.

What is Covered in This Article:

• BMC Software’s transition from conversational AI assistants to an agentic execution framework via the Model Context Protocol (MCP).
• The introduction of the Agent Gateway in BMC Control-M to provide centralized governance and auditability for autonomous AI agents interacting with the mainframe.
• Expansion of zAdviser Enterprise Application Analysis to synthesize source code analysis with real-time development telemetry.
• The launch of BMC AMI Digital Certificate Management to automate the rotation of cryptographic certificates ahead of impending regulatory changes.
• Integration of OpenTelemetry standards for on-demand diagnostic tracing across mainframe subsystems.

The News: On April 8, 2026, BMC Software announced a sweeping update to its AI capabilities, headlined by the introduction of purpose-built agentic artificial intelligence. This marks a strategic shift from basic generative AI, which primarily serves up code explanations and troubleshooting tips, to agentic AI, which can perceive system states, reason through complex workflows, and execute actions under strict policy control.

The architectural foundation of this release spans two portfolios: Control-M introduces the Model Context Protocol (MCP) for standardized data access and the new Agent Gateway for operational governance, while the BMC AMI portfolio addresses demographic pressures by enhancing the Knowledge Hub and introducing automated digital certificate management to handle the industry-wide compression of cryptographic lifespans.

Can AI Save the Mainframe? BMC Bets on Governance and Agentic AI

Analyst Take: The mainframe industry is approaching a critical demographic juncture. As institutional knowledge retires, the ‘1H 2026 Data Intelligence, Analytics, and Infrastructure Decision Maker Survey Report’ reveals that skills shortages have more than doubled to 10.4%, replacing budget as the critical constraint for enterprise technology adoption. BMC’s announcement is a defensive maneuver against this loss of institutional memory. By leaning into agentic AI, BMC is seeking to bridge a talent gap that traditional training methods alone cannot solve.

Moving from Chatbots to Chaperoned Agents

For the past two years, AI in the enterprise has been dominated by the copilot model. These conversational tools are essentially advisors that still require a human to perform the heavy lifting. The technical reality of BMC’s shift toward agentic systems is far more significant. By adopting the Model Context Protocol (MCP) within its orchestration layer, BMC gives AI agents a standardized way to communicate with disparate mainframe data sources—logs, code repositories, and telemetry—without custom integrations.

This is a vital architectural shift. MCP defines what knowledge each agent can reach and under what authority; the Agent Gateway defines what actions require authorization before execution. Separating knowledge access from execution authorization is the architectural principle that makes agentic governance defensible at the mainframe scale. In the past, the mainframe was an island where data was trapped in proprietary silos. The MCP integration turns that island into a connected hub where AI agents pull the context needed to understand not just what a piece of COBOL code says, but what it actually does within a live production environment.

In practice, the real innovation is bringing Control-M’s Agent Gateway to mainframe workflows. In a mainframe environment where a single error can vaporize millions of dollars per minute, letting an autonomous agent run free is a non-starter. The Gateway acts as a chaperone, ensuring every action taken by an AI agent is logged, auditable, and compliant with predefined policies. This governance-first approach addresses the top enterprise reservation regarding GenAI: accuracy and hallucinations, which the ‘1H 2026 Data Intelligence, Analytics, and Infrastructure Decision Maker Survey Report’ identifies as a concern for 24.9% of organizations. We are moving into a world where it is no longer enough for an AI to be smart; it must also be obedient and transparent.

The Data Hygiene Bottleneck

While the vision of an autonomous mainframe is compelling, there is a reality that many enterprises will struggle to face: an agentic system is only as effective as the data it consumes. Many organizations have spent decades accumulating messy telemetry, poorly documented legacy modules, and inconsistent governance rules. The bottleneck for BMC’s new tools won’t be the AI itself, but the internal maturity of the customer. Setting up Control-M’s Agent Gateway and defining the boundaries of what an agent can and cannot do on the mainframe requires a level of operational codification that most IT departments have yet to achieve.

Organizations that haven’t invested in digitizing their institutional memory via the Knowledge Hub will find their agents struggling with flawed logic or incomplete context. There is no magic wand for technical debt. Even the most sophisticated agentic framework cannot fix a foundation built on undocumented tribal knowledge. Enterprises must view this move to agentic AI as a journey that begins with data cleaning and policy definitions, not just tool installation.

OpenTelemetry and Cryptography

One of the most pragmatic parts of the announcement is the embrace of OpenTelemetry. For years, the mainframe has been an observability silo—a black box. By enabling on-demand diagnostic tracing that adheres to open standards, BMC is finally allowing platform engineers to monitor a COBOL-based application with the same tools and frameworks they use for cloud-native microservices. This is how you attract younger talent: by making the mainframe look and act like a modern, distributed cloud environment.

The deeper significance extends to governance. When agent telemetry from mainframe execution follows OpenTelemetry semantic conventions, operations teams can trace the full path from agent intent through constraint evaluation to outcome, across cloud-native and mainframe systems in a single view. That’s not a monitoring improvement. It’s the condition under which machine-speed governance becomes possible.

Furthermore, the updates to Digital Certificate Management solve what has become a mathematically impossible human problem. With certificate lifespans dropping from over a year to mere weeks due to evolving security mandates, manual rotation is no longer viable. BMC’s move to automate the lifecycle between the mainframe and enterprise certificate authorities is a necessary evolution to prevent catastrophic outages. It treats security as a dynamic, automated lifecycle rather than a static configuration—the only way to survive in a high-velocity threat environment.

The Convergence of Telemetry and Development Velocity

The expansion of zAdviser Enterprise Application Analysis represents a strategic shift in how we measure the health of the mainframe. As noted in the ‘1H 2026 Data Intelligence, Analytics, & Infrastructure Market Sizing & Five-Year Forecast Report’, the industry is moving from “Data Technician to AI Shepherd.” BMC is facilitating this by synthesizing source code analysis with real-time development metrics to provide a unified view of how code complexity impacts production stability.

This connects the dots between the engineering lab and the data center floor, allowing leadership to identify exactly where technical debt is creating operational friction. This level of narrative intelligence is essential for value stream management. Younger developers expect to see how their changes affect the system in real time, and BMC is providing that visibility, effectively turning the mainframe into a high-performance node within a modern hybrid cloud infrastructure.

The Governance Frontier

The introduction of the Agent Gateway is perhaps the most critical component of this announcement. In the broader tech industry, there is significant hype regarding agents that can “go do things.” But in the context of a mainframe handling millions of financial transactions per hour, the idea of an AI making an unmonitored change is enough to keep any CIO up at night.

According to the ‘1H 2026 Data Intelligence, Analytics, and Infrastructure Decision Maker Survey Report’, the top bottleneck for autonomous agents is the inability to “write back” to data (24.6%). Control-M’s Agent Gateway addresses this by creating a centralized, governed checkpoint for those actions, securely bridging the hybrid cloud to the mainframe. This architecture reflects a mature understanding of enterprise risk.

The operative distinction is between agents querying systems and agents modifying them. Read operations: log retrieval, code inspection, metrics access, and flow without authorization gates through the knowledge layer. Write operations: job execution, pipeline triggers, configuration changes, pass through the Agent Gateway before reaching production. That boundary, read informs, write requires approval, is the control pattern that determines whether automation is trustworthy or just fast.

It acknowledges that while autonomous execution is the goal, policy-in-the-loop oversight is the requirement. This pattern—intelligence plus governance—is likely to become the standard for any infrastructure-level AI moving forward. It transitions AI from an experimental tool to a core component of the enterprise stack.

What to Watch:

• Watch how IBM and Broadcom respond to the Agent Gateway concept. If they fail to provide a similar governance layer for execution, BMC may peel away risk-averse enterprise clients who prioritize control over raw model performance.
• Monitor whether the synthesis of telemetry in zAdviser leads to faster onboarding for millennial developers. Success will be measured in reduced Mean Time to Resolution (MTTR) for teams with lower average tenure.
• Look for enterprises to establish AI Policy Sandboxes. The first wave of agentic execution will likely be limited to low-risk tasks, such as log analysis, before being trusted with high-stakes production batch jobs.
• BMC’s MCP adoption creates direct ecosystem pressure on IBM and Broadcom, both of which operate on proprietary integration models. As MCP-compatible agent runtimes proliferate, enterprises evaluating long-term agent architecture face a concrete choice: open protocol interoperability or incumbent vendor lock-in. BMC is forcing that conversation now.

See the complete news release on the expansion of AI-powered mainframe solutions on the BMC Software website.

Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.

Other Insights from Futurum:

Grounding the Agentic Mandate: As the Semantic Layer Market Eyes 19% Growth, Microsoft Fabric IQ Targets Leaders Prioritizing AI Investment

MCP Dev Summit 2026: AAIF Sets A Clear Direction With Disciplined Guardrails

Futurum Agent Control Plane Framework: A Reference Model for Production AI Agents

Author Information

Brad Shimmin

Brad Shimmin is Vice President and Practice Lead, Data Intelligence, Analytics, & Infrastructure at Futurum. He provides strategic direction and market analysis to help organizations maximize their investments in data and analytics. Currently, Brad is focused on helping companies establish an AI-first data strategy.

With over 30 years of experience in enterprise IT and emerging technologies, Brad is a distinguished thought leader specializing in data, analytics, artificial intelligence, and enterprise software development. Consulting with Fortune 100 vendors, Brad specializes in industry thought leadership, worldwide market analysis, client development, and strategic advisory services.

Brad earned his Bachelor of Arts from Utah State University, where he graduated Magna Cum Laude. Brad lives in Longmeadow, MA, with his beautiful wife and far too many LEGO sets.

Mitch Ashley

Mitch Ashley is VP and Practice Lead of Software Lifecycle Engineering for The Futurum Group. Mitch has over 30+ years of experience as an entrepreneur, industry analyst, product development, and IT leader, with expertise in software engineering, cybersecurity, DevOps, DevSecOps, cloud, and AI. As an entrepreneur, CTO, CIO, and head of engineering, Mitch led the creation of award-winning cybersecurity products utilized in the private and public sectors, including the U.S. Department of Defense and all military branches. Mitch also led managed PKI services for broadband, Wi-Fi, IoT, energy management and 5G industries, product certification test labs, an online SaaS (93m transactions annually), and the development of video-on-demand and Internet cable services, and a national broadband network.

Mitch shares his experiences as an analyst, keynote and conference speaker, panelist, host, moderator, and expert interviewer discussing CIO/CTO leadership, product and software development, DevOps, DevSecOps, containerization, container orchestration, AI/ML/GenAI, platform engineering, SRE, and cybersecurity. He publishes his research on futurumgroup.com and TechstrongResearch.com/resources. He hosts multiple award-winning video and podcast series, including DevOps Unbound, CISO Talk, and Techstrong Gang.