AI News Roundup — 2026-02-22 (Enterprise + Product)

A fast, source-linked roundup of what changed this week in AI for enterprise buyers and product teams.

TL;DR

Google is accelerating Gemini 3.1 Pro availability across developer and enterprise channels, while platform operators (Cloudflare) and data-plane vendors (Redpanda) are publishing the “how to run it” details that matter in production. On the build side, GitHub Copilot’s coding agent is getting more enterprise-friendly (Windows environments + code referencing), and Salesforce is tightening integration security in Spring ’26 to match an agentic future.

Top stories

Google releases Gemini 3.1 Pro in preview across the Gemini API, Vertex AI, Gemini Enterprise, and consumer apps

What happened: Google announced Gemini 3.1 Pro and began rolling it out in preview to developers via the Gemini API (Google AI Studio) and to enterprises via Vertex AI and Gemini Enterprise. Google also states Gemini 3.1 Pro is coming to the Gemini app and NotebookLM, and highlighted a verified ARC-AGI-2 score.

Why it matters: For enterprise and product teams, model upgrades only become real when they land in the procurement and deployment surfaces you already use (Vertex AI, enterprise SKUs, admin controls). The practical question to test this week is not “is reasoning better?” but “does Gemini 3.1 Pro improve tool-use success rates in your workflows (edit→test loops, retrieval, and multi-step automation) without breaking output contracts?”

Source: https://blog.google/innovation-and-ai/models-and-research/gemini-models/gemini-3-1-pro/

Cloudflare publishes an in-depth postmortem for a BYOIP/BGP outage (and explicitly rules out a cyberattack)

What happened: Cloudflare published a post-incident report describing a February 20, 2026 incident in which a subset of customers using Cloudflare Bring Your Own IP (BYOIP) saw routes withdrawn via BGP. Cloudflare states the root cause was an internal change to the BYOIP pipeline and states the incident was not caused by malicious activity.

Why it matters: Enterprise AI systems increasingly depend on edge routing, API gateways, and globally distributed networking for inference traffic and tool calls. This incident is a reminder to treat reliability as a product requirement: build graceful degradation (timeouts, retries, cache, queueing), define multi-provider failover for critical endpoints, and make “status behavior” part of the user experience design.

Source: https://blog.cloudflare.com/cloudflare-outage-february-20-2026/

Redpanda announces general availability for Redpanda Agentic Data Plane (ADP), including Redpanda AI Gateway

What happened: Redpanda announced Redpanda Agentic Data Plane (ADP) availability for approved design partners. The announcement describes ADP as a governed connectivity layer for enterprise agents, including an AI Gateway for centralized routing, policy enforcement, cost management, and observability across LLM and Model Context Protocol (MCP) traffic.

Why it matters: Many “enterprise AI pilots fail” for operational reasons: no identity, no audit trails, unclear tool access, and no budget guardrails. A dedicated agentic data plane category (and products like Redpanda ADP) is a signal that the market is shifting from “build agents” to “run agents safely”: policy, spend controls, and traceability become first-class platform features.

Source: https://www.redpanda.com/blog/redpanda-agentic-data-plane-adp-is-now-available · https://www.redpanda.com/agentic-data-plane

Salesforce Spring ’26 release architecture changes push teams toward more secure integration patterns (External Client Apps)

What happened: Salesforce published Spring ’26 “architect highlights” outlining security and integration shifts, including restrictions on Connected App creation (by default) in favor of External Client Apps (ECAs) and continued deprecation of legacy authentication patterns. The post also flags changes that affect automation and certificate lifecycle planning.

Why it matters: Agentic product roadmaps often assume frictionless access to SaaS data. Spring ’26 changes are a reminder that identity and integration patterns are the long pole: if your AI feature depends on legacy auth or ad hoc connected apps, your roadmap is brittle. Treat app registrations, OAuth flows, and certificate rotation as “AI platform plumbing” and automate them early.

Source: https://www.salesforce.com/blog/spring-26-release-architect-highlights/?bc=OTH · https://help.salesforce.com/s/articleView?id=release-notes.salesforce_release_notes.htm&release=218&type=5

Shipping & platform updates

Gemini 3.1 Pro becomes selectable in GitHub Copilot (public preview rollout)

What happened: GitHub announced Gemini 3.1 Pro is rolling out in GitHub Copilot for Copilot Pro, Pro+, Business, and Enterprise users, with admin policy enablement required for Business and Enterprise. GitHub positions Gemini 3.1 Pro as strong on edit-then-test loops with high tool precision.

Why it matters: “Model choice” is now an enterprise procurement and governance surface inside dev platforms. If your organization standardizes on GitHub Copilot, the decision moves from individual developers to admin policy: you can run controlled experiments by enabling Gemini 3.1 Pro for a subset of teams and measuring throughput, regression risk, and tool-call costs.

Source: https://github.blog/changelog/2026-02-19-gemini-3-1-pro-is-now-in-public-preview-in-github-copilot/

GitHub Copilot coding agent now supports code referencing (links to matching public source code + licenses)

What happened: GitHub announced Copilot coding agent now works with Copilot code referencing. If the agent generates code that matches code in a public GitHub repository, GitHub highlights the match in session logs with a link to the original code and any license that may apply. GitHub also notes that “Suggestions matching public code” Block mode is not supported for Copilot coding agent.

Why it matters: This is a governance upgrade: autonomous code generation needs better provenance and review ergonomics. However, the lack of Block mode for the coding agent means enterprise teams should update policy and review processes (session log checks, licensing review, and guardrails) before turning on background agent workflows broadly.

Source: https://github.blog/changelog/2026-02-18-copilot-coding-agent-supports-code-referencing/ · https://docs.github.com/copilot/concepts/completions/code-referencing

GitHub Copilot coding agent can be configured to use a Windows development environment (GitHub Actions)

What happened: GitHub announced that Copilot coding agent can now run in a Windows environment for Windows-targeted projects, configured via a copilot-setup-steps.yml file. GitHub also notes the coding agent integrated firewall is not compatible with Windows and recommends using self-hosted runners or larger runners with Azure private networking for network controls.

Why it matters: Many enterprise codebases are Windows-first (.NET, desktop tooling, legacy build chains). This update makes “agentic PRs” more realistic for those environments — but it also makes network/security architecture more important. If you enable Windows runners for agentic workflows, you should explicitly design egress controls and secrets handling for the runner environment.

Source: https://github.blog/changelog/2026-02-18-use-copilot-coding-agent-with-windows-projects/

Claude Sonnet 4.6 rolls out as a selectable model in GitHub Copilot

What happened: GitHub announced Claude Sonnet 4.6 is rolling out in GitHub Copilot for Copilot Pro, Pro+, Business, and Enterprise. GitHub notes a premium request multiplier and states rollout is gradual.

Why it matters: For platform owners, model mix impacts cost and performance. For product leaders, “selectable models” implies you need an internal rubric: which workflows get premium models (agent mode, search-heavy tasks) and which should default to cheaper models (autocomplete, low-risk transformations). Treat model selection as a spend + risk policy, not a developer preference.

Source: https://github.blog/changelog/2026-02-17-claude-sonnet-4-6-is-now-generally-available-in-github-copilot/

GitHub Copilot deprecates selected model options (administrators may need to enable alternatives)

What happened: GitHub announced it deprecated several models across GitHub Copilot experiences on February 17, 2026, including Claude Opus 4.1, GPT-5, and GPT-5-Codex, and recommended alternatives such as Claude Opus 4.6, GPT-5.2, and GPT-5.2-Codex.

Why it matters: In an agentic toolchain, “model availability” is a dependency that can break silently. If you use Copilot (or any orchestrator), build a deprecation playbook: define golden evaluation tasks, maintain a fallback model, and instrument behavior changes (format regressions, tool-call patterns, and test pass rates) when models roll.

Source: https://github.blog/changelog/2026-02-19-selected-anthropic-and-openai-models-are-now-deprecated/

Salesforce highlights Agentforce Marketing features in Spring ’26 (Conversational Email and Multi-touch Attribution)

What happened: Salesforce published Spring ’26 marketing updates for Agentforce Marketing, including Conversational Email (agent-driven responses to inbound replies) and Multi-touch Attribution (built-in dashboards to assign credit across touchpoints).

Why it matters: This is a pattern to watch: “agent-first features” are landing directly in business-user SaaS, not just developer platforms. For enterprise product and ops teams, the risk is uneven governance: a marketing org can ship agentic customer interactions faster than the company can set policies. Put a lightweight approval and monitoring loop around any customer-facing autonomous responses.

Source: https://www.salesforce.com/blog/agentforce-marketing-spring-release/?bc=OTH · https://help.salesforce.com/s/articleView?id=release-notes.rn_mktg_email.htm&release=260&type=5

Policy, security, and governance

NIST launches the AI Agent Standards Initiative (interoperability + security, with RFIs and concept papers)

What happened: The U.S. National Institute of Standards and Technology (NIST), via the Center for AI Standards and Innovation (CAISI), announced an “AI Agent Standards Initiative” aimed at fostering industry-led standards and protocols so AI agents can interoperate securely across the digital ecosystem. NIST points stakeholders to CAISI’s Request for Information on AI Agent Security (due March 9) and NIST NCCoE work on AI agent identity and authorization (concept paper due April 2).

Why it matters: Enterprise agent deployments are blocked less by model capability than by trust: identity, authorization, auditability, and cross-system interoperability. NIST’s work is a signal for product teams to start designing around agent identity and delegated authorization now (service accounts, scoped tokens, policy-as-code) rather than bolting it on after a pilot.

Source: https://www.nist.gov/news-events/news/2026/02/announcing-ai-agent-standards-initiative-interoperable-and-secure · https://www.nccoe.nist.gov/projects/software-and-ai-agent-identity-and-authorization

Google publishes its 2026 Responsible AI Progress Report (with a linked PDF)

What happened: Google published an update summarizing its 2026 Responsible AI Progress Report and linked to a PDF report. Google describes a multi-layer governance approach spanning the AI lifecycle (research through post-launch monitoring) and emphasizes testing and safeguards as models become more capable and multimodal.

Why it matters: This is useful as a “what good looks like” reference when you are building internal governance: lifecycle processes, risk testing, monitoring, and remediation. If you sell AI features to enterprises, these reports also shape buyer expectations — you will increasingly be asked to explain your evaluation methods, safeguards, and incident response plans in procurement.

Source: https://blog.google/innovation-and-ai/products/responsible-ai-2026-report-ongoing-work/ · https://ai.google/static/documents/ai-responsibility-update-2026.pdf

South Korea begins enforcing the AI Basic Act (national AI framework law), with guidance documents and support desk

What happened: CIO reported on the enforcement of South Korea’s AI Basic Act and described the government’s preparatory process, guidance documents, and an “AI Basic Act support desk.” The article contrasts the framework with the EU AI Act and discusses business concerns around ambiguity, scope, and compliance obligations.

Why it matters: Global enterprises will operate under multiple AI regulatory regimes at once. The practical play is to build a reusable compliance “core” (disclosures, documentation, evaluation evidence, and audit logs) and then map local obligations (EU, South Korea, U.S. states) on top. Product teams should treat transparency and documentation as product requirements, not legal afterthoughts.

Source: https://www.cio.com/article/4134658/the-era-of-the-ai-framework-act-begins-what-response-paths-are-proposed-by-legal-industry-and-academic-leaders.html · https://aibasicact.kr/

One take

Enterprise AI is converging on an “operating model,” not a single vendor stack. The week’s updates split cleanly into two buckets: (1) capability supply (Gemini 3.1 Pro, Copilot model portfolios) and (2) operational correctness (network reliability at Cloudflare, policy and observability layers like Redpanda ADP, and integration hardening in Salesforce Spring ’26). The winners will be the teams that can ship agentic features while still meeting enterprise requirements: identity, cost controls, auditability, and predictable failure modes.

What to do this week: (1) pick one production workflow and run an A/B evaluation across two models (quality + tool-use completion + cost), (2) write a model deprecation and fallback playbook (who owns the switch, what tests must pass), and (3) inventory where your agents touch external systems (OAuth apps, tokens, MCP servers, networking) and put policy + logging in front of those edges.

Tags: AI news roundup, enterprise AI, product management, Google Gemini, GitHub Copilot, Copilot coding agent, Redpanda, Cloudflare, Salesforce Agentforce, NIST