Five layers that separate real governance from compliance theater
Read with a highlighter. There are a lot of pages. Most of them earn their place.
MSFT take on Agents
This is what governance as infrastructure looks like in practice.
MCP registries aren't catalogs — they're control planes
A control plane is active — it governs what can be used, by whom, under what conditions, and with what audit trail.
Harness Engineering: Why Better Models Aren't Enough to Ship AI Agents
That gap is "harness engineering," and it's where the real work of building production-grade agents happens
You actually cant see your agents
Agent observability is a distributed systems problem, and OpenTelemetry is the backbone
Agents make retrieval harder, not obsolete
That works for focused problems, not agents
What a Lisbon cafe told me about Anthropic's marketplace experiment
Coffee without principle. A Lisbon lesson for AI.
Onyx security raises $40M to build an AI control plane for enterprise agents
Your existing security architecture assumes humans review and approve decisions. Agentic systems break this pattern.
