The Enterprise AI Brief | Issue 10
Inside This Issue
The Threat Room
When Long-Term Agent Memory Crosses Trust Boundaries
Most prompt-injection attacks are confined to a single interaction. Long-term memory changes that assumption. New research shows how information written under one user, task, or authorization context can survive for weeks, reappear later, and influence decisions long after the original interaction is gone.
→ Read the full articleThe Operations Room
Standardizing Observability Across LLM and Agent Workflows
Enterprise observability was built for APIs, databases, and microservices. Agent systems introduce workflows that can span retrieval layers, memory stores, planning stages, tools, MCP servers, and multiple model calls. OpenTelemetry's evolving GenAI conventions are an attempt to make those workflows visible within existing tracing and monitoring systems, revealing both how far AI observability has progressed and where important gaps still remain.
→ Read the full articleThe Engineering Room
Serving Composite Multimodal AI Systems as Executable Dataflow Graphs
Most AI infrastructure was built around a simple assumption: one model, one endpoint, one execution path. New multimodal systems increasingly break that assumption. A growing body of research now treats AI applications as executable graphs of independently managed components, allowing different parts of a workflow to be placed, scaled, and optimized separately. The result is not just better performance, but a different operating model for enterprise AI systems.
→ Read the full articleThe Governance Room
Establishing Provenance and Accountability for AI-Authored Code
A software package can have signed provenance, passing tests, reviewer approval, and a complete audit trail, yet still leave one important question unanswered: did AI write the code? Modern supply-chain frameworks are increasingly effective at proving where software came from, but they still lack a standardized way to record AI authorship. This article examines the growing gap between software provenance and AI accountability, and why that gap is becoming harder to ignore.
→ Read the full article