We only publish what we can defend in a vendor meeting. Every claim carries an ID, a review date, and a verdict you can check.
- Our ledger251
- Holding237
- Partial08
- Not holding06
- Industry claims tracked26
- Last reviewtoday
Quiet — no verdict transitions in the last 30 days. See the ledger →
Agent Mode AI — claim-tracked agentic AI analysis
The 2 Jun White House AI order: what it actually requires
The 2 Jun AI executive order leans on voluntary frontier-model review but hard-wires the federal side: CISA binding directives and an NSA/CISA AI clearinghouse, both within 30 days.
27 years enterprise IT operations. Global organisation. Major incidents. Editorially independent.
- 153pieces
- 251tracked claims
- 14public retractions
The Enterprise Agentic Governance Benchmark. Six dimensions, scored 0–100. Free 5-minute web diagnostic; 30–45 minute Excel for governance groups.
Recently reviewed
Three claims most recently re-tested against their primary sources. Status changes log to the corrections page; nothing quietly vanishes.
- AM-133HoldingQ3 2026 Claim Review Bulletin: which claims moved, which held, and what the EU AI Act enforcement window did to the corpusReviewed 30 Jul 2026Read article →
- OPS-096HoldingGoogle's $100 AI Ultra: who it's actually forReviewed 8 Jun 2026Read article →
- OPS-095HoldingOpenAI's Codex role plugins: what a small team can use todayReviewed 8 Jun 2026Read article →
Why this publication has a ledger
Most AI commentary gets paid for being loud about what's new. Almost none gets measured on whether what it said last quarter still holds this one. That is the gap this publication exists to close. Every published argument carries an ID, a review date, and one of three verdicts — Holding, Partial, or Not holding — that updates over time as evidence accumulates. The verdict log is the product.
When a claim stops holding, the page says so. The original sentence stays visible. The correction is dated and appended. Nothing is quietly removed. You do not need to trust the author to trust the verdicts — the receipts are public, on a 30–90 day review rhythm, and the corrections record is permanent.
Two registers
Same Holding-up disciplineMid-market and large enterprise. Procurement, governance, EU AI Act, multi-vendor agentic stacks. 30–90 day claim review cadence.
No IT department. Practitioner-advisory voice; faster 30–45 day cadence. Tools, vendor red flags, hours-per-week evaluation budgets.
Topic pillars
Five clusters- 5 articlesNon-human identity
How enterprise IT manages AI agents as first-class identities — lifecycle, credentials, procurement clauses, audit.
- 37 articlesAgent procurement
The contracts, SLAs, and evaluation criteria that distinguish agentic-AI procurement from SaaS procurement.
- 4 articlesShadow AI discovery
Detecting unauthorised agentic-AI deployments inside the enterprise — telemetry patterns, inventory methods, policy response.
- 56 articlesAgentic AI governance
Governance frameworks, oversight patterns, and compliance postures for enterprise agentic-AI deployment.
- 31 articlesEnterprise AI cost
Verifying, tracking, and challenging the ROI claims vendors and analysts make about enterprise agentic AI.
- 8 articlesRegulatory readiness
Tracking the agentic-AI regulatory timeline — EU AI Act, sector rules, audit-evidence obligations — and what enterprises must do before each deadline.
- 12 articlesVendor trajectory
Where the major agentic-AI platform vendors are heading — strategy, pricing-model shifts, and what their trajectory means for a multi-year procurement commitment.
Editor's picks
One per topic cluster- Governance90 days to EU AI Act enforcement: what the corpus says enterprises still haven't done
- Cost economicsThe hidden costs of agentic AI: a CFO's guide to true TCO and ROI modeling
- SecurityClaude Mythos: what 'too dangerous to release' means for your risk appetite and cyber posture
- ArchitectureNon-human identity for AI agents: the 2026 IAM playbook
- StrategyWhy 88% of agentic AI deployments fail
Latest pieces
Full archive →Microsoft 365 E7 and the new shape of AI licensing
Microsoft's $99 E7 Frontier Suite and the 1 Jul base-price rises move the enterprise AI-licensing decision onto the renewal table, where even the customers who decline Copilot end up paying more.
Anthropic's $965B valuation and the vendor question it forces
Anthropic's $965B Series H overtook OpenAI's $852B. The binding risk in a multi-year Claude or GPT contract is no longer model capability; it is pricing power and exit terms.
Enterprise AI cost and ROI in 2026: what the evidence actually shows
The enterprise AI cost question in 2026 is not the seat price on the order form; it is total cost of ownership measured against realised ROI. Across four independent datasets the high-return minority is separated from the majority by measurement discipline and operational preconditions, not by model capability or vendor choice.
Enterprise AI vendor comparison: the agentic platforms are converging
By mid-2026 the major enterprise agentic-AI platforms ship the same primitives: an agent builder, MCP tools, a policy gateway, and observability. When capability converges, the durable selection criterion is the auditability of each vendor's accountability surface.
Enterprise AI claims, one quarter on: what held up and what aged
This publication registers one falsifiable claim per article and tracks it on a public cadence. One quarter and 236 claims in, the movement data shows what kind of enterprise-AI claim ages, and how fast.
There is no federal AI floor coming: what Colorado's retreat and the stalled preemption fight mean for enterprise compliance planning
American enterprises waiting for the US AI regulatory picture to settle before they build their compliance posture got two answers in the first half of 2026, and both point the same way. The federal floor most boards assumed was coming is not coming on a plannable timeline: the White House framework of 20 March 2026 is explicitly non-binding, and the proposed moratorium on state AI laws was not enacted. Meanwhile the most-watched comprehensive state law moved backwards, not forwards: on 14 May 2026 Colorado gutted its own AI Act and pushed it to 2027. The lesson is not that regulation is going away. It is that there is no single regime to build to, and waiting for one is now the riskier choice than building to the obligations that already apply.
The bottleneck moved from the model to the engineer: what the forward-deployed-engineer turn means for enterprise AI procurement
The scarce input in enterprise AI is no longer access to a capable model. Every serious buyer can rent frontier capability by the token. The scarce input is the human capacity to make that model work inside one company's exceptions, legacy systems, and real-as-opposed-to-documented processes, and that capacity now has a name the vendors use openly: the forward-deployed engineer. In May 2026 the model vendors built businesses around it. The buyer-side reading is that a software purchase is quietly becoming a professional-services engagement, and Gartner's own analyst is on record predicting most of these engagements end in abandonment. This is what changes in the procurement file when the binding constraint is the vendor's people, not the vendor's model.
AI coding agents are now an enterprise attack surface: what TrustFall and SymJack mean for the software supply chain
In May 2026 security researchers published two findings, TrustFall and SymJack, that broke the same assumption across every major AI coding agent at once: Claude Code, Cursor, Gemini CLI, GitHub Copilot CLI, OpenAI Codex CLI, and Grok all treated the on-screen approval prompt as informed consent, and all could be driven to remote code execution by a booby-trapped repository. Microsoft separately disclosed two prompt-injection-to-RCE bugs in its own agent runtime, Semantic Kernel. When a flaw is shared by every product in a category, the category has a design assumption that does not hold. For the enterprise, the consequence is concrete: the coding agent your developers run with their full credentials is a production attack surface, and most governance programmes have it filed under developer tooling, outside the inventory entirely.
Browse by topic pillar
Five strategic pillarsComing next
Peter's editorial calendar — honest dates, bumped-with-notes if missed.- Week 1726 Apr 2026Non-human identity — the first procurement question CIOs aren't asking yet
Every enterprise agent deployment passes through a credential. Most teams still hand the agent a human's credential. Naming the NHI gap is the next Q2 procurement conversation.
- Week 1803 May 2026Shadow agent sprawl — what telemetry catches and what it misses
The browser-as-agent-runtime pattern creates a detection gap that MDM/CASB don't see. What the first wave of shadow-AI discovery tools actually find, and the three categories they miss.
- Week 1910 May 2026The AI agent MSA — four clauses every enterprise contract needs by August
EU AI Act enforcement activates 2 Aug 2026. The clauses that survive legal review in the next quarter will be the ones that don't pretend the agent is conventional SaaS.