We only publish what we can defend in a vendor meeting. Every claim carries an ID, a review date, and a verdict you can check.
- Our ledger224
- Holding210
- Partial08
- Not holding06
- Industry claims tracked26
- Last reviewtoday
Quiet — no verdict transitions in the last 30 days. See the ledger →
Agent Mode AI — claim-tracked agentic AI analysis
An AI tax is the wrong instrument for a real problem
A growing camp wants to tax AI because it was built on the collective knowledge of everyone and runs on public infrastructure. Both claims are partly true and neither supports a special tax. The grievance is real; the instrument is wrong. Copyright markets, the courts, and the existing profit-and-capital tax base already fit the problem, and a dedicated AI levy would fall on buyers and workers while entrenching the incumbents it is meant to check. What a CIO should budget for instead.
27 years enterprise IT operations. Global organisation. Major incidents. Editorially independent.
- 138pieces
- 224tracked claims
- 14public retractions
The Enterprise Agentic Governance Benchmark. Six dimensions, scored 0–100. Free 5-minute web diagnostic; 30–45 minute Excel for governance groups.
Recently reviewed
Three claims most recently re-tested against their primary sources. Status changes log to the corrections page; nothing quietly vanishes.
- AM-133HoldingQ3 2026 Claim Review Bulletin: which claims moved, which held, and what the EU AI Act enforcement window did to the corpusReviewed 30 Jul 2026Read article →
- OPS-084HoldingDon't Buy the Autonomous AI Sales Rep. Buy the Draft Assistant.Reviewed 29 May 2026Read article →
- OPS-083HoldingAI Got Cheaper. Your AI Bill Is About to Go Up.Reviewed 29 May 2026Read article →
Moving this week
2 claims have moved off Holding in the last 7 days. The full correction log is on the ledger.
Why this publication has a ledger
Most AI commentary gets paid for being loud about what's new. Almost none gets measured on whether what it said last quarter still holds this one. That is the gap this publication exists to close. Every published argument carries an ID, a review date, and one of three verdicts — Holding, Partial, or Not holding — that updates over time as evidence accumulates. The verdict log is the product.
When a claim stops holding, the page says so. The original sentence stays visible. The correction is dated and appended. Nothing is quietly removed. You do not need to trust the author to trust the verdicts — the receipts are public, on a 30–90 day review rhythm, and the corrections record is permanent.
Two registers
Same Holding-up disciplineMid-market and large enterprise. Procurement, governance, EU AI Act, multi-vendor agentic stacks. 30–90 day claim review cadence.
No IT department. Practitioner-advisory voice; faster 30–45 day cadence. Tools, vendor red flags, hours-per-week evaluation budgets.
Topic pillars
Five clusters- 4 articlesNon-human identity
How enterprise IT manages AI agents as first-class identities — lifecycle, credentials, procurement clauses, audit.
- 35 articlesAgent procurement
The contracts, SLAs, and evaluation criteria that distinguish agentic-AI procurement from SaaS procurement.
- 3 articlesShadow AI discovery
Detecting unauthorised agentic-AI deployments inside the enterprise — telemetry patterns, inventory methods, policy response.
- 50 articlesAgentic AI governance
Governance frameworks, oversight patterns, and compliance postures for enterprise agentic-AI deployment.
- 22 articlesEnterprise AI cost
Verifying, tracking, and challenging the ROI claims vendors and analysts make about enterprise agentic AI.
Editor's picks
One per topic cluster- Governance90 days to EU AI Act enforcement: what the corpus says enterprises still haven't done
- Cost economicsThe hidden costs of agentic AI: a CFO's guide to true TCO and ROI modeling
- SecurityClaude Mythos: what 'too dangerous to release' means for your risk appetite and cyber posture
- ArchitectureNon-human identity for AI agents: the 2026 IAM playbook
- StrategyWhy 88% of agentic AI deployments fail
Latest pieces
Full archive →AI Made Attackers Faster, Not Smarter
The fear is that AI hands attackers a new class of capability. The 2026 Verizon DBIR, drawing on data covering 793 enforcement-actioned threat actors, finds the opposite: AI scales the techniques attackers already had, while vulnerability exploitation has overtaken stolen credentials as the top way in. For a CISO that redirects priority from hunting novel AI threats to the controls that scale: patch velocity and identity hygiene.
The frontier labs are becoming systems integrators: what the Anthropic and OpenAI services-company launches mean for the enterprise buyer
On 4 May 2026 Anthropic launched a roughly 1.5 billion dollar enterprise AI services company with Blackstone, Hellman and Friedman, and Goldman Sachs, and OpenAI launched a parallel venture called the Deployment Company with Bain Capital, Advent, TPG, and Brookfield. The trade-press framing is a land grab on the consulting industry. The buyer's framing is structural. When the firm that builds your model, the firm that integrates it into your operations, and in the private-equity-owned case the firm that owns your company can be the same commercial interest, the independence the standard build-versus-buy process quietly assumes is no longer there. This is a map of what changed and what to put in the procurement file.
The EU AI Act Digital Omnibus: the high-risk delay is real, and the 2 August 2026 obligations it leaves standing are not what most enterprises think
On 7 May 2026 the European Parliament and Council reached a provisional political agreement on the Digital Omnibus, which postpones the EU AI Act's high-risk obligations to 2 December 2027 for standalone systems and 2 August 2028 for embedded systems. The trade-press framing is delay. The deployer framing is narrower. The agreement also postpones the provider watermarking duty to 2 December 2026, but it leaves the deployer transparency obligations applicable from 2 August 2026 and leaves the GPAI obligations, the governance regime, the prohibited practices, and the AI literacy duty exactly where they already are. The enterprise that reads delay as a reason to stand the programme down is reading the wrong half of the agreement.
The EU AI Act high-risk delay re-times the conformity work, not the foundations: the agentic-AI readiness to keep building before 2 August 2026
The Digital Omnibus moved the EU AI Act's heaviest obligation, high-risk conformity, out to 2 December 2027 and 2 August 2028. The trade-press read it as a reason to slow down. The operational read is narrower: the delay re-times one workstream and gates none of the others. Three readiness foundations sit upstream of the high-risk deadline and are required by obligations that did not move: a current inventory of which agents run under whose authority, agent-aware vendor contract terms, and active shadow-AI discovery. Each is load-bearing for the Article 50 deployer transparency duties that still apply on 2 August 2026, and each is the evidence base the high-risk conformity work will stand on when it lands. The enterprise that pauses these three has read the delay headline, not the agreement.
Vendor strategic-narrative proof points: the agentic AI procurement diligence checklist
Every agentic AI vendor pitches a strategic narrative; few are tested against the proof points that distinguish 'this is the future' rhetoric from 'this is what we built and what it does'. The 2026 buying-committee diligence checklist walks seven proof points (named-customer references plus revenue contribution, model-vendor relationships disclosed in the MSA, the engineering team's tenure and turnover rate, the post-revenue-recognition product-roadmap evidence, the regulatory disclosure cadence, the executive incentive structure, and the public technical-content cadence) and produces the structural read on whether the narrative is the product or the cover.
Security-platform agentic AI: evaluating TCO and ROI for the buying committee
Security-platform agentic AI sits in a different TCO category than the general-purpose agentic AI the CFO playbook covers. The unit of analysis is the alert and the analyst hour, not the seat or the token. The 2026 evaluation that survives audit walks the buying committee through five cost components and three discount factors against vendor-supplied ROI numbers, and gates the procurement on a 90-day in-environment baseline, not a vendor demo.
Salesforce platform AI vs Microsoft platform AI: the 2026 full-stack comparison for the buying committee
The product-level comparison of Agentforce against Microsoft Copilot is the conversation the existing /compare/ page already covers. The buying-committee question one tier up is the platform comparison; the Salesforce stack (Einstein + Agentforce + Data Cloud + MuleSoft + Tableau) against the Microsoft stack (Copilot + Azure AI Foundry + Microsoft 365 + Fabric + Power Platform). The two stacks compete on different axes and answer different buying-committee questions; the procurement that treats them as substitutes is the procurement that mis-prices the migration cost in year two.
Okta vs specialized NHI vendors: the enterprise agent identity decision matrix for 2026
Okta's 2025 Identity Threat Detection and Privileged Access additions extended the platform into the non-human identity space that specialized NHI vendors (Astrix, Apono, Britive, Aembit, Andesite, P0 Security) have been purpose-building since 2020. The procurement choice is not 'Okta or specialist' as a binary; it is which work the existing Okta deployment covers natively, which work the specialist closes, and where the federated-trust seam is priced. The 2026 buying-committee matrix walks the agent-identity surface in five dimensions and produces the architecture-not-tool decision the audit will ask about.
Browse by topic pillar
Five strategic pillarsComing next
Peter's editorial calendar — honest dates, bumped-with-notes if missed.- Week 1726 Apr 2026Non-human identity — the first procurement question CIOs aren't asking yet
Every enterprise agent deployment passes through a credential. Most teams still hand the agent a human's credential. Naming the NHI gap is the next Q2 procurement conversation.
- Week 1803 May 2026Shadow agent sprawl — what telemetry catches and what it misses
The browser-as-agent-runtime pattern creates a detection gap that MDM/CASB don't see. What the first wave of shadow-AI discovery tools actually find, and the three categories they miss.
- Week 1910 May 2026The AI agent MSA — four clauses every enterprise contract needs by August
EU AI Act enforcement activates 2 Aug 2026. The clauses that survive legal review in the next quarter will be the ones that don't pretend the agent is conventional SaaS.