The Infrastructure Layer
Under Every Future Enterprise

Two sessions at the AI Agent Conference in New York stopped me cold. Not because of what the speakers promised — but because of what they revealed about the gap between where enterprise AI is and where it needs to be.

The first was Datadog's presentation on their Bits AI SRE agent: already in GA production, it auto-triggers on incidents, forms hypotheses, and performs root cause analysis across observability signals. The second was the agentic data plane session, which introduced a principle that should be the architectural north star for every enterprise deploying agents: governance must be enforced through channels that agents cannot access, modify, or circumvent.

These two sessions, taken together, define the most important infrastructure layer in enterprise AI right now. Not the models. Not the agents. The control plane underneath them.

Observability Is the New Moat

Datadog's thesis is deceptively simple: as AI agents generate more code and automate more workflows, the bottleneck shifts from creation to verification. Observability infrastructure becomes the ground truth feedback loop for autonomous systems.

Their architecture validates a thesis that every regulated-industry enterprise needs to hear: the audit trail is the product. In financial services, in healthcare, in government, you cannot deploy agents on consequential decisions without being able to prove — to a regulator, to a board, to a client — exactly what each agent did, why, and with what data.

Datadog's evaluation methodology is also instructive. They built their eval dataset by having internal engineers manually label real incident root causes over time. The agent quality scales directly with the richness of the evaluation set. This flywheel — real incidents feeding labeled evaluations feeding better agents — is the pattern every enterprise needs to build for their own domain.

The Immutable Log as the Central Nervous System

The agentic data plane session introduced what I believe is the single most important architectural primitive for enterprise AI: the immutable distributed log.

As multi-agent systems scale — one agent triggering another, which calls a tool, which spins up a sub-agent, which reads a database — the complexity of tracking what happened becomes catastrophic without a central nervous system. An append-only, provably correct audit log collapses this complexity into something linear and defensible.

The Agent Gateway

Every model call and tool invocation must pass through a centralized gateway. This is not just a routing layer — it is the kill switch, the budget enforcer, the compliance gate, and the complete trace capture system. Without this choke point, agentic systems are ungovernable at scale. With it, you have real-time visibility into what every agent is doing, what it costs, and the ability to terminate any workflow instantly.

The Grader Service

An asynchronous consumer of the immutable log that monitors behavioral assertions across the entire agent chain. Positive assertions (“this agent is recommending actions within mandate limits”) and negative assertions (“this agent is not accessing restricted data”) are monitored continuously. The grader can trigger automated kill switches when assertions fail — and produces the behavioral audit trail that any CTO, CCO, or regulator needs to trust the system.

Agent Identity: The Forgotten Attack Surface

One session addressed agentic identity and security. The core insight: AI agents operate at GPU speeds with non-deterministic behavior, making traditional IAM controls dangerously insufficient.

Long-lived API tokens shared across multiple agent processes. Broad service account permissions. No per-agent identity. These are not theoretical risks — they are the current state of most enterprise agentic deployments. An agent that can access a file system, call external APIs, and write to a database with a shared credential is not a controlled system. It is a liability.

The industry is moving toward short-lived, per-task tokens scoped to minimum permissions — the zero-trust principles applied to AI agents. The companies building tooling that makes per-agent identity management practical are solving one of the most underappreciated problems in the agentic stack.

The Investment Thesis

Across all three sessions, the pattern was unmistakable: the most durable value in the agentic AI era will be created by the companies that build the infrastructure layer underneath agents, not the agents themselves.

Observability. Governance. Identity. Immutable audit logs. Agent gateways. Grader services. These are not features of an AI product. They are the foundational infrastructure that every enterprise deploying agents at scale will eventually need — whether they realize it now or after the first compliance incident.

At N+, we are actively tracking this infrastructure layer across Asia's enterprise market. The regulated industries of Hong Kong and Singapore — financial services, insurance, wealth management, healthcare — will need this governance infrastructure before they can deploy agents on consequential workflows. The founders who build it now, with deep domain understanding of Asia's regulatory environments, are building the picks and shovels of the next decade.

“Governance must be enforced through channels agents cannot access, modify, or circumvent. This is the foundational architectural requirement for deploying agents in regulated industries.” — AI Agent Conference, Agentic Data Plane Session