Guides
Step-by-step walkthroughs for every stage of the agent readiness journey — from inventorying what you have to governing what you run.
How to inventory the AI agents you already run
Build a first, honest inventory of every agent acting on your organisation's systems — including the ones nobody admits to — and turn it into a registry that stays current.
Read guide → GovernanceHow to write a risk profile for an AI agent
Produce a risk profile for one agent: a short, structured document that states what the agent can do, what could go wrong, and which controls bound the damage — concrete enough to drive runtime policy, short enough to stay current.
Read guide → OperationsHow to set up an audit trail for AI agents
Stand up an action-level audit trail that can answer, months later and under scrutiny: which agent did what, when, with what inputs, under whose approval, and with what outcome.
Read guide → Getting startedHow to build an agentic AI system you can put in production
Build a first agentic AI system that does real work — and arrives in production with the identity, permissions, evaluation, and audit trail that let it stay there.
Read guide → SecurityHow to secure the AI agents you run
Put a working security model around your agentic AI — identity, scoped permissions, untrusted-input handling, and a kill switch — so an agent that goes wrong is contained rather than catastrophic.
Read guide → MCPHow to build an MCP server
Expose a system to AI agents through a [Model Context Protocol](/mcp) server — with tools an agent can actually use well, credentials it cannot leak, and logging that tells you what it did.
Read guide → SecurityHow to adopt an AI security framework that actually changes anything
Choose an AI security framework that fits what you need it to prove, map it against the agents you actually run, and turn it into owned controls rather than a binder.
Read guide → SecurityHow to govern agentic AI
Stand up governance for agentic AI that actually operates: decision rights on paper, a registry agents cannot skip, autonomy granted on evidence, and enforcement that lives in the runtime rather than in a review meeting.
Read guide → MCPHow to run MCP servers: local, remote, and hosted
Operate the [MCP](/mcp) servers your agents depend on deliberately — the right ones local, the shared ones run like production services, every credential accounted for, and a catalogue of what runs where.
Read guide → MCPHow to secure MCP servers and clients
Lock down the MCP layer your agents depend on — vetted servers, authenticated connections, least-privilege tools, and injection-aware handling of what flows through them.
Read guide → BuildHow to evaluate a RAG system
Stand up an evaluation harness for a RAG system that scores retrieval and generation separately — so you know which half is failing, catch regressions on every change, and stop shipping on vibes.
Read guide → Agent ObservabilityHow to implement agent observability
Add structured observability to an AI agent system so every LLM call, tool invocation, and reasoning step is recorded in a way that lets you trace failures, audit decisions, and detect quality regressions in production.
Read guide → Agent ObservabilityHow to evaluate AI agents
Design and run an evaluation program that measures whether your AI agent completes its defined tasks correctly, safely, and within acceptable performance bounds — both before release and as part of ongoing production monitoring.
Read guide → Prompt EngineeringHow to do prompt engineering
Write prompts that reliably produce accurate, well-structured outputs from a language model for a defined application task — and iterate systematically when they do not.
Read guide → Prompt EngineeringPrompt engineering tutorial
Build practical prompt engineering skills by working through a progression of prompting tasks — from basic specification to few-shot examples, chain-of-thought, and structured output — with a language model accessible via a chat interface or API.
Read guide → RAGRetrieval-augmented generation tutorial
Build a working retrieval-augmented generation pipeline that answers questions about a document corpus by finding relevant passages and generating answers grounded in those passages, without fabricating information from the model's training data.
Read guide → Agent ObservabilityHow to trace LLM calls
Set up LLM tracing to record the inputs, outputs, latency, and token usage of every model call in an AI application, giving you the observability data needed to debug failures, optimize costs, and monitor quality in production.
Read guide →