The old bottleneck was building software. The new bottleneck is operating it safely.
For most of the last decade, software companies treated speed of creation as the strategic constraint. Could we hire enough engineers? Could we get product teams shipping faster? Could we move from quarterly releases to weekly, then daily, then continuous delivery? Could we use cloud, containers, serverless, low-code and platform tooling to remove friction from the path between idea and production?
That world has not disappeared. But the constraint has moved.
AI has made it dramatically easier to create software, generate code, automate workflows and prototype new products. The same is true for modern cloud platforms and developer tools. A small team can now build what previously required a larger engineering function. A founder can take an idea from concept to working product in days. A product team can add AI features without building an AI research organisation. A developer can ask an assistant to scaffold, refactor, test and explain code at a speed that would have looked absurd a few years ago.
That is a real shift. It is also only half the story.
Production does not care how quickly the software was created. Production still asks the same hard questions, plus several new ones.
The questions production still asks
- Is the system observable? Will we know before customers know?
- Can we separate noise from signal?
- Who responds when something breaks?
- What happens when an AI workflow behaves unexpectedly?
- Can we explain what happened after the fact?
- Can we prove that controls are working?
- Can we keep cost under control as telemetry, inference and cloud usage grow?
- Who is accountable when an automated or AI-assisted system causes a customer-impacting event?
These are not theoretical questions. AI adoption is already widespread, and it is moving into production faster than the operating practices around it are maturing.
of organisations say they regularly use AI in at least one business function, up from 78% the year before.
McKinsey, 2025 global survey
of organisations reported using AI in 2024, up from 55% in 2023.
Stanford, 2025 AI Index
of AI model requests fail in production, with 69% of companies now running three or more models alongside increasingly complex agent workflows.
Datadog, 2026 State of AI Engineering
The direction is obvious. More software is being shipped. More AI is entering production. More runtime complexity is being created. The old bottleneck was building software. The new bottleneck is operating it safely.
That bottleneck has a name: the Runtime Trust Gap.
What is the Runtime Trust Gap?
Definition
The Runtime Trust Gap is the gap between what an organisation can ship and what it can safely operate, govern and prove in production.
It appears when product velocity grows faster than operational maturity. Creation has been accelerated by AI, cloud and developer tooling. The ability to operate the result safely has not kept pace, so a gap opens and widens.
It appears when a company can create features faster than it can observe them. It appears when an engineering team can deploy AI workflows faster than it can define escalation paths, human approval points and incident procedures. It appears when a board, customer, auditor or regulator asks for evidence and the company has to scramble through dashboards, tickets, chat threads and memory to reconstruct what actually happened. It appears when a company says it is "AI-ready" but cannot answer basic runtime questions about reliability, cost, security, incident ownership and human control.
The Runtime Trust Gap is not just an AI problem. It already exists in cloud-native software, SaaS platforms, fintech systems, healthtech workflows, public-sector-adjacent software and any business where digital services now carry real operational risk. AI simply makes the gap more visible because it increases speed, dependency and ambiguity.
A traditional application usually fails in ways engineering teams understand: latency, errors, saturation, dependencies, deploys, queues, databases, networks, permissions, certificates, infrastructure limits. Those are hard enough. AI-enabled systems add another set of questions. Which model was called? Which prompt was used? Which retrieval source was involved? What tool did the agent call? Was the action approved? Was sensitive data exposed? Did token usage spike? Was the response poor quality, unsafe or simply too slow? Was the issue caused by the model, the context, the application, the cloud platform, a third-party API, capacity limits or the orchestration layer?
If the operating model cannot answer those questions, the organisation does not have AI trust. It has AI hope. And hope is not an operating model.
What leaders currently cannot see, control or prove
The Runtime Trust Gap usually shows up across three leadership anxieties: visibility, control and proof.
01 / See
Visibility
Leaders cannot see the runtime clearly enough. Dashboards do not guarantee useful visibility, logs do not guarantee signal, traces do not guarantee ownership. Telemetry often exists but is fragmented, noisy, inconsistently tagged or detached from the services customers care about.
02 / Control
Control
Leaders cannot control the runtime consistently enough. Alerts fire, but nobody knows whether they matter. Incidents happen, but severity and ownership are unclear. AI tools propose fixes, but approval boundaries are vague. Costs drift. Runbooks live in someone's head, an old wiki page, or nowhere.
03 / Prove
Proof
Leaders cannot prove runtime trust when asked. Customers want security assurance. Boards want operational risk visibility. Regulators care about resilience. Enterprise buyers want evidence that the software they depend on is operated properly.
That last point matters more every year, because operational expectations are increasingly written into regulation.
Why proof is becoming external
For financial services, DORA has applied since January 2025 and focuses on the ability of financial entities to withstand, respond to and recover from ICT disruptions. In the UK, the FCA's operational resilience regime required in-scope firms to operate important business services within impact tolerances by 31 March 2025. The EU AI Act is applying progressively, with major obligations phased across 2025, 2026 and 2027.
The lesson is not that every software company must become a compliance department. It is that operational trust is becoming visible outside engineering.
A weak runtime operating model is no longer just an internal inconvenience. It can block enterprise sales, undermine customer trust, slow audits, increase cloud and observability spend, create incident confusion and make AI governance feel like theatre. The companies that notice this early will build a trust advantage. The companies that ignore it will keep shipping faster until the runtime pushes back.
Monitoring, cloud support and policy documents are not enough
The Runtime Trust Gap persists because many teams think they have already solved it. They confuse inputs with outcomes. They buy monitoring and assume they are observable. They buy cloud support and assume the application is resilient. They write policies and assume the runtime is controlled. None of those assumptions survive contact with production.
| What teams buy | What they assume | Why it falls short |
|---|---|---|
| Monitoring | We are observable | Monitoring tells you that something happened. Operational visibility helps the right people understand what happened, why it matters, who owns it and what should happen next. |
| Cloud support | The application is resilient | A hyperscaler keeps its infrastructure available. It does not know your product promises, customer impact, service dependencies, on-call fatigue, evidence needs or commercial risk appetite. |
| Policy documents | The runtime is controlled | A policy can say incidents must be reviewed. It cannot create the timeline. It can say changes need approval. It cannot prove the approval happened, or show which AI action was blocked, approved or escalated. |
| An observability platform | Someone owns the operating model | A platform provides the substrate. It does not decide your tagging standards, alert design, escalation rules, SLO ownership, cost guardrails, evidence packs or incident rituals. |
This is where many teams get stuck. The tool is present. The operating model is missing. The result is expensive telemetry, noisy alerts, underused dashboards, inconsistent response, rising bills and weak evidence.
That is not observability. That is operational debt with a better user interface.
The category: Managed Runtime Assurance
The market needs a clearer category for the operating layer now required around modern software and AI systems. That category is Managed Runtime Assurance: the accountable operation of production applications, cloud platforms and AI systems so they remain trustworthy on six fronts.
Observable
The right people can see what is happening across the systems that matter.
Secure
Runtime security risks are visible and acted on, not discovered after the fact.
Resilient
Failure is detected, owned and recovered from without chaos.
Cost-controlled
Cloud, telemetry and AI usage stay governed rather than drifting away from value.
Evidence-ready
Proof of how the system is operated is produced as a by-product, not a panic.
Human-governed
Humans stay in the loop wherever judgement, not just labour, is required.
The customer is not buying a ticket queue, a monitoring wrapper or a traditional support contract. They are buying an operating outcome.
Production stays healthy, incidents are handled, controls are enforced and evidence is ready when customers, auditors, boards or regulators ask for it.
Managed Runtime Assurance exists because the runtime now combines responsibilities that used to live in separate boxes: observability adoption and operations, cloud and hybrid runtime operations, incident response and operational resilience, SRE and platform engineering practices, runtime security operations, cost governance across cloud, telemetry and AI usage, compliance-supporting evidence, and AI runtime monitoring with agent governance and human approval.
This is not about inventing a new budget from nothing. The budget already exists, but it is fragmented across cloud operations, DevOps, SRE, observability, security, compliance, incident management, FinOps and platform engineering. Managed Runtime Assurance brings those responsibilities together around one question: can the organisation trust the runtime? Without the category, buyers keep treating the problem as a collection of disconnected tasks. With the category, leaders can discuss the runtime layer as a board-level operating capability.
What Managed Runtime Assurance includes
A mature Managed Runtime Assurance model has eight working components. They are not a menu of separate products; they are the parts of a single operating model.
-
Runtime visibility
Infrastructure, application, logs, traces, user journeys, dependencies, model calls, agents, synthetic checks, service maps and SLOs, made usable through consistent tagging, clear ownership and meaningful alerts.
-
Incident response and escalation
Severity definitions, escalation paths, response coverage, incident command, communication routines and post-incident review, plus AI-specific incident questions about model, prompt, retrieval, tool, security and cost.
-
Reliability and resilience
SLOs, error budgets, capacity patterns, dependency risk, backup and recovery checks and recurring failure themes feed an improvement backlog. The goal is a runtime that gets safer to operate over time.
-
Runtime security operations
Security posture follow-up, suspicious activity signals, sensitive data exposure risks, vulnerability and misconfiguration visibility, access events and escalation paths for security-relevant incidents.
-
Cost governance
Budget visibility, telemetry governance, ownership of high-volume data, usage reviews and decision rules for what gets collected, retained and routed. Cost control is a sign the operating model understands the system.
-
Runtime evidence
Incident timelines, RCAs, SLO reports, alert reviews, access records, change records, cost approvals, AI runtime traces and human approval logs, generated by the way the runtime is operated rather than assembled after the fact.
-
Human-governed automation
AI can investigate faster, summarise incidents, surface anomalies and draft remediations. Production accountability stays governed through clear boundaries for what is automated, approved or escalated.
-
Operating cadence
Weekly checks, monthly assurance reports, quarterly maturity reviews, recurring cost and alert hygiene, incident learning and evidence-pack improvement. Rhythm is what separates a service from a category.
Human-governed automation, in practice
The mature model is not "let agents change production whenever they want." It is a set of action boundaries that keep a human accountable where judgement matters.
Why Datadog is a strong operating substrate, but not the whole answer
Managed Runtime Assurance needs a serious telemetry and operational data layer. Modern production systems are too distributed, dynamic and interdependent to be operated from infrastructure alerts alone. Teams need application performance, logs, traces, real user monitoring, synthetic checks, service-level objectives, incident workflows, cloud security signals, telemetry pipelines, cost visibility and now LLM and agent observability.
Datadog has expanded into many of those areas. Its LLM Observability monitors, troubleshoots and evaluates LLM-powered applications, including traces of model inferences, workflows and dynamic agent execution. Bits AI is positioned as an agentic teammate for development, security and operational workflows. Observability Pipelines address cost, noise and sensitive data at scale. That is why Datadog is such a strong substrate for Managed Runtime Assurance.
But Datadog is still a platform. It is not the operating company. A platform can collect telemetry; it cannot make your organisation agree what matters. It can create alerts; it cannot decide which alert deserves a human at 03:00. It can trace a model call; it cannot own the customer communication, the regulatory context or the production-change judgement. It can surface cost data; it cannot force the organisation to govern telemetry before the bill becomes a board conversation.
Datadog gives the telemetry. The operating model creates trust.
That operating model needs standards, people, runbooks, escalation, evidence, cost governance and human accountability. It is also why observability implementation should not be treated as a one-off technical setup. For many companies, the first 90 days decide whether the platform becomes an operating advantage or expensive shelfware. The organisations that get observability right do not just install it. They operate it.
What the customer owns versus what the runtime operator owns
One reason Managed Runtime Assurance needs clear language is that the boundary matters. It is what keeps the category honest.
The customer owns
The product
- Product idea and roadmap
- User experience and application code
- Model behaviour and model choice
- Business logic and data decisions
- Ultimate regulatory responsibility
The runtime operator owns
The stack
- Observability and cloud operations
- Incident response and alert quality
- Runbooks, escalation and evidence
- Runtime security follow-up
- Cost governance and governed automation
You own the product. We operate the stack.
This boundary is not a limitation. It is a trust mechanism. It prevents the category from drifting into vague AI consultancy, compliance overclaiming or old-world MSP confusion. For AI systems it matters even more: the customer owns what the AI product is meant to do, while the runtime operator makes the AI system observable, monitored, controlled, escalated and evidenced in production. That is how AI operations becomes trustworthy without pretending that operational teams can outsource moral, product or regulatory judgement to a tool.
The operating maturity model
The State of Trust in AI Operations research programme uses six dimensions that also work as a practical operating maturity model. They are useful because they separate runtime trust from vague confidence, and because most teams are not weak in one dimension. They are uneven across all six.
| Dimension | Low maturity | High maturity |
|---|---|---|
| Visibility Can we see what is happening? |
Dashboards exist, but there is no shared view of service health. | Service ownership, SLOs, clean telemetry and traces that connect customer impact to root cause, including model and agent calls. |
| Reliability Can we detect and recover? |
Incidents are handled by whoever notices first. | Incidents have severity, roles, escalation, playbooks, reviews and a reliability backlog. Not the absence of incidents, the absence of chaos. |
| Security Are runtime risks acted on? |
Security is detached from operations and surfaces late. | Misconfigurations, suspicious activity, exposure risks and, for AI, prompt injection and unsafe tool execution are visible and escalated. |
| Human control Where must humans stay in the loop? |
Automation boundaries are undefined; agentic actions become shadow change management. | Action classes are explicit: automate, approve, or escalate to senior human judgement. |
| Accountability Who owns the outcome? |
A dashboard, an alert and an agent all have no accountability. | Named owners for services, runbooks, incidents, communication, evidence and improvement. |
| Operational maturity Is the model improving? |
The runtime relies on heroics. | Cadence, standards, reviews, reusable templates and learning from every incident turn operational knowledge into reusable assets. |
Those six dimensions turn runtime trust into something leaders can discuss, assess and improve. They also expose the central problem: the unevenness across them is the Runtime Trust Gap.
What leaders should do next
The first step is to stop treating runtime trust as an afterthought. Every CTO, founder, VP of Engineering and Head of Platform should be able to answer eight practical questions.
- Which production services are truly critical to customers, revenue or regulation?
- Do we have clean, owned telemetry for those services?
- Are our alerts actionable, or are we training teams to ignore them?
- Do our SLOs reflect customer trust, or only engineering convenience?
- Can we reconstruct an incident timeline without heroic manual effort?
- Do we know where AI or automation requires human approval?
- Can we show evidence of runtime controls without audit panic?
- Is someone accountable for continuously improving the operating model?
The questions expose the gap. Closing it is a programme of work, not a purchase.
-
Build the runtime trust baseline
Map critical services, define ownership, clean telemetry, set SLOs, reduce alert noise, create incident workflows, govern costs, document runbooks and decide what evidence should be produced monthly.
-
Treat observability as an operating model, not a procurement decision
Buying a platform is only the start. The value comes from how it is configured, governed, reviewed and connected to incident response, cost control, security and evidence.
-
Define AI runtime governance before AI incidents force the issue
Identify AI-enabled workflows, trace model and agent behaviour, define approval boundaries, monitor cost and failure patterns, and decide what an AI incident actually means for the organisation.
-
Give someone accountability for the operating model
Runtime trust does not improve on its own. It needs an owner, a cadence and a mechanism for learning from every incident and every customer review.
-
Participate in the wider conversation
Critical Cloud is running The State of Trust in AI Operations research to understand how leaders approach reliability, security, observability, human control, accountability and maturity as AI moves into production. The point is to give the market better language and evidence for a problem that is already emerging.
The teams that win will prove production is safe to trust
The next era of software competition will not only be about who ships fastest. Speed is becoming easier to access; AI tools, cloud platforms and developer automation are lowering the cost of creation. That creates opportunity, but it also levels part of the playing field.
The more durable advantage will belong to teams that can ship fast and stay in control. They will know what is running. They will know who owns it. They will know when it is unhealthy. They will understand their telemetry costs. They will have evidence before anyone asks. They will use AI to investigate and accelerate operations, but they will keep humans accountable for production outcomes.
That is the shift. Trust is no longer only a brand promise, a security questionnaire or a compliance policy. Trust is now a runtime problem. And the companies that solve it first will have an advantage every time a customer, auditor, board or regulator asks the question that matters most.
Can we trust this system in production?