OBSERVABILITY for AI systems is presented as a foundational security and governance requirement for AI systems operating in production, with the authors emphasising that GenAI and agentic AI are now core infrastructure, demanding clearer visibility to detect risk and maintain control.
According to Microsoft, traditional observability tools fall short because AI systems are probabilistic and involve multi-turn interactions, so signals must be AI-native, capturing inputs, provenance, and the impact on model behaviour. The piece explains how logs, metrics, and traces can still apply, but must be expanded to include context such as user prompts, retrieval provenance, and tool usage to enable end-to-end forensic reconstruction and detection of boundary erosion like data exfiltration.
It also introduces two new components—evaluation and governance—and outlines five steps to operationalise AI observability within the secure development lifecycle, from incorporating AI observability into standards to capturing full context and measuring behaviour against baselines.
The article notes that effective observability supports faster incident investigation and proactive risk detection, and it references real-world concerns such as prompt injection and multi-turn escalation, including Crescendo as an example of how risks can arise.