Rohit Bhardwaj

System Design AI Mastery: Architecting for Scale, Speed, Reliability - Full Day

A hands-on deep dive into building cloud-native, AI-augmented systems

9:00 AM MDT

Modern system design has entered a new era. It’s no longer enough to optimize for uptime and latency — today’s systems must also be AI-ready, token-efficient, trustworthy, and resilient. Whether building global-scale apps, powering recommendation engines, or integrating GenAI agents, architects need new skills and playbooks to design for scale, speed, and reliability.

This full-day workshop blends classic distributed systems knowledge with AI-native thinking. Through case studies, frameworks, and hands-on design sessions, you’ll learn to design systems that balance performance, cost, resilience, and truthfulness — and walk away with reusable templates you can apply to interviews and real-world architectures.

Target Audience

Enterprise & Cloud Architects → building large-scale, AI-ready systems.

Backend Engineers & Tech Leads → leveling up to system design mastery.

AI/ML & Data Engineers → extending beyond pipelines to full-stack AI systems.

FAANG & Big Tech Interview Candidates → preparing for system design interviews with an AI twist.

Engineering Managers & CTO-track Leaders → guiding teams through AI adoption.

Startup Founders & Builders → scaling AI products without burning money.

Learning Outcomes

By the end of the workshop, participants will be able to:

Apply a 7-step system design framework extended for AI workloads.

Design systems that scale for both requests and tokens.

Architect multi-provider failover and graceful degradation ladders.

Engineer RAG 2.0 pipelines with hybrid search, GraphRAG, and semantic caching.

Implement AI trust & security with guardrails, sandboxing, and red-teaming.

Build observability dashboards for hallucination %, drift, token costs.

Reimagine real-world platforms (Uber, Netflix, Twitter, Instagram) with AI integration.

Practice mock interviews & chaos drills to defend trade-offs under pressure.

Take home reusable templates (AI System Design Canvas, RAG Checklist, Chaos Runbook).

Gain the confidence to lead AI-era system design in interviews, enterprises, or startups.

Workshop Agenda (Full-Day, 8 Hours)
Session 1 – Foundations of Modern System Design (60 min)

The new era: Why classic design is no longer enough.

Architecture KPIs in the AI age: latency, tokens, hallucination %, cost.

Group activity: brainstorm new KPIs.

Session 2 – Frameworks & Mindset (75 min)

The 7-Step System Design Framework (AI-extended).

Scaling humans vs tokens.

Token capacity planning exercise.

Session 3 – Retrieval & Resilience (75 min)

RAG 2.0 patterns: chunking, hybrid retrieval, GraphRAG, semantic cache.

Multi-provider resilience + graceful degradation ladders.

Whiteboard lab: design a resilient RAG pipeline.

Session 4 – Security & Observability (60 min)

Threats: prompt injection, data exfiltration, abuse.

Guardrails, sandboxing, red-teaming.

Observability for LLMs: traces, cost dashboards, drift monitoring.

Activity: STRIDE threat-modeling for an LLM endpoint.

Session 5 – Real-World System Patterns (90 min)

Uber, Netflix, Instagram, Twitter, Search, Fraud detection, Chatbot.

AI-enhanced vs classic system designs.

Breakout lab: redesign a system with AI augmentation.

Session 6 – Interviews & Chaos Drills (75 min)

Mock interview challenges: travel assistant, vector store sharding.

Peer review of trade-offs, diagrams, storytelling.

Chaos drills: provider outage, token overruns, fallback runbooks.

Closing (15 min)

Recap: 3 secrets (Scaling tokens, RAG as index, Resilient degradation).

Templates & takeaways: AI System Design Canvas, RAG Checklist, Chaos Runbook.

Q&A + networking.

Takeaways for Participants

AI System Design Canvas (framework for interviews & real-world reviews).

RAG 2.0 Checklist (end-to-end retrieval playbook).

Chaos Runbook Template (resilience drill starter kit).

AI SLO Dashboard template for observability + FinOps.

Confidence to design and defend AI-ready architectures in both career and enterprise contexts.

AI Inference at Scale: Reliability, Observability, Cost & Sustainability

The ROCS-Loop Framework for RAG, agentic, and LLM inference pipelines.

8:30 AM MDT

AI inference is no longer a simple model call—it is a multi-hop DAG of planners, retrievers, vector searches, large models, tools, and agent loops. With this complexity comes new failure modes: tail-latency blowups, silent retry storms, vector store cold partitions, GPU queue saturation, exponential cost curves, and unmeasured carbon impact.

In this talk, we unveil ROCS-Loop, a practical architecture designed to close the four critical loops of enterprise AI:
•Reliability (Predictable latency, controlled queues, resilient routing)
•Observability (Full DAG tracing, prompt spans, vector metrics, GPU queue depth)
•Cost-Awareness (Token budgets, model tiering, cost attribution, spot/preemptible strategies)
•Sustainability (SCI metrics, carbon-aware routing, efficient hardware, eliminating unnecessary work)

KEY TAKEAWAYS
•Understand the four forces behind AI outages (latency, visibility, cost, carbon).
•Learn the ROCS-Loop framework for enterprise-grade AI reliability.
•Apply 19 practical patterns to reduce P99, prevent retry storms, and control GPU spend.
•Gain a clear view of vector store + agent observability and GPU queue metrics.
•Learn how ROCS-Loop maps to GCP, Azure, Databricks, FinOps & SCI.
•Leave with a 30-day action plan to stabilize your AI workloads.

⸻

AGENDA
1.The Quiet Outage: Why AI inference fails
2.X-Ray of the inference pipeline (RAG, agents, vector, GPUs)
3.Introducing the ROCS-Loop framework
4.19 patterns for Reliability, Observability, FinOps & GreenOps
5.Cross-cloud mapping (GCP, Azure, Databricks)
6.Hands-on: Diagnose an outage with ROCS
7.Your 30-day ROCS stabilization plan
8.Closing: Becoming a ROCS AI Architect

Dynamic Programming Demystified: How AI Helps You See the Pattern

From brute force → recurrence → memoization → tabulation with AI as accelerator

10:30 AM MDT

Dynamic Programming (DP) intimidates even seasoned engineers. With the right lens, it’s just optimal substructure + overlapping subproblems turned into code. In this talk, we start from a brute-force recursive baseline, surface the recurrence, convert it to memoization and tabulation, and connect it to real systems (resource allocation, routing, caching). Along the way you’ll see how to use AI tools (ChatGPT, Copilot) to propose recurrences, generate edge cases, and draft tests—while you retain ownership of correctness and complexity. Expect pragmatic patterns you can reuse in interviews and production.

Why Now

• DP = #1 fear topic in interviews.
• Used in systems: caching, routing, scheduling.
• 55% faster with Copilot, but needs guardrails.
• AI adoption is surging — structure required.

Key Framework

• Find optimal substructure.
• Spot overlapping subproblems.
• Start brute force → derive recurrence.
• Memoization → tabulation.
• Compare vs. greedy & divide-and-conquer.
• Use AI for tests & recurrences, not correctness.

Core Content

• Coin Change: brute force → DP; greedy fails in non-canonical coins.
• 0/1 Knapsack: DP works, greedy fails; fractional knapsack = greedy.
• LIS: O(n²) DP vs. O(n log n) patience method.
• Graphs: shortest path as DP on DAGs.
• AI Demos: recurrence suggestion, edge-case generation.

Learning Outcomes

• Know when a problem is DP-worthy.
• Build recurrence → memoization → tabulation.
• Decide Greedy vs DP confidently.
• Apply AI prompts safely (tests, refactors).
• Map DP to real-world systems.

Your API Is Not Ready for AI (Yet): A Lifecycle Readiness Guide

How to audit, prioritize, and modernize APIs so LLMs agents can use them safely

1:00 PM MDT

PIs built for humans often fail when consumed by AI agents.
They rely on documentation instead of contracts, return unpredictable structures, and break silently when upgraded. Large Language Models (LLMs) and autonomous agents need something different: machine-discoverable, deterministic, idempotent, and lifecycle-managed APIs.
This session introduces a five-phase API readiness framework—from discovery to deprecation—so you can systematically evolve your APIs for safe, predictable AI consumption.
You’ll learn how to assess current APIs, prioritize the ones that matter, and apply modern readiness practices: function/tool calling, schema validation, idempotency, version sunset headers, and agent-aware monitoring.

Problems Solved

• LLMs fail due to polymorphic or unpredictable API responses
• Agents retry or loop because APIs aren’t idempotent
• Ambiguous error messages block autonomous remediation
• Silent breaking changes halt long-lived agent integrations
• Lack of lifecycle management creates risk and rework

What “AI-Readiness” Means

• Machine-Discoverable: APIs described in OpenAPI 3.1 + JSON Schema; self-describing operations and data types.
• Deterministic: Same input → same output shape; no hidden conditional payloads.
• Idempotent: Safe retries using Idempotency-Key or request signature patterns.
• Guardrailed: Strict schema validation, quota enforcement, and prompt-injection defense.
• Lifecycle Managed: Semantic versioning, Deprecation/Sunset headers, contract testing, and migration guides.

Common Failure Modes Today

• Polymorphic responses that confuse function-calling agents.
• Ambiguous errors without remediation guidance.
• Non-idempotent endpoints causing duplicate orders or charges.
• Hidden side effects undocumented or triggered by retries.
• Breaking changes without warning → agents silently fail.

Agenda
Introduction: The Shift from Human → Machine Consumption
Why LLMs and agents fundamentally change API design expectations.
Examples of human-centric patterns that break agent workflows.
Pattern 1: Assessment & Readiness Scorecard
How to audit existing APIs for AI-readiness.
Scoring dimensions: discoverability, determinism, idempotency, guardrails, lifecycle maturity.
Sample scorecard matrix and benchmark scoring.
Pattern 2: Prioritization Strategy
How to choose where to start:

• High traffic + high risk first (payments, claims, healthcare, orders)
• Partner/customer-facing before internal
• Regulated domains (HIPAA, PCI, SOX) before unregulated
• Consolidate schema, security, and idempotency changes together
  Pattern 3: Five-Phase Readiness Roadmap
• Discovery: Audit specs, tag agent traffic, document gaps.
• Redesign: Harden schemas, fix errors, add idempotency keys and prompt-injection defenses.
• Versioning: Adopt SemVer, support multiple versions, and emit Deprecation/Sunset headers.
• Monitoring: Track agent vs human usage, retries, anomalies, cost attribution.
• Deprecation: Communicate timelines, throttle old versions, enable fallback modes.
  Pattern 4: Security & Guardrails
Inject prompt-defense filters at the edge.
Schema validation and rate-limiting.
Automated regression testing against contract schemas to ensure safety.
  Pattern 5: Case Studies
• Stripe Idempotency: Eliminating duplicate charges with the Idempotency-Key pattern.
• Deprecation Done Right: APIs that use Sunset headers for graceful agent migration.
• Agent Tool Example: Mapping operationId=ReserveInventory directly to an LLM tool schema.
  Wrap-Up & Discussion
Recap of framework and quick wins.
Using the Readiness Scorecard and KPI checklist to measure progress from human-centric APIs → agent-ready APIs.
Discussion on embedding readiness audits in CI/CD governance.

Key Framework References

• OpenAPI 3.1 + JSON Schema: Machine-readable API contracts
• FinOps + AI Cost Governance: Tagging and metering agent usage
• OWASP LLM Top 10: Prompt-injection and misuse defenses
• API Lifecycle Standards: RFC 8594 (Deprecation), RFC 9457 (Sunset Header)
• ISO/IEC 38507: Governance implications for AI-integrated systems

Takeaways

• API Readiness Scorecard to evaluate current maturity
• 5-phase modernization roadmap: Discovery → Redesign → Versioning → Monitoring → Deprecation
• Checklist + KPIs to align API modernization with AI readiness
• Case patterns demonstrating resilient, agent-safe API evolution

Scaling APIs for Millions of AI-Driven Calls

Resilience, cost control, and observability for bursty, autonomous traffic

3:00 PM MDT

AI agents don’t behave like humans. A single prompt can trigger thousands of parallel API calls, retries, and tool chains—creating bursty load, cache-miss storms, and runaway costs. This talk unpacks how to design and operate APIs that stay fast, reliable, and affordable under AI workloads. We’ll cover agent-aware rate limiting, backpressure & load shedding, deterministic-result caching, idempotency & deduplication, async/event-driven patterns, and autoscaling without bill shock. You’ll learn how to tag and trace agent traffic, set SLOs that survive tail latency, and build graceful-degradation playbooks that keep experiences usable when the graph goes wild.

Why scaling is different with AI

• Bursty, spiky traffic from tool-chaining and agent loops
• High fan-out per request → N downstream calls per prompt
• Non-stationary patterns (time-of-day + product launches + model changes)
• Cost correlates with requests × context × retries, not just QPS

Failure modes to expect (and design for)

• Cache-miss storms after deploy/flush; thundering herds on hot keys
• Retry amplification (agents + gateways + SDKs all retry)
• Unbounded concurrency → DB saturation, queue buildup, 99.9th pct tail spikes
• “Version drift” between agents and APIs → malformed or expensive calls

Traffic control & fairness

• Multi-dimensional rate limits: per-tenant, per-agent, per-tool, per-chain
• Budget-aware throttling: cap by token/$ budget, not just requests
• Adaptive backpressure: shed or downgrade when saturation signals trip
• Fair queuing: prevent “noisy” agents from starving others

Resilience patterns

• Idempotency keys + deduplication for writes & retries
• Circuit breakers & bulkheads around fragile dependencies
• Timeouts with jitter + bounded retries (server hints for clients)
• Graceful degradation: return partials, cached/stale, queued-async receipts

Caching that actually works for AI

• Deterministic-result caching (prompt+params hash)
• Shard & tier caches (memory → Redis → CDN/edge) + TTL tuned to freshness
• Negative caching to suppress repeated failures
• Stale-while-revalidate to tame cache-miss storms

Async & event-driven designs

• Queue first for heavy/long-running tasks (workflows > request/response)
• Outbox/Saga patterns for consistency across services
• Streaming APIs for incremental results; webhooks/callbacks for completion
• Backlogs with priorities (gold/silver/bronze) and dead-letter policies

Autoscaling without bill shock

• Pick the right compute: provisioned concurrency for cold-start-sensitive paths; on-demand for bursty tools
• KEDA/HPA on meaningful signals (RPS, lag, token usage, queue depth)
• Guardrails: max concurrency per tenant, per region; budget limits with kill-switches
• Multi-region strategy: active-active for reads; controlled writes with leader/follower or per-tenant pinning

Observability & cost governance

• Tag human vs agent traffic; propagate chain-ID / tool-ID across spans
• Golden signals + tail-latency SLOs (p95/p99), not just averages
• Attribution: per-tenant/per-agent cost & cache hit rate; anomaly alerts on $/request
• Workload forensics: detect loops, entropy spikes, unusual tool mixes

Testing & readiness

• Property-based & fuzz tests for tool payloads
• Replay traffic with elevated fan-out to validate limits & caches
• Chaos & load testing at dependency edges (DB, vector store, model API)
• Stepped rollouts with automatic rollback on SLO breach

Runbooks & playbooks

• Cache-miss storm → warmers + SWR + temporary TTL bump
• Retry storm → clamp retries, raise backoff, enable dedupe window
• Cost spike → lower budgets, switch to cheaper tier/model, enable result reuse
• Dependency brownout → feature flags to serve partials or stubbed results

Deliverables for attendees

• Idempotency & retry checklist
• Rate-limit/budget policy template (per-tenant/per-chain)
• Cache-key & SWR guide for deterministic responses
• Incident playbooks (cache storm, retry storm, dependency brownout)

Learning Objectives (Takeaways)

1. Design for bursty AI traffic with budget-aware rate limits, fair queuing, and adaptive backpressure.
2. Harden reliability using idempotency, deduplication, circuit breakers, timeouts, and bulkheads.
3. Cut latency & cost via deterministic-result caching, SWR, and shard/tiered cache strategies.
4. Operate with confidence by tagging agent traffic, tracing chain-IDs, and enforcing tail-latency SLOs.
5. Adopt async/event-driven patterns (queues, workflows, streaming) to keep UX snappy under heavy AI load.
6. Ship safe with realistic load/chaos tests, stepped rollouts, and incident playbooks ready to go.

Graph Thinking with AI: Algorithms that Power Real Systems

From Interviews to Production — BFS, DFS, Topo Sort, and Shortest Paths Made Practical

5:00 PM MDT

Graphs aren’t just academic—they power the backbone of real systems: workflows (Airflow DAGs), build pipelines (Bazel), data processing (Spark DAGs), and microservice dependencies (Jaeger).
This session demystifies classic graph algorithms—BFS, DFS, topological sort, shortest paths, and cycle detection—and shows how to connect them to real-world systems.
You’ll also see how AI tools like ChatGPT and graph libraries (Graphviz, NetworkX, D3) can accelerate your workflow: generating adjacency lists, visualizing dependencies, and producing test cases in seconds.
You’ll leave with reusable patterns for interviews, architecture reviews, and production systems.

You’ll leave with reusable patterns for interviews, architecture reviews, and production systems.

Why Now

• Graphs underpin the modern stack: Airflow DAGs, Spark, Kubernetes, Jaeger, and CI/CD pipelines.
• AI tools can rapidly generate, visualize, and validate graph structures—bridging algorithmic theory and practical engineering.
• Graph literacy now distinguishes great developers from average system designers.

Problems Solved

• Translating algorithmic concepts into production patterns
• Lack of intuition about DAGs, dependency graphs, or routing systems
• Difficulty visualizing large graph structures quickly
• Limited practice applying BFS/DFS/topo sort outside interview prep

Learning Outcomes

• Apply BFS/DFS, topological sort, and shortest path algorithms in production systems
• Translate graph theory into schedulers, dependency analyzers, and routing services
• Use AI (ChatGPT/Copilot) for quick generation of adjacency lists, test data, and graph visualization
• Map graphs to system design conversations: latency, scaling, dependencies
• Build your own reusable Graph Thinking toolkit for architecture and interviews

Agenda
Opening: From Whiteboard to Production
Why every large-scale system is a graph in disguise.
How workflows, microservices, and dependency managers rely on graph structures.
Pattern 1: Graphs in the Real World
Examples:

• Workflows: Airflow, Dagster
• Builds: Bazel
• Data pipelines: Spark
• Services: Jaeger tracing DAGs
Show how each maps to graph nodes, edges, and cycles.

Pattern 2: Core Algorithms Refresher

• BFS/DFS: Reachability, search, and crawl use cases
• Dijkstra / A*: Routing, latency, and cost optimization
• Topological Sort: Scheduling builds, DAG execution order
• Cycle Detection: Fail-fast prevention in workflows and dependency graphs

Pattern 3: AI-Assisted Graph Engineering
How to use AI tools to accelerate graph work:

• Generate adjacency lists from plain-text prompts
• Auto-create test cases for reachability and cycle detection
• Use Graphviz / NetworkX / D3 to visualize graphs instantly
• Validate algorithm correctness interactively

Pattern 4: Graph Patterns in Architecture
Mapping algorithms to system design:

• BFS → discovery & dependency mapping
• DFS → deep audits & lineage analysis
• Dijkstra → route optimization & latency modeling
• Topo sort → job orchestration & CI/CD scheduling
How architects can embed graph thinking into design reviews.

Pattern 5: AI Demo
Prompt → adjacency list → Graphviz/NetworkX render → algorithmic validation.
Demonstrate quick prototyping workflow with AI assistance.

Wrap-Up: From Algorithms to Architectural Intuition
How graph literacy improves system reliability and scalability.
Checklist and reusable templates for ongoing graph-based reasoning.

Key Framework References

• NetworkX / Graphviz / D3.js: Visualization and validation libraries
• Apache Airflow / Spark / Bazel / Jaeger: Real-world DAG examples
• AI Tools (ChatGPT, Copilot): Adjacency generation, testing, and explanation
• Big-O Foundations: BFS/DFS/Dijkstra complexity reminders for performance analysis

Takeaways

• Graph Thinking Checklist: Nodes, edges, cycles, and DAG validation
• AI Prompt Pack: Templates for adjacency generation, test creation, and visualization
• Algorithm Snippet Starter Kit: BFS, DFS, Dijkstra, Topo Sort in Python/JS
• Architecture Mapping Guide: Graph patterns → system use cases
• Mindset: Move from memorizing algorithms → to engineering with them

Enterprise Architecture 4.0: The AI-Driven Future Preview

ARCHAI Blueprint for architecting and designing the Intelligent Enterprise with Generative AI, Agents, and Next-Gen Technologies

1:30 PM MDT

AI, agentic workflows, digital twins, edge intelligence, spatial computing, and blockchain trust are converging to reshape how enterprises operate.
This session introduces Enterprise Architecture 4.0—a practical, future-ready approach where architectures become intelligent, adaptive, and continuously learning.

You’ll explore the EA 4.0 Tech Radar, understand the six major waves of disruption, and learn the ARCHAI Blueprint—a structured framework for designing AI-native, agent-ready, and trust-centered systems.
Leave with a clear set of patterns and a 12-month roadmap for preparing your enterprise for the next era of intelligent operations.

⸻
KEY TAKEAWAYS
•Understand the EA 4.0 shift toward intelligent, agent-driven architecture
•Learn the top technology trends: AI, agents, edge, twins, spatial, blockchain, and machine customers
•See how the ARCHAI Blueprint structures AI-first design and governance
•Get practical patterns for agent safety, digital twins, trust, and ecosystem readiness
•Leave with a concise 12-month roadmap for implementing EA 4.0

⸻
AGENDA

– The Speed of Change
Why traditional enterprise architecture cannot support AI-native, agent-driven systems.

– The EA 4.0 Tech Radar
A 3–5 year outlook across:
•Agentic AI
•Edge intelligence
•Digital twins
•Spatial computing
•Trusted automation (blockchain)
•Machine customers

– The Six Waves of Transformation
Short deep dives into each wave with real enterprise use cases.

– The ARCHAI Blueprint
A clear architectural framework for AI-first enterprises:
•Attention & Intent Modeling
•Retrieval & Knowledge Fabric
•Capability & Context Models
•Human + Agent Co-working Patterns
•Action Guardrails & Safety
•Integration & Intelligence Architecture

This gives architects a single, unified design methodology across all emerging technologies.

– The Architect’s Playbook
Practical patterns for:
•Intelligence fabrics
•Agent-safe APIs
•Digital twin integration
•Trust & decentralized identity
•Ecosystem-ready design

– Operationalizing EA 4.0
How architecture teams evolve:
•New EA roles
•Continuous planning
•Agent governance
•EA dashboards
•The 12-month adoption roadmap

Architecting Microservices for Agentic AI Integration

Designing Safe, Reliable, and Scalable Systems for Autonomous LLM Agents

3:15 PM MDT

Autonomous LLM agents don’t just call APIs — they plan, retry, chain, and orchestrate across multiple services.
That fundamentally changes how we architect microservices, define boundaries, and operate distributed systems.
This session delivers a practical architecture playbook for Agentic AI integration — showing how to evolve from simple request/response designs to resilient, event-driven systems.
You’ll learn how to handle retry storms, contain failures with circuit breakers and bulkheads, implement sagas and outbox patterns for correctness, and version APIs safely for long-lived agents.
You’ll leave with reference patterns, guardrails, and operational KPIs to integrate agents confidently—without breaking production systems.

Problems Solved

• Microservices collapse under agent retries or fan-out behavior
• Lack of event logs or compensations breaks agent re-planning
• Failures cascade due to missing bulkheads or circuit breakers
• Non-deterministic APIs cause unpredictable agent actions
• Ops teams can’t separate or monitor agent vs human traffic

Why Now

• Agentic frameworks (Agentforce, LangGraph, CrewAI) are entering production.
• Traditional microservices assume human or synchronous clients — not autonomous retriers.
• Reliability, determinism, and observability must now be built into API contracts.
• Agent traffic adds new stress patterns and compliance visibility requirements.

What Is Agentic AI in Microservices

• Agents plan, retry, and chain service calls — requiring deterministic, idempotent APIs.
• Services must be tool-callable (stable operationId, strict input/output schemas).
• Systems must survive retry storms, fan-out, and long-lived sessions.

Agenda
Opening: The Shift to Agent-Driven Systems
How autonomous agents change microservice assumptions.
Why request/response architectures fail when faced with planning, chaining, and self-healing agents.

Pattern 1: Event-Driven Flows
Use events, queues, and replay-safe designs to decouple agents from synchronous APIs.
Patterns: pub/sub, event sourcing, and replay-idempotency.

Pattern 2: Saga and Outbox Patterns
Manage long workflows with compensations.
Ensure atomicity and reliability between DB and event bus.
Outbox → reliable publish; Saga → rollback on failure.

Pattern 3: Circuit Breakers and Bulkheads
Contain agent-triggered failure storms.
Apply timeout, retry, and fallback policies per domain.
Prevent blast-radius amplification across services.

Pattern 4: Service Boundary Design
Shape services around tasks and domains — not low-level entities.
Example: ReserveInventory, ScheduleAppointment, SubmitClaim.
Responses must return reason codes + next actions for agent clarity.
Avoid polymorphic or shape-shifting payloads.

Pattern 5: Integrating Agent Frameworks
Connect LLM frameworks (Agentforce, LangGraph) safely to services.
Use operationId as the agent tool name; enforce strict schemas.
Supervisor/planner checks between steps.
Asynchronous jobs: job IDs, progress endpoints, webhooks.

Pattern 6: Infrastructure and Operations

• Observability: Tag agent runs (x-agent-run-id), trace retries, success/failure.
• Versioning: Use SemVer, deprecation headers, and multi-version gateways.
• Resilience: Autoscale on retry rate, degrade gracefully, and run failover drills.

Wrap-Up: KPIs and Guardrails for Production
Key metrics: retry rate, success ratio, agent throughput, event replay lag.
Lifecycle governance: monitoring, versioning, deprecation, and sunset plans.

Key Framework References

• Salesforce Agentforce – agentic orchestration and guardrail templates
• LangGraph / CrewAI – multi-agent planning and coordination patterns
• Cloud Native Patterns: Saga, Outbox, Circuit Breaker, Bulkhead, Event-Driven Architecture
• OpenTelemetry + Prometheus: Observability for agent vs human traffic
• OWASP LLM Top-10: Guardrails for safe function calling and data handling

Takeaways

• Blueprint for agent-friendly microservices architecture
• Patterns for event-driven, saga, and outbox consistency
• Guardrails: circuit breakers, bulkheads, least privilege APIs
• Framework integration checklist (Agentforce, LangGraph, etc.)
• Ops playbook for observability, versioning, and resilience
• KPIs to measure readiness: retry rate, grounding accuracy, and agent success ratio

Securing LLMs: DevSecOps in the Age of AI

Proactive Defense Strategies for AI-Native Apps

5:00 PM MDT

As enterprises rush to embed large language models (LLMs) into apps and platforms, a new AI-specific attack surface has emerged. Prompt injections, model hijacking, vector database poisoning, and jailbreak exploits aren’t covered by traditional DevSecOps playbooks.

This full-day, hands-on workshop gives architects, platform engineers, and security leaders the blueprint to secure AI-powered applications end-to-end. You’ll master the OWASP LLM Top 10, integrate AI-specific controls into CI/CD pipelines, and run live red-team vs blue-team exercises to build real defensive muscle.

Bottom line: if your job involves deploying, securing, or governing AI systems, this workshop shows you how to do it safely—before attackers do it for you.

What You’ll Learn

• Where LLM vulnerabilities arise—and how attackers exploit them
• How to apply the OWASP LLM Top 10 to enterprise pipelines
• Building AI-specific guardrails: input sanitization, output filters, role controls
• Embedding AI-aware scans and tests into GitHub/GitLab CI/CD workflows
• Securing RAG systems, vector databases, and multi-agent environments
• Red-team tactics (prompt injection, vector poisoning) and defensive countermeasures
• Metrics and frameworks to prove AI security posture to executives and regulators

Who Should Attend

• Software Architects designing AI-powered systems
• Platform Engineers & DevSecOps Leads embedding LLMs into pipelines
• Security Engineers assessing AI attack surfaces
• CTOs, CISOs & Product Owners accountable for safety, trust, and compliance

Takeaways

• OWASP LLM Top 10 → Mitigation Playbooks
• Templates with AI-aware guardrails
• Risk scoring model for AI attack surfaces
• Red-/Blue-team lab scripts to rerun in your org
• Executive briefing deck to align security with compliance & business impact

Agenda

Module 1 – The New AI Attack Surface

• Anatomy of an LLM-powered app (prompts, RAG, embeddings, agents)
• Why traditional DevSecOps misses AI-native risks
• Mapping AI threats to enterprise trust boundaries

Module 2 – OWASP LLM Top 10 Deep Dive

• Prompt injection & jailbreak exploits
• Training data leakage & poisoning
• Excessive agency in autonomous agents
• Vector database & plugin/toolchain exploits
• Model theft, shadow prompting, and output handling flaws

Module 3 – DevSecOps Patterns for LLMs

• Designing input/output filters and schema validation
• Prompt fuzzing, red teaming, and adversarial testing
• Embedding AI guardrails into GitHub/GitLab CI/CD workflows
• AI firewalls, inference governance, and runtime monitoring

Module 4 – Real-World Threat Simulations

• Live prompt injection on an AI agent
• Poisoning a vector database to manipulate RAG retrieval
• Detection strategies for abnormal prompts and outputs
• Hands-on ethical hacking tools for LLMs

Module 5 – Business Impact & Mitigation Framework

• Risk scoring and prioritization for AI systems
• Aligning AI security with KPIs: trust, uptime, compliance, brand protection
• NIST AI RMF, ISO/IEC 42001, and EU AI Act readiness
• Delivering an executive-ready AI security scorecard

Agentic, Assistive & Predictive AI Design Patterns

Designing Enterprise-Grade Agents with Integrations & Governance

8:30 AM MDT

Building AI isn’t just about prompting or plugging into an API — it’s about architecture. This workshop translates Salesforce’s Enterprise Agentic Architecture blueprint into practical design patterns for real-world builders.

You’ll explore how Predictive, Assistive, and Agentic patterns map to Salesforce’s Agentforce maturity model, combining orchestration, context, and trust into cohesive systems. Through hands-on modules, participants design a Smart Checkout Helper using Agentforce, Data Cloud, MCP, and RAG—complete with observability, governance, and ROI mapping.

Key Takeaways

• Agentic Architecture Foundations: Understand multi-agent design principles — decomposition, decoupling, modularity, and resilience.

• Pattern Literacy- Apply patterns: Orchestrator, Domain SME, Interrogator, Prioritizer, Data Steward, and Listener.

• Predictive–Assistive–Agentic Continuum: Align AI maturity with business intent — from prediction and guidance to autonomous execution.

• RAG Grounding & Context Fabric: Integrate trusted enterprise data via Data Cloud and MCP for fact-based reasoning.

• Multi-Agent Orchestration: Implement Orchestrator + Worker topologies using A2A protocol, Pub/Sub, Blackboard, and Capability Router.

Governance & Trust: Embed privacy, bias mitigation, observability, and audit trails — design for CIO confidence.

Business Alignment: Use the Jobs-to-Be-Done and Agentic Map templates to connect AI outcomes with ROI.

Agenda
Module 1 – Enterprise Agentic Foundations

• • Why multi-agent architecture > monolithic AI.
• • Core principles: decomposition, decoupling, specialization, modularity.
• • Explore: Agentforce subsystems, Atlas Reasoning Engine, MCP, and A2A protocol.
• • Build: “Hello Agentforce” → Orchestrator + Worker Agent handshake.

Module 2 – The Big 3 Patterns: Predictive, Assistive, Agentic

• • Understand foresight → guidance → autonomy.
• • Map Salesforce maturity levels (1–4) to each pattern.
• • Build: Cart abandonment handled via Predictive, Assistive, and Agentic variants.

Module 3 – Predictive AI → Foresight in Systems

• • Forecast churn, fraud, demand with Data Cloud + Einstein GPT.
• • Pattern Fusion: Prioritizer + Generator + Predictive flow.
• • Build: Predictive scoring embedded in checkout journey.

Module 4 – Assistive AI → Guiding Humans

• • UX patterns: nudges, cards, contextual insights.
• • Listener/Feed Pattern for real-time context surfacing.
• • Build: Service Agent + Promotion Recommender (Next Best Action).

Module 5 – Agentic AI → Autonomy in Action

• • Orchestrator Pattern as Agentic Front Door.
• • Domain SME Pattern for Inventory or Orders.
• • Interrogator for context assembly and reasoning.
• • Build: Refund Agent with human-in-loop fallback and A2A coordination.

Module 6 – Agentic Map & Jobs-to-Be-Done Framework

• • Learn the Agentic Map Template (User, Agent, Context, Source layers).
• • Use JTBD to align patterns with business goals.
• • Exercise: Map Acquire → Convert → Fulfill → Support journeys to AI patterns.

Module 7 – RAG & Context Fabric

• • Why hallucinations occur and how RAG fixes them.
• • Combine vector DB + retriever + Agentforce knowledge actions.
• • Build: Checkout FAQ bot (returns, policies, catalog) with citations.

Module 8 – Multi-Agent Orchestration with MCP

• • Orchestrator/Supervisor → Worker → Capability Router flow.
• • Pub/Sub for events, Blackboard for shared memory.
• • Build: Checkout Agent → Inventory Agent → Pricing Agent → Orchestrator.

Module 9 – Governance & Guardrails

• • Identity & Access, Privacy, Bias Checks, Observability.
• • Patterns: Data Steward + Zen Data Gardener for trusted data ops.
• • Build: Add governance and logging to prototype via MCP telemetry.

Module 10 – From Prototype to Production

• • End-to-end demo of Smart Checkout Helper.
• • Agentic Pattern Matrix + Governance Checklist + ROI Storytelling.
• • Next steps for scaling Agentforce in your enterprise.

What You’ll Leave With

• • Working Smart Checkout Helper (Agentforce + MCP + RAG).
• • Decision Framework: Predictive vs Assistive vs Agentic.
• • Governance Checklist for trust & auditability.
• • Multi-Agent Playbook (Orchestrator, Supervisor, Capability Router).
• • Agentic Map Toolkit linking JTBD → AI → ROI.

Agentic, Assistive & Predictive AI Design Patterns

Designing Enterprise-Grade Agents with Integrations & Governance

10:30 AM MDT

Building AI isn’t just about prompting or plugging into an API — it’s about architecture. This workshop translates Salesforce’s Enterprise Agentic Architecture blueprint into practical design patterns for real-world builders.

You’ll explore how Predictive, Assistive, and Agentic patterns map to Salesforce’s Agentforce maturity model, combining orchestration, context, and trust into cohesive systems. Through hands-on modules, participants design a Smart Checkout Helper using Agentforce, Data Cloud, MCP, and RAG—complete with observability, governance, and ROI mapping.

Key Takeaways

• Agentic Architecture Foundations: Understand multi-agent design principles — decomposition, decoupling, modularity, and resilience.

• Pattern Literacy- Apply patterns: Orchestrator, Domain SME, Interrogator, Prioritizer, Data Steward, and Listener.

• Predictive–Assistive–Agentic Continuum: Align AI maturity with business intent — from prediction and guidance to autonomous execution.

• RAG Grounding & Context Fabric: Integrate trusted enterprise data via Data Cloud and MCP for fact-based reasoning.

• Multi-Agent Orchestration: Implement Orchestrator + Worker topologies using A2A protocol, Pub/Sub, Blackboard, and Capability Router.

Governance & Trust: Embed privacy, bias mitigation, observability, and audit trails — design for CIO confidence.

Business Alignment: Use the Jobs-to-Be-Done and Agentic Map templates to connect AI outcomes with ROI.

Agenda
Module 1 – Enterprise Agentic Foundations

• • Why multi-agent architecture > monolithic AI.
• • Core principles: decomposition, decoupling, specialization, modularity.
• • Explore: Agentforce subsystems, Atlas Reasoning Engine, MCP, and A2A protocol.
• • Build: “Hello Agentforce” → Orchestrator + Worker Agent handshake.

Module 2 – The Big 3 Patterns: Predictive, Assistive, Agentic

• • Understand foresight → guidance → autonomy.
• • Map Salesforce maturity levels (1–4) to each pattern.
• • Build: Cart abandonment handled via Predictive, Assistive, and Agentic variants.

Module 3 – Predictive AI → Foresight in Systems

• • Forecast churn, fraud, demand with Data Cloud + Einstein GPT.
• • Pattern Fusion: Prioritizer + Generator + Predictive flow.
• • Build: Predictive scoring embedded in checkout journey.

Module 4 – Assistive AI → Guiding Humans

• • UX patterns: nudges, cards, contextual insights.
• • Listener/Feed Pattern for real-time context surfacing.
• • Build: Service Agent + Promotion Recommender (Next Best Action).

Module 5 – Agentic AI → Autonomy in Action

• • Orchestrator Pattern as Agentic Front Door.
• • Domain SME Pattern for Inventory or Orders.
• • Interrogator for context assembly and reasoning.
• • Build: Refund Agent with human-in-loop fallback and A2A coordination.

Module 6 – Agentic Map & Jobs-to-Be-Done Framework

• • Learn the Agentic Map Template (User, Agent, Context, Source layers).
• • Use JTBD to align patterns with business goals.
• • Exercise: Map Acquire → Convert → Fulfill → Support journeys to AI patterns.

Module 7 – RAG & Context Fabric

• • Why hallucinations occur and how RAG fixes them.
• • Combine vector DB + retriever + Agentforce knowledge actions.
• • Build: Checkout FAQ bot (returns, policies, catalog) with citations.

Module 8 – Multi-Agent Orchestration with MCP

• • Orchestrator/Supervisor → Worker → Capability Router flow.
• • Pub/Sub for events, Blackboard for shared memory.
• • Build: Checkout Agent → Inventory Agent → Pricing Agent → Orchestrator.

Module 9 – Governance & Guardrails

• • Identity & Access, Privacy, Bias Checks, Observability.
• • Patterns: Data Steward + Zen Data Gardener for trusted data ops.
• • Build: Add governance and logging to prototype via MCP telemetry.

Module 10 – From Prototype to Production

• • End-to-end demo of Smart Checkout Helper.
• • Agentic Pattern Matrix + Governance Checklist + ROI Storytelling.
• • Next steps for scaling Agentforce in your enterprise.

What You’ll Leave With

• • Working Smart Checkout Helper (Agentforce + MCP + RAG).
• • Decision Framework: Predictive vs Assistive vs Agentic.
• • Governance Checklist for trust & auditability.
• • Multi-Agent Playbook (Orchestrator, Supervisor, Capability Router).
• • Agentic Map Toolkit linking JTBD → AI → ROI.