Engineering Secure and Responsible Enterprise-Grade Agentic AI Systems: A practical blueprint for designing, governing, and securing enterprise-grade AI agents

About the Book

Ship agentic AI systems that are secure, governed, and production-ready. Learn how to design bounded autonomy, harden tool use and memory, operationalize AI risk and security, and build the trust evidence enterprises demand, from prototype to deployment. Key Features Engineer bounded-autonomy agents with secure tools, memory, and control planes Unify Responsible AI, AI SecOps, and AI RiskOps in one enterprise playbook Use capstone labs, templates, and audit-ready artifacts to ship safer AI Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionPrompt injection, tool misuse, memory poisoning, data exfiltration, and uncontrolled autonomy are not theoretical risks. They're active concerns for any team moving agents from prototype to production. This hands-on guide shows how to build, harden, and operate agentic AI in enterprise environments. Adnan Masood and Heather Dawe bring together agent engineering, security, and governance in one practical playbook. You’ll classify agent use cases by risk, autonomy, and reversibility, design reliable agent loops with structured I/O and tool calling, ground actions with RAG and provenance controls, secure tools with least-privilege access and approval gates, and manage memory with redaction, rollback, and drift detection. The book also covers threat modeling, policy-as-code guardrails, red teaming, observability, incident response, and alignment with emerging standards and regulation. A running capstone project — CASA((Customer-facing Agentic Service Assistant) — and the TrustStack AI GRC toolkit make each pattern practical and reusable across enterprise scenarios. By the end, you'll have the architecture patterns, security controls, operational playbooks, and governance artifacts to deploy enterprise-grade AI agents with stronger trust, lower risk, and production-ready confidence.What you will learn Classify agent use cases by risk, autonomy, and reversibility Build robust agent loops with structured I/O and tool calling Ground agents with RAG, provenance tracking, and retrieval guardrails Secure tool use with least privilege, sandboxing, and human approval gates Deploy agents across Azure AI Foundry, AWS Bedrock, and Google Vertex AI Threat-model and defend against injection, hijacking, exfiltration, and poisoning Produce audit-ready governance artifacts mapped to the EU AI Act, NIST AI RMF, ISO 42001, and SSPA/SCITT supply-chain standards Who this book is forThis book is for enterprise AI and LLM engineers, software developers building assistants and agents, solution and enterprise architects, platform and LLMOps/MLOps engineers, security and AppSec teams, product managers, and governance, risk, compliance, legal, privacy, model risk, and audit professionals responsible for deploying generative AI safely in production. Readers should be comfortable with Python, APIs, and basic ML concepts, and have some familiarity with LLM application patterns such as prompting, RAG, and tool calling.

Table of Contents:
Table of Contents

1. The Agentic Shift in the Enterprise
2. Anatomy of LLM Agents with Python Examples
3. Planning, Decomposition, and Control of Autonomy
4. Grounding with Retrieval (RAG), Data Governance, and Provenance
5. Tools, Sandboxing, and Least Privilege
6. Safe Memory, Privacy, and Learning Without Drift
7. Agentic Threat Modeling & Abuse Cases
8. Defensive Architectures: Guardrails, Policy-as-Code, and Safety Agents
9. Red Teaming, Security Testing, and Frontier Risk Controls
10. Responsible Agent Objectives: Harms, Fairness, and Accountability
11. Explainability, Transparency, and Audit Trails for Agents (From Model Cards to System Cards)
12. AI RiskOps / AI SecOps for Agent Lifecycles
13. Model, Prompt, Tool, and Data Governance at Scale
14. Regulatory & Standards Alignment for Agentic AI
15. Production Deployment: Observability, Cost, and Reliability
16. Content Provenance, Authenticity, and Trust in Agent Outputs
17. Implementation Playbooks, Operating Model (AI STEPS FORWARD 2.0), and the Road Ahead

About the Author :
Adnan Masood, PhD is an artificial intelligence and machine learning researcher, visiting scholar at Stanford AI Lab, software engineer, Microsoft MVP (Most Valuable Professional), and Microsoft's regional director for artificial intelligence. As chief architect of AI and machine learning at UST Global, he collaborates with Stanford AI Lab and MIT CSAIL, and leads a team of data scientists and engineers building artificial intelligence solutions to produce business value and insights that affect a range of businesses, products, and initiatives. Heather Dawe, MSc. is a renowned data and AI thought leader with over 25 years of experience in the field. Heather has innovated with data and AI throughout her career, highlights include developing the first data science team in the UK public sector and leading on the development of early machine learning and AI assurance processes for the National Health Service (NHS) in England. Heather currently works with large global enterprises and public sector organisations, innovating with data and AI to improve services in the health, local government, retail, manufacturing, and finance sectors. A STEM Ambassador and multidisciplinary data science pioneer, Heather also enjoys mountain running, rock climbing, painting, and writing. She served as a jury member for the 2021 Banff Mountain Book Competition and guest edited the 2022 and 2025 editions of The Himalayan Journal. Heather is the author of several books inspired by mountains and has written for national and international print publications including The Guardian and Alpinist. Her next book Think Again: On AI, Mountains and Intuition will be published in October 2026.