Recap of First Rays Annual Day 2025

Last month, First Rays Annual Day gathering brought together founders, CTOs, CISOs, and operators across our ecosystem to trade notes on what’s 𝘢𝘤𝘵𝘶𝘢𝘭𝘭𝘺 working with AI in the enterprise and where the sharp edges still are.

To kickstart the panel, Hersh, CEO of Allstacks, showcased how his customers, about 50+ large enterprises, are rolling out AI-tools in their orgs. He highlighted that AI-native engineering platform leaders integrating across the SDLC to measure time, cost, and bottlenecks—and now shipping agents that move from analytics to action. See their recent product announcement of Deep Research agents.

Some of the topics that we covered during the panel.

1) 𝐀𝐈 𝐚𝐝𝐨𝐩𝐭𝐢𝐨𝐧 𝐢𝐬 𝐫𝐞𝐚𝐥—𝐚𝐧𝐝 𝐮𝐧𝐞𝐯𝐞𝐧.

A fresh engineering survey (≈250 𝘭𝘦𝘢𝘥𝘦𝘳𝘴 𝘨𝘭𝘰𝘣𝘢𝘭𝘭𝘺) shows:

~90% 𝐨𝐟 𝐞𝐧𝐠𝐢𝐧𝐞𝐞𝐫𝐬 are already using AI for new code and apps.

~85% 𝐟𝐨𝐫 𝐭𝐞𝐬𝐭𝐢𝐧𝐠/𝐐𝐀 (many teams started here before code-gen).

~70% 𝐟𝐨𝐫 𝐝𝐨𝐜𝐮𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧(surprisingly lower than expected).

2) “𝐃𝐚𝐬𝐡𝐛𝐨𝐚𝐫𝐝𝐬 𝐚𝐫𝐞 𝐝𝐞𝐚𝐝; 𝐬𝐭𝐚𝐫𝐭 𝐰𝐢𝐭𝐡 𝐭𝐡𝐞 𝐚𝐧𝐬𝐰𝐞𝐫.”

Leaders are ditching passive dashboards in favor of answer-first experiences (and increasingly, agents) that:

Surface “what’s happening, why, and what to do next,”

Attach evidence automatically (traces, diffs, PRs, cost deltas), and

Orchestrate remediation (creating tickets, automating rollbacks, proposing fixes).

3) 𝐏𝐫𝐨𝐯𝐢𝐧𝐠 𝐑𝐎𝐈 𝐰𝐢𝐭𝐡𝐨𝐮𝐭 𝐡𝐚𝐧𝐝-𝐰𝐚𝐯𝐢𝐧𝐠.

The practical framing that resonated: feature cost before vs. after AI adoption. If “after” is less by more than the AI tool’s cost, you’re in the green. Teams that can price features (developer time × friction) can defend AI budgets credibly.

4) 𝐕𝐢𝐛𝐞 𝐜𝐨𝐝𝐢𝐧𝐠 → 𝐯𝐢𝐛𝐞 𝐞𝐧𝐠𝐢𝐧𝐞𝐞𝐫𝐢𝐧𝐠.

As coding assistants proliferate, teams are moving beyond “assist me in this file” to workflow-level orchestration (a.k.a. “𝘷𝘪𝘣𝘦 𝘦𝘯𝘨𝘪𝘯𝘦𝘦𝘳𝘪𝘯𝘨”): constructing repeatable multi-step flows that include generation, verification, testing, security checks, and deployment. It’s less about an LLM’s gut feel and more about a disciplined pipeline.

5) 𝐒𝐡𝐢𝐩 𝐬𝐞𝐜𝐮𝐫𝐞 𝐛𝐲 𝐝𝐞𝐟𝐚𝐮𝐥𝐭 (𝐨𝐫 𝐩𝐚𝐲 4𝐱 𝐥𝐚𝐭𝐞𝐫).

Panelists repeatedly emphasized: getting security involved early (requirements, models, prompts, data access, testing) saves ~4 out of 5 dollars versus bolt-on fixes after release. “Shift-left” is not a slogan here; it’s the only way AI features reach production safely.

6) 𝐖𝐡𝐨 “𝐨𝐰𝐧𝐬” 𝐀𝐈 𝐭𝐫𝐮𝐬𝐭?

The consensus: joint ownership across product, platform/engineering, and security. Security teams define guardrails; platform teams implement policy and enforcement; product owns usability and measurable outcomes. Success cases embed security and platform early in the product loop.

—————————————————————————————-

We were fortunate to have some of our founders, Saurabh Shintre Uri Maoz Aaron Painter and Nir Valtman join in our second panel discussion around Trust, Safety & Identity—“High-Trust AI Without the Headaches”

Here is a summary of our discussion-

1) High-trust apps are different.

The panel’s opening salvo: AI remains too risky “as-is” for high-trust workflows without additional controls. The examples ranged from public “funny but costly” bot mishaps to serious misbehavior in lab settings. The message wasn’t alarmist—just clear: production = controls.

2) Catch problems before they emerge.

Safety teams are using pre-deployment techniques—from adversarial prompts and jailbreak libraries to model-internals monitoring—to detect harmful tendencies early (bias, manipulation, self-justifying refusal bypasses). Think of it like pre-release pen-testing for models.

3) Defense-in-depth beats model-of-the-week.

Guardrails stack up across layers:

Input: prompt hygiene, policy filtering, identity checks, rate limits.

Model: safety systems, allow/deny lists, tool-use constraints.

Output: toxicity/PII filters, grounding checks, retrieval whitelists.

Environment: least-privilege keys, egress controls, audit logging.

This layering outlasts model churn and gives teams a stable security posture.

4) Identity is the new perimeter.

As more workflows become chat- or agent-driven, the system must know who is asking and what they’re allowed to do. Strong identity (step-up verification on risky actions, anti-fraud signals, session binding) prevents prompt-driven account takeovers and high-impact abuse.

5) The real-world adoption pattern: it varies.

Across enterprises, usage—and value—differ by team and use case. Some groups see dramatic productivity gains (e.g., code-gen plus automated tests), others stall without proper data access, evaluation, or change management. Governance and enablement determine the slope.