CURRENT | Market Pulse

The Signal

The Infrastructure Layer Land Grab Behind Workday's Acquisition Spree

By Rina Takahashi— November 27, 2025

Feature image for article: The Infrastructure Layer Land Grab Behind Workday's Acquisition Spree

Workday has acquired six AI-related companies since February. Six infrastructure platforms in under a year—HiredScore, Evisort, Sana Labs for $1.1 billion, Flowise, and now Pipedream with its 3,000 pre-built connectors. That's not normal acquisition velocity for enterprise software.

Look at what Workday is actually buying: not reasoning capabilities or elegant interfaces, but authentication layers, integration platforms, connection infrastructure. The unglamorous plumbing that sits between agents and the fragmented reality of enterprise systems. The companies moving fastest aren't building better AI. They're assembling control points for where agents can operate at all.

The Signal

The Infrastructure Layer Land Grab Behind Workday's Acquisition Spree

By Rina Takahashi— November 27, 2025

Workday has acquired six AI-related companies since February. Six infrastructure platforms in under a year—HiredScore, Evisort, Sana Labs for $1.1 billion, Flowise, and now Pipedream with its 3,000 pre-built connectors. That's not normal acquisition velocity for enterprise software.

Look at what Workday is actually buying: not reasoning capabilities or elegant interfaces, but authentication layers, integration platforms, connection infrastructure. The unglamorous plumbing that sits between agents and the fragmented reality of enterprise systems. The companies moving fastest aren't building better AI. They're assembling control points for where agents can operate at all.

Field Notes

Where AI Agent Value Is Actually Concentrating

By Rina Takahashi— November 27, 2025

Feature image for article: Where AI Agent Value Is Actually Concentrating

When Microsoft merged two orchestration frameworks last month, most coverage focused on technical architecture. From our operational position running millions of web agent sessions, we saw a different signal: the problems that seemed defensibly complex six months ago are converging into common patterns.

Managing authentication across thousands of sites simultaneously shows you something about which problems stay hard and which ones don't. The capital flows in November—over $3.5 billion into AI infrastructure—suggest smart money is betting on layers most vendors aren't emphasizing. Where is defensibility actually building in this market?

Field Notes

Where AI Agent Value Is Actually Concentrating

When Microsoft merged two orchestration frameworks last month, most coverage focused on technical architecture. From our operational position running millions of web agent sessions, we saw a different signal: the problems that seemed defensibly complex six months ago are converging into common patterns.

Managing authentication across thousands of sites simultaneously shows you something about which problems stay hard and which ones don't. The capital flows in November—over $3.5 billion into AI infrastructure—suggest smart money is betting on layers most vendors aren't emphasizing. Where is defensibility actually building in this market?

Rina Takahashi

Rina Takahashi, 37, former marketplace operations engineer turned enterprise AI writer. Built and maintained web-facing automations at scale for travel and e-commerce platforms. Now writes about reliable web agents, observability, and production-grade AI infrastructure at TinyFish.

Surface Story, Deeper Pattern

Dual Lens

Why 16,000 MCP Servers Appeared in Less Than a Year

Sixteen thousand servers in less than a year. That growth didn't come from marketing—it came from architectural decisions that removed every barrier between developers and deployment. Anthropic's Model Context Protocol optimized for velocity over control, autonomy over gatekeeping. The design worked. Integration friction disappeared. Developers built what they needed without waiting for vendor roadmaps. Understanding why this happened reveals what changes when protocols prioritize developer experience above everything else.

Dual Lens

The Organizational Work MCP's Architecture Doesn't Include

The architectural choices that enabled MCP's rapid growth assumed something most organizations don't have: the security infrastructure to handle distributed responsibility. Forty-three percent of publicly available servers contain command injection vulnerabilities. The protocol's design left security vetting, credential management, and operational governance for deploying teams to solve. That organizational work—building capabilities most teams lack—turns out to be harder than writing the servers themselves. The velocity came with a bill.

Surface Story, Deeper Pattern

Dual Lens

Why 16,000 MCP Servers Appeared in Less Than a Year

Sixteen thousand servers in less than a year. That growth didn't come from marketing—it came from architectural decisions that removed every barrier between developers and deployment. Anthropic's Model Context Protocol optimized for velocity over control, autonomy over gatekeeping. The design worked. Integration friction disappeared. Developers built what they needed without waiting for vendor roadmaps. Understanding why this happened reveals what changes when protocols prioritize developer experience above everything else.

Dual Lens

The Organizational Work MCP's Architecture Doesn't Include

The architectural choices that enabled MCP's rapid growth assumed something most organizations don't have: the security infrastructure to handle distributed responsibility. Forty-three percent of publicly available servers contain command injection vulnerabilities. The protocol's design left security vetting, credential management, and operational governance for deploying teams to solve. That organizational work—building capabilities most teams lack—turns out to be harder than writing the servers themselves. The velocity came with a bill.

Surface Story, Deeper Pattern

Dual Lens

Why 16,000 MCP Servers Appeared in Less Than a Year

Sixteen thousand servers in less than a year. That growth didn't come from marketing—it came from architectural decisions that removed every barrier between developers and deployment. Anthropic's Model Context Protocol optimized for velocity over control, autonomy over gatekeeping. The design worked. Integration friction disappeared. Developers built what they needed without waiting for vendor roadmaps. Understanding why this happened reveals what changes when protocols prioritize developer experience above everything else.

Dual Lens

The Organizational Work MCP's Architecture Doesn't Include

The architectural choices that enabled MCP's rapid growth assumed something most organizations don't have: the security infrastructure to handle distributed responsibility. Forty-three percent of publicly available servers contain command injection vulnerabilities. The protocol's design left security vetting, credential management, and operational governance for deploying teams to solve. That organizational work—building capabilities most teams lack—turns out to be harder than writing the servers themselves. The velocity came with a bill.

Production Gap Reality Check

Work IQ Promises Context. Delivers Governance Homework.

Microsoft announced Work IQ at Ignite as the intelligence layer that makes Copilot "know you, your job, and your company inside and out." APIs are live now. Some features already power Copilot enhancements. Others arrive in preview early 2026.

Here's what the launch materials gloss over: this only works if proper permissions, data quality, and governance already exist in your Microsoft 365 environment. Work IQ's value fundamentally requires the data hygiene you've been postponing for years.

At scale, you're not deploying AI. You're auditing every SharePoint permission, cleaning metadata, establishing governance protocols that should have existed before cloud migration. Microsoft is selling the engine while assuming you've already built the road. Most enterprises are discovering they haven't.

Production Gap Reality Check

Work IQ Promises Context. Delivers Governance Homework.

Microsoft announced Work IQ at Ignite as the intelligence layer that makes Copilot "know you, your job, and your company inside and out." APIs are live now. Some features already power Copilot enhancements. Others arrive in preview early 2026.

Here's what the launch materials gloss over: this only works if proper permissions, data quality, and governance already exist in your Microsoft 365 environment. Work IQ's value fundamentally requires the data hygiene you've been postponing for years.

At scale, you're not deploying AI. You're auditing every SharePoint permission, cleaning metadata, establishing governance protocols that should have existed before cloud migration. Microsoft is selling the engine while assuming you've already built the road. Most enterprises are discovering they haven't.

The promise:

AI agents understand organizational context through unified data, memory, and inference across your entire Microsoft 365 environment automatically.

Current reality:

APIs work but respect existing permissions and labels, meaning your messy governance produces equally messy AI results today.

Marketing gap:

Launch materials showcase intelligent agents while quietly requiring data architecture audits most enterprises haven't started, let alone completed successfully.

Production requirements:

Teams need Foundry SDK expertise, observability design, staged rollouts with kill switches, plus months of permission cleanup before value.

TinyFish read:

Mature architecture, not vaporware. But Microsoft sells infrastructure assuming you've done the hard governance work. You probably haven't.

Quiet Tech That Compounds

The infrastructure that matters most rarely makes headlines. Parameter counts and benchmark leaderboards get the attention. Production systems depend on something else entirely: observability that catches issues before users do, memory management that prevents OOM crashes at 3 AM, error handling that fails gracefully instead of spectacularly.

This is the quiet work that compounds. Standards that let agents actually interoperate. Distributed serving that scales without heroics. Security monitoring built for threats that didn't exist two years ago. None of it demos well. All of it determines whether your agent runs reliably or becomes someone's weekend firefighting story.

Here's what's maturing in the background.

Quiet Tech That Compounds

The infrastructure that matters most rarely makes headlines. Parameter counts and benchmark leaderboards get the attention. Production systems depend on something else entirely: observability that catches issues before users do, memory management that prevents OOM crashes at 3 AM, error handling that fails gracefully instead of spectacularly.

This is the quiet work that compounds. Standards that let agents actually interoperate. Distributed serving that scales without heroics. Security monitoring built for threats that didn't exist two years ago. None of it demos well. All of it determines whether your agent runs reliably or becomes someone's weekend firefighting story.

Here's what's maturing in the background.

Observability Infrastructure

Langfuse Becomes De Facto Tracing Standard

The most-used open source LLM observability tool now offers 78 features from session tracking to SOC2 compliance. Production systems need comprehensive tracing, evaluations, and metrics before they need another model upgrade. This is how you debug agents that actually run.

Evaluation Standards

Agent Evaluation Evolves Beyond Ad-Hoc Testing

Evaluation is shifting from one-off tests to continuous, standards-driven discipline. Model Context Protocol standardizes tool interactions. Agent2Agent enables cross-platform collaboration. Enterprises deploying mission-critical workflows need workflow reliability and compliance, not just accuracy scores.

Memory Management

PagedAttention Solves the Real Bottleneck

Memory fails before compute does in production. vLLM's PagedAttention and KV cache optimization have become industry standards because they address what actually breaks at scale. This is what lets you serve more requests on the same hardware.

Distributed Serving

llm-d Brings Kubernetes-Native Orchestration

Red Hat, Google Cloud, IBM Research, NVIDIA, and CoreWeave launched llm-d in May 2025. A distributed serving stack built on vLLM. Kubernetes-native orchestration with disaggregated prefill/decode and system-wide KV-cache routing enables deployment patterns previously impossible.

Error Handling

Saga Pattern Prevents Data Corruption

Production agents need transactional integrity across multi-step workflows. Saga orchestration provides compensating actions that automatically roll back failed workflows, preventing data corruption. This is reliability engineering for probabilistic systems. Graceful degradation matters more than you think.

Runtime Security

LangKit Monitors What Traditional Tools Miss

LLM-specific threats like prompt injection and jailbreaks require specialized monitoring. LangKit extracts telemetry from prompts and responses to detect malicious inputs, sensitive data leakage, and policy violations in real time. Traditional security tools weren't built for this attack surface.