The Context Window | Carey Whitten
Carey Whitten
SUBSCRIBE
The Context Window
Know what you're walking into.
SUBSCRIBE
Share
AI Foundations
Patterns & Practice
Models & Vendors
Under the Hood
The Plumbing
Recent Activity
May — Issue #0
Technical Comparison
The Compliance Layer Your Buyer Already Knows
Recap
AI Risk Register: Reference and Template
Section Opener
Four Surfaces, Four Owners
Concept Explainer
LLM02: The Exfiltration Path That Doesn't Need an Attacker
Concept Explainer
The Content Is the Attack Surface: Prompt Injection and the 2025 OWASP LLM Top 10
Concept Explainer
AI Copyright Risk Has Two Surfaces. Vendor Indemnification Covers One.
Concept Explainer
"We Tested It" Is Not a Security Posture
Concept Explainer
The EU AI Act: What Actually Applies When
Concept Explainer
What's Actually Required: US AI Regulation as of May 2026
Concept Explainer
What AI Disclosure Actually Requires — and Where Your Audit Trail Falls Short
Recap
Chapter Recap: Enterprise Deployment
Technical Comparison
The Gateway Layer: Portkey, LiteLLM, Kong, and Cloudflare Compared
Section Opener
Enterprise AI Platforms Don't Get Designed. They Get Accumulated.
Concept Explainer
Who Called the Model? The Identity Layer Your AI Gateway Is Missing
Concept Explainer
If the Model Starts Behaving Differently, How Will You Know?
Concept Explainer
The Prompt Is Gone. Now What Does Your Contract Say?
Concept Explainer
Shadow AI Isn't a Behavior Problem. It's a Provisioning Problem.
Concept Explainer
Your Chargeback Model Has Never Seen a Token
Technical Comparison
What the Number on the Table Actually Means: AI Pricing Structures for Procurement Conversations
Technical Comparison
The Model Isn't the Decision: AWS Bedrock, Azure OpenAI Service, and Vertex AI
Technical Comparison
Three Tiers, One Router
Technical Comparison
Lesson 7: Specialty Providers — Cohere, Databricks, Together AI, Fireworks AI, and Replicate
Technical Comparison
The Frontier Labs: Four Research Bets, Four Architectural Constraints
Recap
A Decision Framework for Picking a Model and a Vendor
Concept Explainer
What "Open" Actually Means in AI Licensing
Concept Explainer
The Weights Don't Call Home
Section Opener
The Four Layers of the AI Market
Technical Comparison
Workflows vs. Agents: The Six Patterns That Actually Matter
Technical Comparison
Lesson 7: Multi-Agent Patterns — Orchestrators, Specialists, and When Not To
Technical Comparison
Fine-Tuning Is Not a Knowledge Upgrade
Technical Comparison
"How Do You Know It's Working?" Has Two Answers
Concept Explainer
The Mechanism Behind Agent Actions: Function Calling and MCP
Recap
RECAP: Choosing Your Pattern
Section Opener
The Spectrum Is a Decision, Not a Destination
Concept Explainer
The Context Is the Configuration
Concept Explainer
The Retrieval Loop
Technical Comparison
Three Model Classes: A Purchasing Framework for Base, Reasoning, and Multimodal AI
Technical Comparison
Training, Fine-Tuning, and Inference: Three Regimes, One Phrase That Conflates All of Them
Recap
AI Foundations: Section Recap
Concept Explainer
The Two Numbers Every AI Conversation Runs On
Section Opener
What a Language Model Actually Does
Concept Explainer
The Reproducibility Problem: Temperature, Top-P, and Seed
Concept Explainer
Confident, Fluent, Wrong
Concept Explainer
Coordinates, Not Keywords
Concept Explainer
Lesson 2: Prompts, System Prompts, and Why Wording Matters
Technical Comparison
Four Regimes, Four Traps: HIPAA, GLBA, FedRAMP, and SOC 2 in AI Accounts
Recap
AI Risk Register: Chapter 5 Consolidation
Concept Explainer
Binding vs. Posture: Reading the US AI Regulatory Map
Concept Explainer
Model Cards Aren't Marketing: What AI Disclosure Obligations Actually Require
Concept Explainer
Red-Teaming, Classifiers, and Why "We Tested It" Isn't Enough
Concept Explainer
EU AI Act: Structure, Timeline, and Who It Reaches
Concept Explainer
How LLMs Exfiltrate Data, and What Zero-Data-Retention Actually Guarantees
Concept Explainer
Prompt Injection and the OWASP LLM Top 10
Concept Explainer
AI Copyright Exposure Is Two Questions, Not One
Section Opener
Generative AI Risk: Four Surfaces, Four Different Controls
The Architecture Problem
Federal AI Pilots Don't Fail at Scale. They Fail at Inception.
The Expertise Gap
The Governance Vacuum: What the Expertise Drain Means Before Your Next Federal Call
The Catalog Requirement
The AI Use Case Inventory Is a Directory. Nobody's Built the Provisioning Layer.
What Actually Shipped
The Pilot Graveyard: A Pattern-Recognition Framework for Federal AI Account Qualification
The Familiar Problem
The Shadow IT Playbook Gets Federal Shadow AI Mostly Right
Two Mandates, One Table
The Negotiating Surface
The Framework Filter
The Procurement Gate Is an Identity Audit
Measured on Production
The Pilot Trap: What CAIOs Actually Need Before They Can Say "Production"
Technical Comparison
Four Regimes, One Conversation: A Field Guide to Sector Compliance in Federal AI Procurement
Recap
Risk & Compliance: Chapter Recap ## Building an AI Risk Register
Concept Explainer
The Disclosure Stack: Model Cards, System Cards, and the Audit Trail Gap SOC 2 Can't Fill
Section Opener
Risk and Compliance: Four Surfaces, Four Disciplines
Concept Explainer
The EU AI Act's Four Waves: What's Already Law and What's Coming August 2
Concept Explainer
The US AI Regulatory Stack: Binding, Voluntary, and Contested
Concept Explainer
When the Instructions Are in the Document
Concept Explainer
"We Tested It" Is Not a Security Posture
Concept Explainer
"Zero Data Retention" Is a Contract, Not an Architecture
Concept Explainer
AI Copyright Exposure Has Two Surfaces. Your Vendor's Indemnification Clause Probably Covers One.
Technical Comparison
One Key, Fourteen Teams, Zero Audit Trail
Recap
A Reference Architecture for Enterprise AI
Concept Explainer
When the Cost Object Is the Content
Concept Explainer
When the Approved Tool Isn't the Used Tool
Concept Explainer
The Gateway Knows Your App. Does It Know Your User?
Concept Explainer
Zero Data Retention Sounds Like a Technical Control. It Isn't.
Section Opener
The Stack You Build After Something Goes Wrong
Concept Explainer
Most Production AI Incidents Aren't Model Errors
Technical Comparison
The Frontier Labs
Technical Comparison
Five Providers, Four Constraints
Technical Comparison
Where the Model Actually Lives: Bedrock, Azure OpenAI, and Vertex AI
Technical Comparison
AI Inference Pricing: Four Structures, One Framework
Recap
Models & Vendors: Recap
Technical Comparison
Model Capability Tiers: Frontier, Efficient, and Small
Section Opener
The Four-Layer Stack
Concept Explainer
What "Open" Actually Means in AI Licensing
Concept Explainer
The Model Isn't the Service
Technical Comparison
Workflows vs. Agents: Six Patterns, One Distinction That Changes Every Question You Ask
Technical Comparison
What "Train Our Own Model" Actually Means
Technical Comparison
Evals and Observability: How You Know It's Working
Technical Comparison
The Coordination Tax: What Multi-Agent Architecture Actually Costs
Recap
Choosing Your Pattern: A Decision Framework
Concept Explainer
The Index Doesn't Know It's Wrong
Section Opener
From One Prompt to a System
Concept Explainer
The Model Never Touches the API
Concept Explainer
Context Engineering: What the Model Sees Before You Type
From Strategy to Scorecard
The CAIO Grew Up. Your Pitch Didn't.
Agents in the Stack
Copilot to Agent: Recognizing the Shift Before the Buyer Tests You
Nobody Owns This
Three Principals, No Hierarchy
Built Outside the Envelope
The Pilot Worked. That's the Problem.
The Hollowed-Out Stack
The Staffing Layer That Was Supposed to Govern AI
Still in Pilot
The Federal AI Inventory Says 1,800. The Auditors Say Something Else.
The Inventory Opening
Your Buyer's AI Inventory Is an Access Certification. Here's Where It Breaks.
The Workaround Layer
Your Agency Buyer Has a Policy. They Don't Have Visibility. Those Are Different Things.
Technical Comparison
Three Model Classes, One Buyer Question
Technical Comparison
Pre-Training, Fine-Tuning, and Inference
Concept Explainer
The Model Is Sampling, Not Retrieving
Recap
AI Foundations Recap: Reading a Model Spec Sheet
Concept Explainer
Before You Type a Word
Concept Explainer
The Unit Underneath Everything: Tokens and the Context Window
Concept Explainer
What's Actually in That "Vector Database" Box
Section Opener
What a Language Model Is
Concept Explainer
The Model Doesn't Know What's True
The Velocity Problem
Agents Don't Have HR Records
The Delegation Problem
Where Token Exchange Runs Out of Road
Two Terms, Two Traps
"Context Window" Is Not "Security Context": A Vocabulary Problem That Will Cost You
The Contested Principal
"Who Is This?" — Why Agent Identity Has No Clean Answer Yet
Two Terms, Two Traps
When "OAuth" Doesn't Mean What You Think It Means: MCP Authorization and the Scope Problem
The Authorization Gap
The Agent Audit Log Is a Different Problem
Buyer's Room
Buyer's Room: The CAIO in Mid-2026 — A Pre-Meeting Briefing
