News AggregatorFrom LLMs to Agents: How BigID is Enabling Secure Agentic AI for Data GovernanceAggregated on: 2026-01-30 20:12:52 Understanding Large Language Models (LLMs) Large Language Models (LLMs) form the foundation of most generative AI innovations. These models are predictive engines trained on massive datasets, often spanning hundreds of billions of tokens. For example, ChatGPT was trained on nearly 56 terabytes of data, enabling it to predict the next word or token in a sequence with remarkable accuracy. The result is an AI system capable of generating human-like text, completing prompts, answering questions, and even reasoning through structured tasks. At their core, LLMs are not databases of facts but statistical predictors. They excel at mimicking natural language and surfacing patterns seen in their training data. However, they are static once trained. If a model is trained on data that is five or ten years old, it cannot natively answer questions about newer developments unless it is updated or augmented with real-time sources. This limitation makes pure LLMs insufficient in enterprise contexts where accuracy, compliance, and timeliness are critical. View more...Testcontainers Explained: Bringing Real Services to Your Test SuiteAggregated on: 2026-01-30 19:12:52 Building robust, enterprise-grade applications requires more than just writing code — it demands reliable automated testing. These tests come in different forms, from unit tests that validate small pieces of logic to integration tests that ensure multiple components work together correctly. Integration tests can be designed as white-box (where internal workings are visible) or black-box (where only inputs and outputs matter). Regardless of style, they are a critical part of every release cycle. Modern enterprise applications rarely operate in isolation. They often have to interact with external components like databases, message queues, APIs, and other services. To validate these interactions, integration tests typically rely on either real instances of components or mocked substitutes. View more...ToolOrchestra vs Mixture of Experts: Routing Intelligence at ScaleAggregated on: 2026-01-30 18:12:52 Last year, I came across Mixture of Experts (MoE) through this research paper published in Nature. Later in 2025, Nvidia published a research paper on ToolOrchestra. While reading the paper, I kept thinking about MoE and how ToolOrchestra is similar to or different from it. In this article, you will learn about two fundamental architectural patterns reshaping how we build intelligent systems. We'll explore ToolOrchestra and Mixture of Experts (MoE), understand their inner workings, compare them with other routing-based architectures, and discover how they can work together. View more...Ralph Wiggum Ships Code While You Sleep. Agile Asks: Should It?Aggregated on: 2026-01-30 17:12:52 TL; DR: When Code Is Cheap, Discipline Must Come from Somewhere Else Generative AI removes the natural constraint that expensive engineers imposed on software development. When building costs almost nothing, the question shifts from “can we build it?” to “should we build it?” The Agile Manifesto’s principles provide the discipline that these costs are used to enforce. Ignore them at your peril when Ralph Wiggum meets Agile. The Nonsense About AI and Agile Your LinkedIn feed is full of confident nonsense about Scrum and AI. View more...Essential Techniques for Production Vector Search Systems, Part 3: Filterable HNSWAggregated on: 2026-01-30 16:12:51 After implementing vector search systems at multiple companies, I wanted to document efficient techniques that can be very helpful for successful production deployments of vector search systems. I want to present these techniques by showcasing when to apply each one, how they complement each other, and the trade-offs they introduce. This will be a multi-part series that introduces all of the techniques one by one in each article. I have also included code snippets to quickly test each technique. View more...TPU vs GPU: Real-World Performance Testing for LLM Training on Google CloudAggregated on: 2026-01-30 15:12:51 As large language models (LLMs) continue to grow in scale, the underlying hardware used for training has become the single most critical factor in a project’s success. The industry is currently locked in a fascinating architectural battle: the general-purpose power of NVIDIA’s GPUs versus the purpose-built efficiency of Google’s Tensor Processing Units (TPUs). For engineers and architects building on Google Cloud Platform (GCP), the choice between an A100/H100 GPU cluster and a TPU v4/v5p pod is not merely a matter of cost — it is a decision that impacts software architecture, data pipelines, and convergence speed. This article provides a deep-dive technical analysis of these two architectures through the lens of real-world LLM training performance. View more...Automating TDD: Using AI to Generate Edge-Case Unit TestsAggregated on: 2026-01-30 14:12:51 The Problem: The "Happy Path" Trap in TDD Test-driven development (Red-Green-Refactor) is the gold standard for reliable software. However, it has a flaw: The quality of your code is capped by the imagination of your test cases. If you are building a payment processing function, you will naturally write a test for "valid payment." You might even remember "insufficient funds." But will you remember to test for: View more...Designing Irreversible Security Release at Hyper-Scale: Lessons Learned From Things You Can’t UndoAggregated on: 2026-01-30 13:12:51 What Makes a Change Irreversible? Reverting a line of code is easy, and most of the time, firmware is backward-compatible. But what if a piece of hardware is specifically designed not to take older firmware, and the only option is to fix it with a new version? You could argue: Why design the hardware in such a manner? Well, it could be for a myriad of reasons, including a hardware design bug, a security hash algorithm that was a one-way function, or an older firmware bug that's being fixed in the newer release. It's easy to update the software behavior if needed, but it's not possible to change any hardware behavior. So we go to the next best option — mimic software to accept the hardware flaw and invert the operation on the software side. View more...Mentorship in Modern Engineering Teams: The ROI Question in the Age of AIAggregated on: 2026-01-30 12:12:51 The Uncomfortable Question As an engineer, I often ask myself whether mentoring junior engineers still makes economic sense. A few years ago, the path was predictable: juniors handled basic tasks, learned the codebase, and became reliable contributors within 6–12 months. The early period required guidance, but the return was clear and arrived within a predictable window. AI tools changed that structure. Much of the work that historically built junior competence, such as small features, refactoring tasks, and routine implementation, can now be produced quickly through Claude, ChatGPT, or Copilot. This reshapes team expectations about where early productivity should come from. View more...Modernizing Applications with the 7 Rs Strategy – A CTO's GuideAggregated on: 2026-01-29 20:12:51 Think about the time CTOs spent most of their time fixing old systems. Updates were slow, servers were expensive, and adding new features took time. Now, things have changed. Cloud technology applications can grow fast, collaborate, and meet business demands quickly. View more...Preventing Cache Stampedes at ScaleAggregated on: 2026-01-29 19:12:51 High-concurrency systems — especially retail, travel, ticketing, or any “hot product” scenarios — often face cache stampedes (also called thundering herd or dogpiling). When a cache entry expires, every server instance may simultaneously hit the database and recompute the same value. That results in: Unnecessary datastore I/O Increased latency CPU spikes Potential outages This article outlines a production-ready pattern that combines: View more...Reliable AI Agent Architecture for Mobile: Timeouts, Retries, and Idempotent Tool CallsAggregated on: 2026-01-29 18:12:51 Mobile is where “agent reliability” stops being a nice-to-have and turns into incident prevention. On desktop or server environments, a flaky call is annoying. On mobile, it’s normal: View more...5 Technical Strategies for Scaling SaaS ApplicationsAggregated on: 2026-01-29 17:12:51 Growing a business is every owner’s dream — until it comes to technical scaling. This is where challenges come to the surface. They can be related to technical debt, poor architecture, or infrastructure that can’t handle the load. In this article, I want to take a closer look at the pitfalls of popular SaaS scaling strategies, drawing from my personal experience. I’ll share lessons learned and suggest practices that can help you navigate these challenges more effectively. View more...AI Awareness for File-Based Work: The Risk of Silent FailureAggregated on: 2026-01-29 16:12:51 As large language models move from chat to operational work, a specific reliability gap keeps surfacing: the model can produce fluent output without using the files the user provided. In file-based workflows, this is not a cosmetic issue. It is a correctness issue, because the file is the source of truth. This article reports a documented interaction with Google Gemini Pro (paid) in which a user supplied a structured CSV containing 518 institutional records and a computed total of 3,672,638 full-time equivalents (FTEs). Instead of demonstrating file use, the model initially returned generic output and continued to follow an earlier response mode even after the user repeatedly requested a mode change. The transcript includes the model’s own admissions that it failed to incorporate the Excel/CSV data and that it remained stuck to an initial formatting constraint. View more...Cognitive Load-Aware DevOps: Improving SRE ReliabilityAggregated on: 2026-01-29 15:12:51 The site reliability engineering (SRE) community has tended to view reliability as a mechanical problem. So we have been meticulously counting "nines," working on the failover groups, and making sure our autoscalers have all the least settings they need. But something appears to be metamorphosing threateningly: people are becoming increasingly lost in high-availability metrics like 99.99%, which seemingly mask an infrastructure that would melt like butter if not for humans stepping in manually. We have reached the maximum level of complexity. Modern cloud-native ecosystems, including microservices, temporary Kubernetes pods, and distributed service meshes, are experiencing an exponential growth in the amount of traffic they handle. While the infrastructure continues to scale up and down at will, our human cognitive bandwidth, as defined by Miller's Law, simply cannot keep up. We are trying to manage state spaces that approach infinity with something as minimalist as biological bandwidth. View more...Automating AWS Glue Infra and Code Reviews With RAG and Amazon BedrockAggregated on: 2026-01-29 14:12:51 In many enterprises, the transition from a "working" pipeline to a "production-ready" pipeline is gated by a manual checklist. In most enterprises, a “simple” Glue review involves answering questions like: Is the Glue job deployed? Was it provisioned via CloudFormation? Does the expected crawler exist? Is the code production-grade? Does it follow internal best practices? Traditionally, a senior engineer would spend 4–6 hours per use case and manually: View more...Cloud Systems Drift: What Happens When Exceptions Become the SystemAggregated on: 2026-01-29 13:12:51 Balancing process and progress is possible when actively pursued. Environments are distributed, constraints are real, and coordination across integrations can be complex. Companies deploy shared architectures and systems across business units that often maintain their own directories and applications alongside enterprise identity, service, and governance components. Maintaining perspective by knowing who the system serves, what it must do, and when expectations apply helps preserve context as work moves from requirements to outcomes. Conceptually, many organizations apply standard operating models. Collaboration through working groups occurs, and cross-functional teams provide input. They survey users, incorporate feedback, and prioritize activities from procurement through deployment and support. Over time, however, shifting priorities tend to result in systems that function as intended but are rarely revisited for refinement as services accumulate. What might be simplified often remains taxingly serviceable. Adjustments lead to deviations, and both are expected, but how do we prevent sprawl and excessive adaptation? View more...Why Terraform Pipeline Failures Still Take 30 Minutes — and How We Cut Them to 2Aggregated on: 2026-01-29 12:12:51 The Problem Pipeline failures interrupt development workflows. The typical remediation process: Scan through thousands of lines of build logs to find the error Understand the root cause Write the fix Test the change For common, repetitive failures — missing Terraform variables, incorrect region names, syntax errors—this wastes significant engineering time. We measured an average of 30 minutes per failure in our environment. View more...2 Hidden Bottlenecks in Large-Scale Azure MigrationsAggregated on: 2026-01-28 20:12:50 “Lift and Shift” (or cloud lift) is often sold as the path of least resistance for migrating legacy systems to the cloud. The theory is simple: take your on-premises virtual machines (VMs), copy them to an IaaS provider like Azure, and enjoy immediate scalability. However, when dealing with large-scale, mission-critical systems, the physics of the cloud are different from an on-premises data center. Assumptions made about network adjacency and connection limits can lead to catastrophic performance failures that only appear during full-load testing. View more...AI-Powered DevSecOps: Automating Security with Machine Learning ToolsAggregated on: 2026-01-28 19:12:50 The VP of Engineering at a mid-sized SaaS company told me something last month that stuck with me. His team had grown their codebase by 340% in two years, but headcount in security had increased by exactly one person. "We're drowning," he said, gesturing at a dashboard showing 1,847 open vulnerability tickets. "Every sprint adds more surface area than we can possibly audit." He's not alone. I've had nearly identical conversations with CTOs at three different companies in the past quarter. The math doesn't work anymore. Development velocity has exploded — partly due to AI coding assistants, partly due to pressure to ship faster — but security teams are still operating with tools and workflows designed for a slower era. Something has to give, and increasingly, that something is machine learning. View more...From Monolith to Modular Monolith: A Smarter Alternative to MicroservicesAggregated on: 2026-01-28 18:12:50 Somewhere around 2015, microservices became gospel. Not a pattern — gospel. You decomposed or you died, architecturally speaking. The pitch was seductive: independent scaling, polyglot persistence, team autonomy that meant engineers could ship without waiting on Gary from the payments team to merge his pull request. Entire conference tracks emerged. Consultants got rich. And a lot of systems got worse. Not all of them. Some genuinely needed the distributed model — genuine scale pressures, organizational boundaries that mapped cleanly to service boundaries, teams mature enough to eat the operational cost without choking. But most? Most were mid-sized SaaS platforms or internal tools that adopted microservices because the narrative was so ubiquitous it felt like technical malpractice not to. View more...Zero Trust for Agents: Implementing Context Lineage in the Enterprise Data MeshAggregated on: 2026-01-28 17:12:50 Challenge: When Agentic Bots Become Primary Data Reader In large data platforms, AI agents now execute more data queries than human users. For teams that are running thousands of internal services, it is very common to have hundreds or thousands of agentic bots querying data: a "Supply Chain Optimizer" reading manufacturing logs, a "System Quality Analyst" agent querying usage metrics, or a "Sales Forecaster" aggregating regional sales data, finally passing or interacting with some models. In a decentralized data mesh, domain owners need a way to detect whether an agent that they allowed to read critical data has been altered or compromised since its identity was issued. In such cases, mTLS authenticates the caller service but provides no details about the agent's prior actions or execution context, such as which model or service it is, or what actions it has performed with the data in the past. View more...Building an OCR Data Pipeline: From Unstructured Images to Structured DataAggregated on: 2026-01-28 16:27:50 The Problem: Unstructured Data Is Everywhere If you've ever tried to pull data out of a scanned document or image, like receipts, invoices, restaurant menus, or even handwritten forms, you know the pain. OCR tools (like Tesseract or AWS Textract) are great at recognizing text, but they just output unstructured chaos. Recently, we faced this problem while extracting restaurant menu data from PDFs and photos. Each menu had a different layout, font, and price format, and what I got back from the OCR models was a wall of unstructured text: random words, misaligned prices — useless for queries, pricing analysis, or downstream systems. View more...The Serverless Ceiling: Designing Write-Heavy Backends With Aurora LimitlessAggregated on: 2026-01-28 15:27:50 For years, serverless architectures have solved one half of the scalability problem. Compute is no longer the bottleneck. Platforms like AWS Lambda can absorb sudden traffic spikes without advance provisioning. But the moment the compute layer needs to persist data in a relational database, the model starts to strain. Thousands of concurrent functions quickly converge on a single write endpoint, and what looked like elastic scale turns into contention. View more...Claude Cowork: AI Agents’ Email Moment for Non-CodersAggregated on: 2026-01-28 14:27:50 TL; DR: Claude Cowork AI agents have long promised productivity gains, but until now, they demanded coding skills that most agile practitioners lack or are uncomfortable with. In this article, I share my first impressions on how Claude Cowork removes that barrier, why it is a watershed moment, and how you could integrate AI Agents into your work as an agile practitioner. Why Claude Cowork Changes How Knowledge Work Will Be Done There are rarely stop-the-press moments in technology. Most “announcements” are incremental improvements dressed up in marketing language. Claude Cowork is different. Anthropic released it on January 12, 2026, and it marks a turning point for how non-developers can work with AI. View more...Generating Schema-Valid Synthetic ISO 20022 Messages for Privacy-Preserving Fraud DetectionAggregated on: 2026-01-28 13:27:50 Modern fraud detection systems depend on machine learning models trained on large volumes of payment transaction data. The challenge is that real payment messages — especially ISO 20022 formats such as pacs.008 and pacs.009 — contain highly sensitive financial and customer information that cannot be freely shared across institutions. This creates a structural limitation. Fraud patterns often emerge only when data is analyzed across multiple financial institutions, yet regulatory, privacy, and competitive constraints prevent raw transaction data from leaving institutional boundaries. View more...LLM-Powered Product Development: A Python-Centric ApproachAggregated on: 2026-01-28 12:27:50 Artificial intelligence has continued to enter our daily lives, minimizing its presence in laboratories and traditionally viewed as a component of applications and tools. Large language models (LLMs) are at the core of this change and now power products that can produce text, respond to queries or even direct workflows. Python frameworks have enabled this jump by providing developers with pre-built methods to integrate LLMs into the real world. However, this brings up a significant issue, which is whether these frameworks are merely wrappers of the existing models, or they are redefining the way we design and develop modern software. Outside laboratory settings, LLMs have transformed the industries in regard to automation, individualization and data-driven decision-making. Since the beginning of their use by startups to interact with the customers and the enterprises automating documentation, AI products impact nearly every area. The change of development is not only technical, but strategic to make the cycle of innovations faster and the distance between an idea and its implementation shorter. View more...GraphQL vs REST — Which Is Better?Aggregated on: 2026-01-27 20:23:00 GraphQL and REST are two of the most popular API frameworks currently in use, with GraphQL seeing increasing adoption. GraphQL was developed by Facebook to address key challenges in REST APIs, particularly in reducing latency for mobile applications. The debate over which is better continues within the developer community, with strong arguments on both sides. The choice between GraphQL or REST depends on the type of application being built. GraphQL addresses latency issues caused by over-fetching and under-fetching, and provides built-in support for real-time updates. On the other hand, REST leverages HTTP constructs for caching, rate control, and telemetry, allowing these concerns to be handled at the platform layer rather than the application layer. View more...Building an Internal Document Search Tool with Retrieval-Augmented Generation (RAG)Aggregated on: 2026-01-27 19:23:00 Why RAG Matters Now Large language models (LLMs) have shown how far generative systems can go. They draft text, answer questions, and even support software development. Yet they have a clear weakness. Models trained on public data often hallucinate and almost always lack access to company-specific knowledge (Ji et al., 2023). Relying only on pre-trained knowledge is risky when answers must be exact, such as in finance, healthcare, or HR policies. Retrieval-Augmented Generation, or RAG, has emerged as a practical solution. Instead of expecting the model to know everything, RAG connects the model to external sources of truth (Lewis et al., 2020). A user query is matched with relevant documents, and the model generates a response grounded in those documents. This approach closes the gap between general intelligence and domain expertise. The open question for many developers is whether RAG is just a patch for hallucination, or if it is the foundation for enterprise-ready AI. View more...Cost-Aware GenAI Architecture: Caching, Model Routing, and Token Budgets That Don’t ExplodeAggregated on: 2026-01-27 18:23:00 Shipping GenAI is easy. Shipping it without a surprise bill, latency spikes, and “why did it call the big model for that?” incidents is the hard part. This article is a practical architecture pattern for cost control as a first-class system requirement — built around three levers: View more...Designing Mathematical Software for HumansAggregated on: 2026-01-27 17:23:00 When we build developer tools, we tend to optimize for performance and API consistency. When we build mathematical tools, we have to optimize for something rarer: clarity of reasoning. Writing software for mathematicians, researchers, and educators requires a different mindset. It’s not just about whether the code runs fast; it’s about whether the code thinks the way the user does. This realization struck me while designing a Python package for combinatorial graph theory called chipfiring. What began as a niche research tool soon became an exercise in human-centered software design. The lessons, however, apply far beyond graph theory. Whether you’re writing a symbolic algebra engine, a geometry toolkit, or a probability simulator, the same principles can help you craft mathematical software that people actually understand. View more...Implementing HTTPS Two-Way Authentication in Android Using Delphi XE10.xAggregated on: 2026-01-27 16:23:00 I have an HTTPS cloud server. After a mobile app sends a request, it receives the content returned by the server. The server stores a self-made CA and a server certificate. Vue.js Component const https = require('https'); var fs = require('fs'); var options = { key: fs.readFileSync("./myserver.key"), cert: fs.readFileSync('./myserver.crt'), ca: fs.readFileSync('./MyCARoot.crt'), requestCert: true, rejectUnauthorized:true }; View more...Versioning Lies: A Date Contract Is a Promise That Never BreaksAggregated on: 2026-01-27 15:23:00 URI versioning, such as /v1/foo, is one of the most used methods for versioning APIs. Clients can easily comprehend it, but as your API develops, it may become challenging to manage. However, a date versioned header-based API versioning can be a little more opaque for clients, but when done properly, it provides flexibility and maintainability. Let’s get a gist of both approaches. View more...Edge-First AI Architecture: Designing Low-Latency, Offline-Capable IntelligenceAggregated on: 2026-01-27 14:23:00 Most mobile AI features silently depend on a “good enough” network. That’s fine on your office Wi-Fi. It’s not fine: On spotty 3G In the subway In a warehouse with terrible coverage When your cloud endpoint is down or throttled If your “AI feature” turns into a spinner or a generic error in those cases, users will stop trusting it. View more...The Rise of Platform Engineering: How Internal Developer Platforms Are Replacing Traditional DevOpsAggregated on: 2026-01-27 13:23:00 Platform engineering has shed its experimental veneer. What began as isolated attempts by infrastructure teams to tame cloud sprawl — ServiceNow tickets piling up, Terraform modules copy-pasted across repositories, engineers slacking each other at 11 PM about which IAM role grants ECR access — has calcified into something defensible, something you can budget for. Internal Developer Platforms aren’t theoretical anymore. They’re the substrate on which organizations either scale gracefully or collapse under their own tooling weight. The shift feels less like a revolution and more like exhausted pragmatism. You build platforms because the alternative — letting every squad maintain its own Jenkins pipeline, its own Ansible playbooks, its own mental model of how secrets propagate from Vault to pods — becomes untenable somewhere between your third acquisition and your fiftieth microservice. View more...An Introduction to the Four Pillars of ObservabilityAggregated on: 2026-01-27 12:23:00 It is a quiet Tuesday afternoon until the latency spikes begin. In the world of modern software engineering, we have moved far beyond the era of simple server monitoring. We no longer just “build and hope.” Instead, we strive for Continuous Reliability, a state where our systems are designed to be interrogated, understood, and improved in real time. This is the essence of Observability. To truly master a running system, we must look through four distinct lenses, often called the pillars of telemetry. Each provides a different chapter of the story, and together, they offer a level of visibility that transforms production from a “black box” into an open book. View more...Building an AI Agent Traffic Management Platform: APISIX AI Gateway in PracticeAggregated on: 2026-01-26 20:07:59 Introduction: The Turning Point from Dispersed Traffic to Intelligent Governance Since early 2025, within a leading global appliance giant, multiple business lines have introduced numerous large language models (LLMs). The R&D department needed coding assistants to improve efficiency, the marketing team focused on content generation, and the smart product team aimed to integrate conversational capabilities into home appliances. The variety of models rapidly expanded to include both self-built solutions like DeepSeek and Qwen, as well as proprietary models from multiple cloud service providers. However, this rapid expansion soon exposed new bottlenecks: fragmented inference traffic, chaotic scheduling, rising operational costs, and uncontrollable stability issues. View more...Prompt Injection Is the New SQL Injection: How Hackers Are Breaking into AI SystemsAggregated on: 2026-01-26 19:07:59 Why Prompt Injection Is the New Surface Attack and So Difficult by Design In December 2023, a Chevrolet dealership made headlines when users coaxed its ChatGPT-powered chatbot into “agreeing” to sell cars for $1. Just months earlier, in February, Microsoft’s Bing had exposed its hidden “Sydney” persona, venting irritation at users and sparking widespread alarm about AI behavior. These are some examples of prompt injection in action. OWASP now ranks prompt injection as the #1 vulnerability in their LLM Top 10. The thing that makes this challenging is that, since the SQL injection vulnerability took three decades to mature, we have now developed multiple methods to prevent it. View more...When Agile Teams Drown in Reports: How to Eliminate Noise and Build a Lean Reporting SystemAggregated on: 2026-01-26 18:08:00 Agile teams rely on data to make informed decisions, improve delivery flow, and maintain transparency across roles and ceremonies. Metrics provide visibility into how work progresses, where bottlenecks emerge, and whether the team is on track to meet its goals. Yet in many organizations, teams unconsciously fall into a reporting trap: they generate far more reports than they actually need. Dashboards, charts, spreadsheets, widgets, and analytics multiply over time: each created with good intentions, but often without clear ownership or a defined decision-making purpose. What begins as a simple attempt to track progress evolves into a sprawling reporting ecosystem that teams struggle to navigate. View more...Engineering Habits for Building Resilient SoftwareAggregated on: 2026-01-26 17:07:59 Software engineering is changing quickly. Just as the internet and cloud computing changed how we build and launch apps, artificial intelligence (AI) is now speeding up the move from a minimum viable product (MVP) to large-scale systems. Tasks that used to take days, such as hackathons, now take only hours. Companies use AI agents for more than code completion. AI agents help with documentation, testing, and managing workflows. But adding AI to the software development lifecycle (SDLC) is not just about speed. It also means building good engineering habits to keep systems resilient, secure, and high-quality. View more...HAIP 1.0 for Verifiable Presentations: Securing the VP FlowAggregated on: 2026-01-26 16:07:59 In my previous article, I covered DPoP for securing the credential issuance (VCI) flow. This follow-up focuses on the Verifiable Presentation (VP) flow, in which a wallet presents credentials to a verifier. The VP Security Challenge Before HAIP, VP flows had significant vulnerabilities: View more...The Anatomy of an AI Agent and How to Build One With Docker CagentAggregated on: 2026-01-26 15:07:59 Artificial intelligence (AI) agents are systems that understand their environment, reason, plan, and take actions using large language models (LLMs) with minimal human interaction. Today, we have agents that read your calendar, inbox, and event write and execute code. As part of this tutorial, we will explore the different constructs that make up an AI agent and learn how to build one using the Docker cagent. Unlike traditional software, which executes predefined logic, an AI agent can autonomously drive toward a goal with minimal human interaction. And at a very high level, every AI agent consists of seven core components. View more...How to Create AI-Enhanced Code Review SystemsAggregated on: 2026-01-26 14:22:59 One of the main frustrations most engineers face when doing code reviews (PRs) is that they are often inconsistent. In some cases, PRs will receive in-depth reviews where each line of code is reviewed, while others may only have a summary review stating “Looks Good to Me” (LGTM), not because the developer did not care about the code being reviewed, but rather because they are coming off of a busy day, got tired, are overloaded with work context, etc. I have been through this situation multiple times with several startups, and as we continue to grow and develop into larger teams, the code bases we are developing continue to expand, and how we perform code reviews is becoming more chaotic, longer, and more subjective. Considering new members joining the development team, it is difficult for them to learn architectural patterns and guidelines, and typically, senior-level engineers become the bottleneck in code reviews. View more...The A3 Framework: Assist, Automate, Avoid — A Decision System for AI DelegationAggregated on: 2026-01-26 13:22:59 TL; DR: The A3 Framework The A3 Framework categorizes AI delegation before you prompt: Assist (AI drafts, you actively review and decide), Automate (AI executes under explicit rules and audit cadences), or Avoid (stays entirely human when failure would damage trust or relationships). Most AI training teaches better prompting. The A3 Framework teaches the prior question: Should you be prompting at all? Categorize first, then prompt. View more...Building Fault-Tolerant Data Pipelines in GCPAggregated on: 2026-01-26 12:22:59 After years of building data pipelines on Google Cloud Platform, I’ve learned fault tolerance isn’t optional; it’s essential from day one. What sets a production-ready pipeline apart isn’t the architecture diagram but how it handles out-of-order changes, backlog, crashes, and quota limits. This article distills lessons from real-world challenges: debugging issues at 3 a.m., handling unexpected load, and ensuring pipelines keep running through failures. The advice here is practical, not theoretical. View more...Secure AI Architecture for Payments: From Risk Signals to Real-Time DecisionsAggregated on: 2026-01-23 21:11:09 Most users tap Pay on Android and assume it’s simple. Behind that one tap, your app is juggling PCI rules, device security, fraud checks, and 3DS — usually inside a tight latency budget measured in hundreds of milliseconds. If all of that logic lives in scattered checks, random API calls, and duplicated business rules, it will eventually break in subtle (and expensive) ways. View more...PostgreSQL Trigram Similarity vs. Pattern Matching: A Performance ComparisonAggregated on: 2026-01-23 19:26:09 A previous article presented a performance comparison between PostgreSQL Full-Text Search (FTS) and plain pattern matching, especially in cases where a given piece of text is searched across multiple attributes of multiple entities. In brief, the conclusion was that FTS is significantly faster, while pattern matching offers greater flexibility, a wider range of applicability, and higher precision. The present article aims to continue this analysis, which is worthwhile when implementing global search solutions, in order to increase objectivity regarding the applicability of these methods and to help programmers make informed choices more easily. View more...Reimagining Innovation: How Citizen Application Development is Reshaping the Modern EnterpriseAggregated on: 2026-01-23 18:26:09 Enterprise technology is shifting faster than ever. Innovation used to live behind a ticket. Business ideas waited in line while central teams balanced priorities, budgets, and release windows. Citizen application development changes that rhythm. With modern low-code and no-code platforms, people closest to the problem can create secure, integrated apps and automations that move work forward. The result is faster cycles, clearer ownership, and a pipeline of improvements that does not stall when bandwidth is tight. According to Gartner, citizen application development platforms accelerate digital transformation by empowering business users to independently build applications beyond traditional IT boundaries. View more...Vibe Coding Part 3 — Building a Data Quality Framework in Scala and PySparkAggregated on: 2026-01-23 17:26:09 A couple of years ago, I developed a class-based Data Quality (DQ) framework in Scala. After some time, I became part of an accelerator framework that dealt with many data engineering tasks, with data quality being one set of activities. After considering multiple factors, it was decided that the framework would be built using Python. Given that we wanted to handle large datasets and ensure scalability, we decided to implement the data quality framework in PySpark. Using the Scala-based DQ framework as a stepping stone and foundation, I developed an equivalent DQ framework in PySpark. The framework was successful, with the DQ functionality implemented as a Python library and packaged as a wheel. View more...How a Standardized Logistics Protocol Can Unlock AI's Full Potential in Supply ChainAggregated on: 2026-01-23 16:26:09 The logistics industry stands at an inflection point. While artificial intelligence promises to revolutionize supply chain operations — from real-time route optimization to autonomous fleet coordination — a fundamental bottleneck prevents these innovations from reaching their full potential: the lack of a standardized protocol for logistics providers to communicate. The NxM Problem in Modern Logistics Consider this scenario: View more... |
|
|