Skip to main content

Posts

Analyst View: Why platform engineering matters more than ever

In Greek mythology, Odysseus had to navigate between Scylla and Charybdis — two perils threatening from both sides. Today’s IT leaders face a similar dilemma: technical debt and sprawl on one side; excessive bureaucracy and stifling controls on the other. Enter platform engineering, the emerging discipline that offers a way to steer between these hazards and deliver software faster, safer, and at scale. From freedom to sprawl to over-control The story starts with the mainframe era, where infrastructure decisions were simple and everything was standardized. Then came distributed computing, bringing freedom and flexibility but also chaos. Every project team made its own decisions: what database to use; how to handle authentication; where to store logs. The result? A fragmented, unmanageable landscape of bespoke solutions. Enterprise architecture (EA) teams starting in the 1990s attempted to rein in the chaos by imposing standardization. But their methods — lengthy checklists, rigid ap...
Recent posts

Sonatype reveals 18,000 malicious open source packages in its Q1 Open Source Malware Index

Sonatype, a company focused on software supply chain security, has announced the results of its quarterly Open Source Malware Index , which provides insights into malicious open source packages.  The index found 17,954 malicious open source software packages, including several hijacked npm crypto packages, a malicious npm package disguised as the Truffle for VS Code extension, and fake Solana packages .  Fifty-six percent of the packages were related to data exfiltration. These packages would be used by attackers to obtain sensitive data from the systems they are installed on.  For comparison, the Q4 2024 report found that only 26% of packages were related to data exfiltration, signaling an increasing risk of sensitive information being compromised through open source components.  Eighty percent of the packages Sonatype found were categorized as “sophisticated and threatening types of malware,” like droppers or code injection malware.  “From hijacked ...

Kong AI Gateway updated with features to reduce LLM hallucination and protect sensitive personal data

Kong has announced updates to its AI Gateway , a platform for governance and security of LLMs and other AI resources.  One of the new features in AI Gateway 3.10 is a RAG Injector to reduce LLM hallucinations by automatically querying the vector database and inserting relevant data to ensure the LLM is augmenting the results with known knowledge sources, the company explained. This improves security as well by putting the vector database behind the Kong AI Gateway, and also improves developer productivity by allowing them to focus on things other than attempting to reduce hallucinations. Another update in AI Gateway 3.10 is an automatic personally identifiable information (PII) sanitization plugin to protect over 20 categories of PII across 12 different languages. It works with most major AI providers, and can run at the global platform level so that developers don’t need to manually code the sanitization into every application they build. According to Kong, other similar sani...

Report: Security is no longer the top challenge in cloud native environments

Security used to be the biggest challenge companies implementing cloud native technologies faced, but according to a new report from the Cloud Native Computing Foundation (CNCF), that is no longer the case. The CNCF’s 2024 Cloud Native Survey , which surveyed 750 members of the CNCF community, revealed that cultural changes are now the top challenge, with 55% of respondents citing this as the number one issue.   “When cloud native computing was maturing, technical issues like security, networking, storage, and observability were major pain points. Today, though, more seasoned cloud native practices have helped make technical challenges more manageable, meaning organizations can focus their attention on culture and process shifts. Whether it’s a move to platform engineering or GitOps, or a transition from a monolithic architecture to a microservices one, these culture-change efforts are the logical, if tricky, next steps in the cloud native evolution, as the survey results r...

Report shows overinflated opinion of infrastructure automation excellence

Many infrastructure technology teams believe they have mastered infrastructure automation, but the data tells a different story. We commissioned a survey to explore the state of infrastructure automation, and this research uncovered a stark gap between perception and reality. While 45% of organizations believe they have achieved a high level of infrastructure automation, only 14% exhibit the behavior and technology patterns of infrastructure automation excellence. This is one of the illuminating findings of our survey of 413 infrastructure tool purchase decision-makers and influencers, conducted by Panterra. Full results are detailed in “ The State of Infrastructure Automation ” report, available for download. What I find most compelling about the survey revelations—and what the report addresses in detail—is the critical challenge facing technology decision-makers: balancing the need for speed with the necessity of control. In the pursuit of rapid deployment, many teams have sacrific...

March 2025: All AI updates from the past month

Software companies are constantly trying to add more and more AI features to their platforms, and AI companies are constantly releasing new models and features.  Here are all the major AI updates we covered in the month of March. Google releases reasoning model Gemini 2.5, its “most intelligent AI model” yet Gemini 2.0 Flash Thinking was the company’s first reasoning model, and Gemini 2.5 builds on that with a better base model and improved post-training. In its announcement, Google revealed that all of its future AI models will have reasoning capabilities built in. The first Gemini 2.5 model is Gemini 2.5 Pro Experimental, and it leads in LMArena benchmarks over other reasoning models like OpenAI o3-mini, Claude 3.5 Sonnet, and DeepSeek R1. “Gemini 2.5 models are thinking models, capable of reasoning through their thoughts before responding, resulting in enhanced performance and improved accuracy. In the field of AI, a system’s capacity for “reasoning” refers to more than j...

Mar 28, 2025: AI updates from the past week — Gemini 2.5, OpenAI 4o image generation, new reasoning agents from Microsoft, and more

Software companies are constantly trying to add more and more AI features to their platforms, and AI companies are constantly releasing new models and features. It can be hard to keep up with it all, so we’ve written this roundup to share several notable updates around AI that software developers should know about.  Google releases reasoning model Gemini 2.5, its “most intelligent AI model” yet Gemini 2.0 Flash Thinking was the company’s first reasoning model, and Gemini 2.5 builds on that with a better base model and improved post-training. In its announcement, Google revealed that all of its future AI models will have reasoning capabilities built in. The first Gemini 2.5 model is Gemini 2.5 Pro Experimental, and it leads in LMArena benchmarks over other reasoning models like OpenAI o3-mini, Claude 3.5 Sonnet, and DeepSeek R1. “Gemini 2.5 models are thinking models, capable of reasoning through their thoughts before responding, resulting in enhanced performance and improved ...

Akamai launches new platform for AI inference at the edge

Akamai has announced the launch of Akamai Cloud Inference, a new solution that provides tools for developers to build and run AI applications at the edge. According to Akamai, bringing data workloads closer to end users with this tool can result in 3x better throughput and reduce latency up to 2.5x. “Training an LLM is like creating a map, requiring you to gather data, analyze terrain, and plot routes,” said Adam Karon, chief operating officer and general manager of the Cloud Technology Group at Akamai. “It’s slow and resource-intensive, but once built, it’s highly useful. AI inference is like using a GPS, instantly applying that knowledge, recalculating in real time, and adapting to changes to get you where you need to go. Inference is the next frontier for AI.” Akamai Cloud Inference offers a variety of compute types, from classic CPUs to GPUs to tailored ASIC VPUs. It offers integrations with Nvidia’s AI ecosystem, leveraging technologies such as Triton, TAO Toolkit, TensorRT, a...

Android team unveils upcoming enhancements to make Google Play safer

The Android development team is announcing several upcoming updates that will make it easier for app developers to secure their applications. According to the team, security is a priority, and over the last few years it has made several improvements to how security and privacy are managed in Google Play, and recent updates over the last few years have included enhanced tools to protect against fraud, pre-review checks to fix policy and compliance issues earlier in the development life cycle, and advanced AI-powered threat detection capabilities. Building on those, some of the upcoming enhancements the Android team will be making this year include: More pre-review checks New ways to help developers understand Google Play policies, better navigation in the Policy Center, and new features in Console and Android Studio to allow developers to fix issues before app submission.   Updates to the Play Integrity API that will better enable developers to deal with emerging threats ...

Google releases reasoning model Gemini 2.5, its “most intelligent AI model” yet

Google has announced the release of Gemini 2.5, which is a new reasoning model that the company claims is its “most intelligent AI model” yet. “Gemini 2.5 models are thinking models, capable of reasoning through their thoughts before responding, resulting in enhanced performance and improved accuracy. In the field of AI, a system’s capacity for “reasoning” refers to more than just classification and prediction. It refers to its ability to analyze information, draw logical conclusions, incorporate context and nuance, and make informed decisions,” Koray Kavukcuoglu, CTO of Google DeepMind, wrote in a blog post .  Gemini 2.0 Flash Thinking was the company’s first reasoning model, and Gemini 2.5 builds on that with a better base model and improved post-training. In its announcement, Google revealed that all of its future AI models will have reasoning capabilities built in. RELATED CONTENT: Mar 21, 2025: AI updates from the past week — Anthropic web search, Gemini Canvas, new OpenA...

Instabug launches new observability features to connect business outcomes with app performance, user experience

The mobile observability company Instabug has announced new features that will help developers better monitor the user experience of their applications. The new features released today include: Frustration-Free Sessions , consolidating multiple frustration signals, like crashes, slow launches, and network failures, into a single metric to give development teams a clear way to measure and improve user experience Business Impact Dashboard , which connects app performance to business outcomes so companies can make data-driven decisions Prioritized Issues List , which ranks issues based on how they impact user frustration and business metrics “For years, mobile teams have relied on incomplete metrics that fail to capture the full user experience,” said Kenny Johnston, chief product officer at Instabug. “With the launch of Frustration-Free Sessions, Business Impact Dashboard, and Prioritized Issues List, we are giving teams the capabilities they need to bridge the gap between visib...

BrowserStack adds Private Devices offering to enabling testing across variety of secured devices

The testing company BrowserStack has announced a new offering to help organizations get access to different devices to test their applications on. The new offering, Private Devices , provides access to real devices that are secured in data centers, which enables organizations to test on those devices without needing to compromise on security or performance. “With Private Devices, we’re addressing the critical needs of enterprise customers who require both advanced security and testing flexibility. With this launch, we’re giving large enterprises the control and resources they need for secure, flexible, and efficient testing,” said Nakul Aggarwal, CTO of BrowserStack. Devices have guaranteed availability, meaning organizations won’t need to queue their tests.  Private Devices also offer persistent device setups that retain apps, accounts, and settings between sessions.  The devices have advanced functionality, such as settings access, native apps, and iCloud functionalit...

How to build a multi-agent orchestrator using Flink and Kafka

Just like some problems are too big for one person to solve, some tasks are too complex for a single AI agent. Instead, the best approach is to decompose problems into smaller, specialized units, where multiple agents work together as a team. This is the foundation of multi-agent systems. Networks of agents, each with specific roles, collaborating to solve larger problems. When building multi-agent systems, you need a way to coordinate how agents interact. If every agent talks to every other agent directly, things quickly become a tangled mess, making it hard to scale, and hard to debug. That’s where the orchestrator pattern comes in. Instead of agents making ad-hoc decisions about where to send messages, a central orchestrator acts as the parent node, deciding which agent should handle a given task based on context. The orchestrator takes in messages, interprets them, and routes them to the right agent at the right time. This makes the system dynamic, adaptable, and scalable. Thin...