Skip to main content

Posts

5 common assumptions in load testing—and why you should rethink them

Over the years, I’ve had countless conversations with performance engineers, DevOps teams, and CTOs, and I keep hearing the same assumptions about load testing. Some of them sound logical on the surface, but in reality, they often lead teams down the wrong path. Here are five of the biggest misconceptions I’ve come across—and what you should consider instead. 1⃣ “We should be testing on production” A few weeks ago, I had a call with one of the biggest banks in the world. They were eager to run load tests directly on their production environment, using real-time data. Their reasoning? It would give them the most accurate picture of how their systems perform under real conditions. I get it—testing in production sounds like the ultimate way to ensure reliability. But when I dug deeper, I asked them: “What happens if today’s test results look great, but tomorrow a sudden traffic spike causes a crash?” Who takes responsibility if a poorly configured test impacts real customers? A...
Recent posts

Opsera Raises $20M to Drive AI-Powered DevOps Platform Innovation, Accelerating AI Agent Adoption and Developer Efficiency

Opsera, the AI-Powered DevOps platform trusted by top Fortune 1000 companies, today announced it has raised $20M in Series B funding, led by Prosperity7 with participation from Hitachi Ventures. The funding culminates a breakout year with several product releases that position Opsera as one of the market’s most flexible and intelligent AI-powered DevOps platforms for all apps and teams. Significant accomplishments include signing key industry partnerships with GitHub, Microsoft, AWS, and Databricks , 200% revenue growth since raising Series A+, and adding several key Fortune 1000 customers. Learn More About Opsera: https://www.opsera.io/   Empowering Developers with Agentic AI and Unified Insights The DevOps industry is undergoing a seismic shift driven by AI-driven automation, security integration, and the need for rapid, reliable software delivery. Organizations now prioritize AI Agentic approaches — systems where autonomous AI agents optimize workflows, predict risks, and s...

Analyst View: Why platform engineering matters more than ever

In Greek mythology, Odysseus had to navigate between Scylla and Charybdis — two perils threatening from both sides. Today’s IT leaders face a similar dilemma: technical debt and sprawl on one side; excessive bureaucracy and stifling controls on the other. Enter platform engineering, the emerging discipline that offers a way to steer between these hazards and deliver software faster, safer, and at scale. From freedom to sprawl to over-control The story starts with the mainframe era, where infrastructure decisions were simple and everything was standardized. Then came distributed computing, bringing freedom and flexibility but also chaos. Every project team made its own decisions: what database to use; how to handle authentication; where to store logs. The result? A fragmented, unmanageable landscape of bespoke solutions. Enterprise architecture (EA) teams starting in the 1990s attempted to rein in the chaos by imposing standardization. But their methods — lengthy checklists, rigid ap...

Sonatype reveals 18,000 malicious open source packages in its Q1 Open Source Malware Index

Sonatype, a company focused on software supply chain security, has announced the results of its quarterly Open Source Malware Index , which provides insights into malicious open source packages.  The index found 17,954 malicious open source software packages, including several hijacked npm crypto packages, a malicious npm package disguised as the Truffle for VS Code extension, and fake Solana packages .  Fifty-six percent of the packages were related to data exfiltration. These packages would be used by attackers to obtain sensitive data from the systems they are installed on.  For comparison, the Q4 2024 report found that only 26% of packages were related to data exfiltration, signaling an increasing risk of sensitive information being compromised through open source components.  Eighty percent of the packages Sonatype found were categorized as “sophisticated and threatening types of malware,” like droppers or code injection malware.  “From hijacked ...

Kong AI Gateway updated with features to reduce LLM hallucination and protect sensitive personal data

Kong has announced updates to its AI Gateway , a platform for governance and security of LLMs and other AI resources.  One of the new features in AI Gateway 3.10 is a RAG Injector to reduce LLM hallucinations by automatically querying the vector database and inserting relevant data to ensure the LLM is augmenting the results with known knowledge sources, the company explained. This improves security as well by putting the vector database behind the Kong AI Gateway, and also improves developer productivity by allowing them to focus on things other than attempting to reduce hallucinations. Another update in AI Gateway 3.10 is an automatic personally identifiable information (PII) sanitization plugin to protect over 20 categories of PII across 12 different languages. It works with most major AI providers, and can run at the global platform level so that developers don’t need to manually code the sanitization into every application they build. According to Kong, other similar sani...

Report: Security is no longer the top challenge in cloud native environments

Security used to be the biggest challenge companies implementing cloud native technologies faced, but according to a new report from the Cloud Native Computing Foundation (CNCF), that is no longer the case. The CNCF’s 2024 Cloud Native Survey , which surveyed 750 members of the CNCF community, revealed that cultural changes are now the top challenge, with 55% of respondents citing this as the number one issue.   “When cloud native computing was maturing, technical issues like security, networking, storage, and observability were major pain points. Today, though, more seasoned cloud native practices have helped make technical challenges more manageable, meaning organizations can focus their attention on culture and process shifts. Whether it’s a move to platform engineering or GitOps, or a transition from a monolithic architecture to a microservices one, these culture-change efforts are the logical, if tricky, next steps in the cloud native evolution, as the survey results r...

Report shows overinflated opinion of infrastructure automation excellence

Many infrastructure technology teams believe they have mastered infrastructure automation, but the data tells a different story. We commissioned a survey to explore the state of infrastructure automation, and this research uncovered a stark gap between perception and reality. While 45% of organizations believe they have achieved a high level of infrastructure automation, only 14% exhibit the behavior and technology patterns of infrastructure automation excellence. This is one of the illuminating findings of our survey of 413 infrastructure tool purchase decision-makers and influencers, conducted by Panterra. Full results are detailed in “ The State of Infrastructure Automation ” report, available for download. What I find most compelling about the survey revelations—and what the report addresses in detail—is the critical challenge facing technology decision-makers: balancing the need for speed with the necessity of control. In the pursuit of rapid deployment, many teams have sacrific...

March 2025: All AI updates from the past month

Software companies are constantly trying to add more and more AI features to their platforms, and AI companies are constantly releasing new models and features.  Here are all the major AI updates we covered in the month of March. Google releases reasoning model Gemini 2.5, its “most intelligent AI model” yet Gemini 2.0 Flash Thinking was the company’s first reasoning model, and Gemini 2.5 builds on that with a better base model and improved post-training. In its announcement, Google revealed that all of its future AI models will have reasoning capabilities built in. The first Gemini 2.5 model is Gemini 2.5 Pro Experimental, and it leads in LMArena benchmarks over other reasoning models like OpenAI o3-mini, Claude 3.5 Sonnet, and DeepSeek R1. “Gemini 2.5 models are thinking models, capable of reasoning through their thoughts before responding, resulting in enhanced performance and improved accuracy. In the field of AI, a system’s capacity for “reasoning” refers to more than j...

Mar 28, 2025: AI updates from the past week — Gemini 2.5, OpenAI 4o image generation, new reasoning agents from Microsoft, and more

Software companies are constantly trying to add more and more AI features to their platforms, and AI companies are constantly releasing new models and features. It can be hard to keep up with it all, so we’ve written this roundup to share several notable updates around AI that software developers should know about.  Google releases reasoning model Gemini 2.5, its “most intelligent AI model” yet Gemini 2.0 Flash Thinking was the company’s first reasoning model, and Gemini 2.5 builds on that with a better base model and improved post-training. In its announcement, Google revealed that all of its future AI models will have reasoning capabilities built in. The first Gemini 2.5 model is Gemini 2.5 Pro Experimental, and it leads in LMArena benchmarks over other reasoning models like OpenAI o3-mini, Claude 3.5 Sonnet, and DeepSeek R1. “Gemini 2.5 models are thinking models, capable of reasoning through their thoughts before responding, resulting in enhanced performance and improved ...