A survey of 954 IT decision-makers suggests more resources are now being allocated to reducing friction across the software development lifecycle (SDLC). Conducted by CDW, the survey finds more than two-thirds of respondents (68%) report their organization has adopted an internal developer platform (IDP). The primary goal is to improve operational efficiency (57%), provide better user experiences (48%), and improve observability and security (47%), the survey finds. However, a significant percentage of respondents also noted that their development teams are still encountering friction, with systems integration (25%) and security and compliance restrictions (23%) identified as the two primary sources. Additionally,…
Author: drweb
Security has long been the last item on the checklist. Code gets written, reviewed, merged—and then, somewhere down the line, a security team takes a look. That model worked when development moved at a human pace. It doesn’t work as well when AI writes and refactors code faster than any team can keep up with. Vercel is taking a direct shot at that problem with the open-source release of deepsec, an agent-powered security harness that runs on your own infrastructure and surfaces hard-to-find vulnerabilities in large codebases. How It Works Deepsec uses Claude and Codex to conduct a tailored investigation…
PlanTrace Now Supports PostgreSQLThe same plan analysis you know from Redshift, now for PostgreSQL — including EXPLAIN ANALYZE, buffer stats, and JSON format. When I built PlanTrace, it was a Redshift-only tool. Paste your EXPLAIN output, get an interactive graph, cost heatmap, and tuning insights — all client-side, nothing stored. It worked well, but Redshift is only part of the picture for most teams. PostgreSQL is where most development happens, where staging environments live, and where a lot of production workloads run. So I extended PlanTrace to support it — same interface, same zero-friction flow, automatic engine detection.How it works…
A small internal tool was built over a weekend. An engineer used an AI coding assistant to generate most of the backend. A simple interface was added, a few API calls were wired together and within hours the app was live. The app worked. The app felt fast. The app looked like progress. No one thought much about how the tool was deployed. There was no pipeline, no review process and no structured testing. The code was generated, copied, slightly adjusted and pushed into an environment that was already running. For a while everything seemed fine. Then something subtle happened.…
A global survey of 636 software development professionals published today finds nearly two-thirds (64%) believe they are achieving at least a 25% increase in developer velocity and productivity using artificial intelligence (AI). Conducted by Jellyfish, a provider of a software engineering intelligence platform, just under a quarter (24%) report there has been a 50% to 100% increase in developer velocity and productivity, while another 6% have seen an increase of 100% or more. The top use cases for AI are code writing (53%), code review (49%) and code explanation (43%), with Claude Code (39%), Gemini Code Assist (35%) and GitHub…
As we move through 2026, the Linux distribution landscape has shifted more noticeably than it has in years, with new names breaking into the top 10, old favorites holding their ground, and a few distros that dominated the conversation for over a decade quietly slipping down the chart. DistroWatch has been tracking Linux distributions since 2001 and remains the most widely referenced source of information about open-source operating systems. With a particular focus on Linux distributions and flavors of BSD. It collects and presents a wealth of information consistently, from release announcements and package comparisons to user reviews and version…
The default reaction to vibe coding has been alarm — a default assumption that letting AI write large chunks of an application is going to flood production with vulnerabilities and undocumented behavior. That fear is doing as much damage as the bad code people are afraid of. Teams that freeze, ban the tools or push the work into the shadows end up with less visibility into how AI is actually showing up in their codebase, not more. Tyler Merritt, CTO at UneeQ, joins Mike Vizard to push back on the panic and reframe the problem. Merritt’s argument is that AI-assisted…
I’m doing a small series on indexing basics for SQL Server, and on May 14th I’ll be presenting the third part which is about columnstore indexes. You can watch the webinar for free, but registration is required. The webinar is only 30 minutes long and will focus on the basics.The post Free Webinar about Columnstore Indexes first appeared on Under the kover of business intelligence.
Over the past few weeks, I’ve been contacted by multiple customers experiencing the same frustrating issue. Applications and SSMS sessions that had been rock-solid for years suddenly started throwing errors when connecting over VPN:Msg 10054: “An existing connection was forcibly closed by the remote host.”“Connection Failure (status code = 3000, [Microsoft][ODBC Driver 17 for SQL Server] The connection is broken and recovery is not possible…”Naturally, everyone assumed it was a SQL Server problem – which is why they called me.On the server side, though, everything looked normal. The client would connect, run a query, and then the connection would drop.…
In today’s fast-paced software development landscape, Continuous Integration and Continuous Deployment (CI/CD) pipelines are essential for delivering applications efficiently. However, the speed and automation they offer can inadvertently introduce security vulnerabilities if not properly managed. Integrating security into CI/CD pipelines, often referred to as DevSecOps, is no longer optional; it’s a necessity. The Importance of Security in CI/CD Traditional security practices often occur late in the development cycle, leading to delays and increased costs when vulnerabilities are discovered. By embedding security checks into the CI/CD pipeline, teams can identify and address issues early, reducing risk and maintaining development velocity. Key…