Amazon Web Services (AWS) today made a pair of artificial intelligence (AI) agents to manage DevOps workflows and conduct penetration tests generally available. Neha Goswami, director of Agentic DevOps at AWS, said AWS DevOps Agent provides software engineering teams with an always-available assistant that can automatically optimize application reliability and performance in addition to automating specific incident management tasks. The AWS Security Agent, meanwhile, provides on-demand penetration testing capability that reduces the time required to test an application for vulnerabilities and other security weaknesses from months to days, said Goswami. The overall goal is to provide DevOps teams with AI…
Author: drweb
Mar 23, 2026 Trivy supply chain compromise: What Docker Hub users should know On March 19, 2026, threat actors compromised Aqua Security’s CI/CD pipeline and used stolen credentials to push backdoored versions of the aquasec/trivy vulnerability scanner to Docker Hub. A second wave of compromised images followed on March 22. The malicious images contained an infostealer targeting CI/CD secrets, cloud credentials, SSH keys, and Docker configurations. This post summarizes what happened, what Docker did in response, and what you should do if you use Trivy. Read now
Here’s a scenario every developer recognizes: You push code at 3 p.m., grab a coffee and return to a red dashboard. The errors point to a timeout in a service you didn’t touch. Your first instinct? Hit re-run. When that fails, you hit it again. This is the trust tax — the cost you pay when your test infrastructure loses credibility. It’s the thing that kills most CI/CD investments. Not bad technology. Not missing features. Just developers quietly deciding the results aren’t worth paying attention to. Three Metrics That Actually Matter I started tracking what predicts when developers give up on tests. It’s not code coverage or test count. What matters are three specific behaviors. Re-run rate is how often developers manually retry tests. When they’re hitting retry on more than 30% of their PRs, they’re not testing — they’re gambling. That 30% mark is where I’ve consistently seen the mental shift: Below it, developers assume failures are their fault. Above it, they…
On the internet, you will find plenty of tools for checking disk space usage in Linux. However, Linux has a strong built-in utility called ‘df‘. The ‘df‘ command stands for “disk filesystem“, it is used to get a full summary of available and used disk space usage of the file system on the Linux system. Using ‘-h‘ parameter with (df -h) will show the file system disk space statistics in “human-readable” format, which means it gives the details in bytes, megabytes, and gigabytes. In this guide, we’ll go beyond the basic flags and show you how to actually read df…
Apache Iceberg has effectively won the open table format conversation. AWS, Google Cloud, Microsoft, Snowflake, Databricks — every major platform has thrown its weight behind it. If you work in data engineering or platform operations, the question is no longer whether Iceberg is the right foundation. It’s what it actually takes to run it day to day. That second question doesn’t get nearly enough airtime. And it’s the one that determines whether your Iceberg adoption goes well or becomes a slow-motion infrastructure project that nobody budgeted for. The Gap Nobody Talks About Here’s what Iceberg gives you: a table format…
Lightrun has added an ability to dynamically pull missing telemetry evidence from live application environments without having to deploy additional instrumentation to its namesake site reliability engineering (SRE) platform that is based on artificial intelligence (AI). Company CEO Ilan Peleg said the Lightrun AI SRE platform includes a sandbox deployed via a software development kit (SDK) that can now be integrated with a live application environment to collect new evidence, test hypotheses, and validate outcomes against real execution behavior without having to deploy additional agents to collect telemetry data. The overall goal is to provide DevOps teams with much-needed additional…
GraphQL adoption within enterprise environments follows a predictable pattern. A single team implements it successfully, word spreads and suddenly dozens of services want to expose data through your graph. More than 60% of enterprises will use GraphQL in production by 2027, up from less than 30% in 2024. The schema that worked beautifully for three microservices becomes unwieldy at 30. Schema decisions that seem trivial early on compound into serious technical debt. Nested types that perform well during development can trigger cascading database queries when real traffic arrives. Field naming conventions established by one team clash with another team’s domain language. Nullable versus non-nullable choices made without foresight create breaking changes that ripple across client…
Pong is one of the first computer games ever created, way back in 1972. If you have never heard of Pong, you can think of it as a kind of “tennis” game. There are two paddles, on each side of the screen. They move up and down. The goal is to bounce a ball between the two paddles. If you miss the ball, your opponent scores a point. Atari created Pong and put it in arcades. The name of the game is derived from the game of ping-pong. Pong has been remade many times, with different features and gameplay elements…
I saw a question asking about the next sequence value and decided to try and answer it myself. I assumed this would be easy, and it was, but I used some AI help to make it very quick to get the value and learn something.Another post for me that is simple and hopefully serves as an example for people trying to get blogging as #SQLNewBloggers.Checking for SequencesI know I’ve done some testing lately with sequences for a customer, so I decided to ask Prompt AI to help. I connected to a database and asked this question after clicking ALT+Z.I got…
Linux filesystems are responsible for organizing how data is stored and retrieved. Over time – due to sudden power failures, forced shutdowns, hardware issues, or software bugs – a filesystem can become corrupted, and certain parts of it may become inaccessible. When that happens, you need a reliable way to detect and fix those inconsistencies before they cause data loss or system instability. This is where fsck (File System Consistency Check) comes in. In this article, we’ll cover everything you need to know about fsck from basic usage to running it safely on root and production partitions. What is fsck…