1 minute read

Fitting into the overall zeitgeist, several AI posts this week. From observations about the challenges with building LLM-backed features, to security considerations when adopting AI. Plus classic topics like packaging, infrastructure as code tools and DNS.

StackHawk sponsors Devops Weekly

Is your AppSec team copy and pasting lines of YAML every time a new app is ready for security testing? Try this instead: utilize environment variables and modularize configurations to share common elements across different applications.


Lots of folks are going to be building features backed by LLMs. This post covers some of the questions you’ll need to answer, based on an observability use case too.

Attacking AI systems is a whole new risk as the adoption of AI tools picks up. This post looks at building up an AI attack surface map that might be useful to anyone thinking about this problem.

An in-depth post on anomaly detection. Discusses core platform, algorithms and specific use cases around spam detection and ML model changes.

The joke goes that it’s always DNS. So understanding how DNS works is useful when dealing with lots of real world incidents. One way of learning a bit more about DNS is building your own resolver from scratch.

An interesting packaging approach. This post looks at how to package up an open policy agent policy into a standalone executable using Nix.

Not everyone jumps on new technology straight away, and it’s often more useful that people think to provide a beginner friendly introduction. Here’s a useful post to share with folks new to Kubernetes.


Kestra is an open-source, event-driven orchestrator that aims to simplify data operations and collaboration around data. It has both a declarative YAML interface and a rich GUI.

Org-formation is a dedicated infrastructure as code tool for managing AWS Organizations.