
Securing Chaos at Scale Without Slowing Down
For a long time, I wanted to write a blog post talking about how the software development and...

Author profile
Cloud Security Architect | AWS Community Builder | Public columnist | CISSP | CCSP | CISM | CISA | CDPSE | Author of the books "Cloud Security Handbook" and "Security for Cloud Native Applications"
Browse the latest writing surfaced through DevArt.

For a long time, I wanted to write a blog post talking about how the software development and...

Since the early days of GenAI, when ChatGPT launched in late 2022, we began using prompt engineering...

In 2025 I published a blog post titled Common security pitfalls using Vibe coding, where I briefly...

In 2023, I published a blog post titled My journey to the world of social networks, where I shared my...

If you have followed my posts on social media, you know by now that I've taken a very pragmatic (and...

Claude Cowork is an agentic AI tool from Anthropic designed to perform complex, multi-step tasks...

In February 2026, Anthropic released a new capability for Claude Code called Claude Code Security - a...

Amazon Nova Forge is a development environment within Amazon SageMaker AI dedicated to building...

Clawdbot (now renamed Moltbot) is an open-source, self-hosted AI assistant that runs on your own...

If you give an AI system the ability to act, you give it risk. In earlier posts, I covered how to...

For many years, organizations embracing the public cloud knew there were two main types of compute...

In the over-evolving tech world, we often see organizations (from C-Level down to architects and...

The concept of vendor lock-in existed for many years; organizations chose commercial, and in many...

In 2023, I published a blog post titled Sharing Knowledge as a Way of Life, where I suggested that...

When organizations used to build applications in the past (mostly on-prem, but also in the public...

Today, we hear about so many organizations (from small start-ups to large enterprises) experimenting...

When looking at public documentation in the last quarter of 2025, we can say it was not the best time...

In part 1 of this series, I have discussed Ingress controllers and Gateway APIs as a way to control...

In November 2025, I came across an announcement on the Kubernetes blog – Ingress NGINX Retirement:...

In 2023, I published a blog post titled "Is the Public Cloud Ready for IPv6?", where I tried to...

When designing cloud-native applications and following the Twelve-Factor App methodology "Config"...

When working with public clouds, we all heard of the Shared Responsibility Model, where the cloud...

When designing for resiliency, we usually think about deploying an entire workload over multiple...

In the past year, we have not heard about generative AI, without hearing terms such as agentic AI, AI...

If you have been following my blog post in the past several years, you probably have noticed that I'm...

In 2020, I published a blog post titled Importance of Cloud Strategy where I explained that cloud...

Modernizing legacy monolithic applications from on-prem to the public cloud is a challenging...

When talking to different roles in the IT industry, we often hear about tension between security...

The term MCP (Model Context Protocol) was first introduced by Anthropic in November 2024 as an open...

We have been hearing the term "vibe coding" since early 2025, and perhaps the earliest time it was...
Advertisement