AI is everywhere in cloud security right now. Nearly every product claims to be “AI-powered,” and copilots and chatbots promise to help teams interpret issues faster. But for most platform teams, understanding the problem isn’t the hard part. The real challenge is resolution. Cloud environments change quickly, and the backlog of security findings grows just […]
AI-Driven Drift Detection in AWS: Terraform Meets Intelligence
Configuration drift, the divergence of deployed infrastructure from its source-defined configuration, has emerged as a critical vulnerability, particularly within the complex AWS environments I’ve managed, orchestrated by infrastructure as code (IaC) tools like Terraform.
Hybrid Infrastructure Is a Mess—But It Doesn’t Have to Be
If you’re a CIO who is managing hybrid infrastructure, you’re like the peace-keeper in a dysfunctional family. On one side, you’ve got the old-school on-prem team—practical, cost-conscious, maybe a little stubborn. On the other hand, the cloud team is fast-moving, quickly adopting the latest tools, and sometimes a little dismissive of “legacy” infrastructure. And just […]
The DevOps Bottleneck: Why IaC Orchestration is the Missing Piece
If you work in DevOps, you’ve heard it a thousand times: “Do more with less.” More automation, more security, more reliability—but with the same (or fewer) people. Meanwhile, your development teams keep growing, pushing out new features at breakneck speed. Yet somehow, the infrastructure team is supposed to scale magically to keep up. Let’s be […]
The Basics of Infrastructure as Code: A Primer for DevOps
IaC changes the way IT operations and development teams collaborate to create, provision and manage infrastructure and applications. This short introduction explains its benefits.
Mind the Shift: Answering Common Questions About OpenTofu
A lead contributor to OpenTofu answers the (truly) frequently asked questions about the open source project.
What OpenTofu 1.7 Means for DevSecOps
With built-in end-to-end encryption, OpenTofu is a natural DevSecOps fit.
The Problems With Golden Templates That No One Wants to Talk About
Golden templates make it easier to get started with IaC, but they don’t effectively fit users’ needs. Let’s fix that.
IBM Confirms: It’s Buying HashiCorp
Everyone knew HashiCorp was attempting to find a buyer. Few suspected it would be IBM.
OpenTofu Denies Hashicorp’s Code-Stealing Accusations
The legal battle between the faux-open-source HashiCorp and the open source OpenTofu heats up.









