Our latest State of Software Delivery report analyzed more than 28 million CI workflows and found a pattern that should give engineering leaders pause. Average throughput grew 59% year over year. Main branch activity for the median team declined 7%. Teams are generating more code than ever before. Less of it is reaching production. The […]
AI Is Changing How We Write Infrastructure, But It’s Not Solving How We Control It
Over the past year, AI has fundamentally changed how software is written. Infrastructure code is no exception. Tasks that once required deep familiarity with tools, syntax, and workflows can now be handled through natural language. Engineers are no longer starting from a blank file. In many cases, reviewing and modifying code generated for them has […]
Iceberg Won the Format War — Now Comes the Hard Part
Apache Iceberg has effectively won the open table format conversation. AWS, Google Cloud, Microsoft, Snowflake, Databricks — every major platform has thrown its weight behind it. If you work in data engineering or platform operations, the question is no longer whether Iceberg is the right foundation. It’s what it actually takes to run it day […]
Why the Next Wave of Infrastructure Automation Requires a Different Kind of Intelligence
Every decade or so, something fundamental shifts in how we think about infrastructure. Not an upgrade, a rethinking. Virtualization changed what infrastructure was. The cloud changed where it lived. Infrastructure as Code changed how it was defined. Each of those shifts felt incremental from the inside and transformative in hindsight. We’re at one of those […]
Bridging the Dev–Security Gap With Smarter Authorization
Software teams have always lived with a built-in tension – developers push to ship fast, while security teams pump the brakes to assess risk. Now, with AI flooding the enterprise, that friction is spiking. One recent survey found a staggering 322% jump in privilege-escalation risks tied to AI-generated code. The root problem isn’t new – […]
The Future of Infrastructure Automation in the Age of Autonomous Agents
For more than a decade, the evolution of infrastructure automation has followed a clear trajectory. Organizations have invested in workflows, pipelines, controllers, and compliance engines because the market demanded stronger guarantees around reliability and scale. Outages turned into measurable losses. Small misconfigurations cascaded into systemic failures. Even highly skilled teams struggled to keep pace with […]
ClickOps, IaC and the Excluded Avocado Middle
Let’s start with a confession: I think Infrastructure-as-Code solves a lot of problems. Terraform, OpenTofu, Pulumi, all of it. IaC changed how we work. It gave us version control, audit trails, repeatability, and a level of discipline that the old “log in and click around” era couldn’t touch. But somewhere along the way, we turned […]
Learning From the Past: What Automation Mistakes Can Teach Us About AI
Across industries, organizations are rushing to embed AI into their operations. In fact, 84% of organizations are looking to add more AI capabilities within the next three years. From customer service bots to AI copilots, the future is arriving faster than many expected. But in the rush for quick wins, many executives are overlooking a […]
Securing the AI Era: How Development, Security, and Compliance Must Evolve
The Code Boom and Its Paradox We are witnessing an unprecedented shift in how software is built. With the rise of AI copilots, automated agents, and low-code platforms, code is being produced faster than at any point in history. What once took weeks can now be generated in minutes. This is a remarkable advance, but […]
Infrastructure as Code, Security Blind Spots, and the Messy Reality of DevOps
I’ve spent most of my career in infrastructure and reliability engineering, from years as an SRE at Google to leading teams at Facebook and now building Spacelift. Along the way, I’ve watched entire paradigms rise and fall, seen technologies mature, and learned some hard lessons about where DevOps and security meet—and where they clash. The […]