I use AI coding agents every day. I believe they are reshaping how we build software, and I think the teams that adopt them deliberately will outperform those that don't. I am not writing this to warn you away from AI-assisted development. I am writing this because the loudest voices in the AI enthusiasm camp are also the most allergic to discussing what can go wrong. And that worries me more than
El problema real Gestionar infraestructura manualmente sigue siendo uno de los mayores puntos de fricción en equipos DevOps. Cambios no auditados, configuraciones inconsistentes entre ambientes y despliegues manuales generan errores difíciles de rastrear y operaciones poco confiables. La solución moderna es automatizar completamente el ciclo de vida de infraestructura y despliegue utilizando Inf
When most developers want to scan their code for security vulnerabilities, they install Semgrep or Snyk and call it a day. I did the opposite. I built one from scratch. Not because the existing tools are bad — they're excellent. But because I'm transitioning from 13 years of software engineering into application security, and I wanted to understand what a SAST tool actually is underneath the hood.
On Second Thought — Episode 06 The ORM hides the SQL. The cache hides the ORM. The service mesh hides the services. The operator hides the YAML, which already hid the kubelet, which already hid the container, which already hid the process. By Tuesday, nobody quite remembers what the original problem was. They are too busy configuring its sixth wrapper. This is the post about that wrapper. When som
Every team experiences incidents. The teams that grow stronger from them are the ones that take postmortems seriously — not as blame sessions, but as structured learning opportunities. Yet most postmortems end up as a wall of text nobody reads twice, filed away and forgotten until the same incident happens again six months later. This guide walks you through writing postmortems that genuinely chan