Using an LLM to judge another LLM became widespread in 2024 and remains, in 2026, the only scalable way to evaluate qualitative quality in LLM systems. It is reliable when judge-human correlation exceeds 0.7 on 30 cases and gets recalibrated quarterly; below that threshold, do not trust the number.
Opus 4.7 launched as Anthropic's most capable model, with emphasis on long-horizon agentic work. After two months of intensive use, these are the practical changes versus Opus 4.6.
The first invoice for a production agent usually runs double or triple the estimate. This article walks through five real levers, in priority order, caching, routing, context control, batching, and telemetry, to cut cost without touching perceived quality.
After fourteen months testing AI-integrated DevOps tools across several teams, the stack that stays is small: Claude Code, Cursor, and Aider for code; PagerDuty AIOps, Datadog Bits AI, and Grafana Assistant for alert triage; and OpenTofu with OPA for infrastructure generation bounded by policy rules.
AI agents fail in production, and what matters is how you respond in the first twenty minutes. This runbook covers severity classification, isolating before investigating, purging contaminated memory, communicating without inventing facts, and turning every incident into a regression test before closing it as done.
The RICE framework is a prioritization methodology created by Intercom that produces a score by combining four factors: Reach, Impact, Confidence, and Effort. It divides the product of the first three by the estimated effort in person-months, so it can compare unrelated initiatives using one objective number.
Prompt engineering has moved from viral tricks to a discipline with reproducible patterns: few-shot, chain-of-thought, and structured output with function calling. Teams treating prompts like code (versioned, tested, and monitored) get consistently better results than those who improvise.
Two years after the final NIST standards, post-quantum migration is no longer hypothetical. What has actually been migrated, what remains stuck, where the real operational problems lie, and how the timelines look from April 2026.
Tres años después de que platform engineering se convirtiera en palabra de moda, el polvo ha caído. Unas pocas empresas tienen plataformas internas que de verdad aceleran al desarrollo, muchas montaron un portal Backstage vacío y algunas volvieron a DevOps clásico. Análisis de qué distingue a las que ganaron.
La factura de IA en las empresas ha dejado de ser anecdótica. Entre tokens de modelos frontera, GPUs reservadas que nadie usa y pipelines RAG con cachés mal configuradas, muchos equipos pagan diez veces lo que deberían. Guía de FinOps específico para IA sin relatos promocionales.
Guardrails frameworks promise to filter language-model inputs and outputs to block data leaks, harmful content, or hallucinations. After evaluating four of the most popular ones in production, I cover what they actually do, what latency and billing cost they add, and when they pay off over simpler controls.
After three years of expansion and an overheated ecosystem around the term, platform engineering enters 2025 in a consolidation phase. The internal platforms that survive are the ones that understood their real function; those that mistook the label for the solution are dismantling their teams or cutting them drastically.
Probar sistemas que incluyen modelos de lenguaje rompe la primera regla del testing: la misma entrada da la misma salida. Analizo las estrategias que han funcionado tras un año largo integrando IA en productos reales, por qué los tests deterministas tradicionales no bastan y cómo plantear un cinturón de pruebas que capture regresiones sin bloquearse en la varianza.
Los equipos de producto están tentados de sustituir entrevistas y tests reales por síntesis de IA. Dos años de experiencia ya permiten separar dónde la IA ayuda de verdad y dónde genera una falsa sensación de entender al usuario.
Dependabot and Renovate chase the same goal with different philosophies. I compare both after years running them on my own and client projects, covering when one fits better and when the other suits a team's workflow more.
A year ago open weights were a gamble; today they are a real production option. I review what has worked, what has not, and how Llama, DeepSeek, Qwen, and Mistral are fitting into enterprise architectures that used to depend on closed APIs.
Two years into living with AI assistants in the editor, habits have settled. A reflection on what has changed in day-to-day coding, what has been learned, and what was still left to discover.
Three years after RLHF became popular, the model-alignment field is far richer. A review of RLHF, DPO, and newer methods such as KTO and ORPO, with criteria for choosing between them.
SLSA v1.0 splits software supply-chain security into three tracks (Build, Source, and Dependencies), of which only Build is stabilized, with three levels: L1, L2, and L3. If you build in GitHub Actions, reaching L2 with Sigstore-signed provenance takes a few hours and is the starting point I recommend to any team.
Measuring RAG quality rigorously takes more than skimming a handful of answers: it requires objective metrics (faithfulness, relevance, context precision, and coverage), a golden set of hundreds of curated questions, and regular human validation of the LLM judge to avoid misleading conclusions.
Software is not immaterial: every request and database query consumes electricity with a carbon footprint. The Green Software Foundation encodes eight practical principles to reduce that footprint without rewriting systems. The result is a more efficient service, a lower cloud bill, and readiness for ESG regulation.
Kubecost and OpenCost map real costs to namespaces, deployments, and labels in Kubernetes. OpenCost, the Apache 2.0 open-source core, covers essentials for free. Kubecost adds multi-cluster visibility and advanced cloud billing. For clusters spending over $5,000/month the ROI is clear: identified savings typically exceed software cost within the first month.
Chaos engineering is the practice of injecting real-world failures into production in a controlled way to verify that the system responds as expected. It requires prior hypotheses, a minimal blast radius, and mature observability. Open-source tools like Litmus and Chaos Mesh make adoption accessible without commercial spend; the ROI comes as avoided incidents and better-prepared teams.
Ansible and Pulumi solve different problems and are not competitors: Ansible manages configuration inside a server (packages, users, services); Pulumi defines, with real code in TypeScript, Python, Go or .NET, which cloud infrastructure exists (VPCs, instances, databases). Combining them, with Pulumi's dynamic inventory feeding Ansible, is the most productive pattern for automating a stack that includes servers in the cloud.
Evaluating a RAG system without metrics is pure guesswork. Ragas measures four core signals: faithfulness, answer relevancy, context precision and context recall, using an LLM as judge. TruLens, DeepEval and other frameworks cover similar ground. Wiring evaluation into CI from day one catches regressions in prompts, chunking or model choice before they reach production.
Carbon-aware computing runs flexible workloads when grid electricity emits less CO2, cutting emissions 10-30% without changing infrastructure. Grid carbon intensity varies up to 16x by hour and region; tools like Electricity Maps, WattTime and the Carbon Aware SDK make that scheduling possible with real grid data.
Sigstore has become the standard signing layer for OCI artefacts. GHCR is the best-integrated registry; Harbor 2.5+ and Quay offer native support; AWS ECR pushes its own KMS scheme. Verification earns its keep at three points: the cluster admission controller, the GitOps layer, and the CI/CD pipeline. The public Rekor has rate limits that force self-hosting past a certain build volume.
SLOs and error budgets only work when the budget drives real decisions. A feature freeze that triggers on exhaustion, deploy velocity that adjusts to consumption. With two or three well-chosen SLIs, a clear freeze policy, and simple tools like Prometheus with Sloth, a team can sustainably balance velocity and reliability in production.
Blameless post-mortems are easy to proclaim but hard to execute well. Without genuine blame-free culture, a factual timeline, honest contributor analysis, and action items with a clear owner and deadline, the exercise degenerates into empty ritual that does nothing to prevent the same incidents from recurring.
An Internal Developer Platform (IDP) centralises service discovery, provisioning and observability in a single portal, so developers stop depending on stale wikis and Slack channels. Backstage, Port and Cortex dominate the market: Backstage is open source with a dedicated team, Port is fast low-code SaaS, and Cortex focuses on scorecards for measurable technical discipline based on team size.
The SaaS market is consolidating after years of fragmentation: private equity acquisitions, licence changes, and double-digit price hikes have shifted negotiating power toward vendors. A practical framework to audit your exposure, build credible migration pressure, and design exit strategies that work when you actually need them.
Signing images and artifacts with Sigstore has stopped being a rare experiment: projects like Kubernetes already use it. The keyless model in cosign, Fulcio, and Rekor removes private-key management, but it only protects you if deployment verifies who signed, not just whether a signature exists.
Flux CD and ArgoCD are the two CNCF-graduated GitOps tools for deploying to Kubernetes with Git as the source of truth. ArgoCD offers a centralised visual UI that manages several clusters from one instance, while Flux is a set of Kubernetes-native controllers with built-in image automation. Neither choice is wrong: it depends on your team and use case.
ArgoCD has established GitOps as the standard deployment practice for Kubernetes: the Git repository is the single source of truth for the desired state, and the agent continuously reconciles the cluster. This guide covers the four formal GitOps principles, sync policies, common production mistakes, and a comparison with Flux.
Platform engineering formalizes the internal product development teams need. An Internal Developer Platform (IDP) centralises deployment, observability and self-service behind a unified interface so product teams deliver value without becoming infrastructure experts. Investment pays off from around 30 to 50 developers.
SLSA v1.0, published in April 2023, defines four maturity levels for securing the software supply chain, from basic provenance to isolated builds. Level 3 requires every build to run in an ephemeral, stateless environment, eliminating attacks like build contamination and insider threat, and is achievable with GitHub Actions and OIDC signing via Sigstore.
FinOps turns cloud cost into an engineering discipline rather than a finance problem. The Inform-Optimize-Operate framework delivers per-team visibility, continuous waste reduction, and cost SLOs. Rigorous tagging and open-source tools like Kubecost or Infracost let teams regain control of the bill without slowing delivery.
Google's SRE book (2016) is canonical reading, but it is written for thousands of engineers and in-house datacenters: applying it literally on a small team creates friction. Five principles do travel (SLOs, error budgets, blameless postmortems, toil management, humane on-call); what does not scale is Google's infrastructure and dedicated roles.
With 30 or more microservices, end-to-end tests become slow, fragile and impractical. Pact implements consumer-driven contract testing: the consumer defines what it expects, the provider verifies it in its own CI pipeline, with no shared environment needed. The result is integration proof in seconds, not minutes.
To write Prometheus alerts that won't get ignored, alert on customer-observable symptoms (latency, error rate, saturation) instead of internal causes like CPU or memory, define SLOs with multi-window burn rate to scale severity, add a watchdog alert that confirms the system is still alive, and review the signal-to-noise ratio every quarter.
The MoSCoW method organises project requirements into 4 categories: Must have (essential), Should have (important), Could have (desirable), and Won't have (out of scope). Its purpose is to force an explicit priority conversation before committing team resources and time.
The Kano model classifies product features into three types: basics (what customers take for granted), performance (where more investment yields more satisfaction), and emotional delighters (unexpected extras that build loyalty). Knowing which category each feature belongs to sharpens every roadmap decision.
Design thinking is a user-centred problem-solving methodology structured around five iterative phases: empathise, define, ideate, prototype, and test. Following the Design Council Double Diamond model, it first identifies the right problem, then designs the right solution. Applicable to digital products, internal processes, and business models alike.
The OKR (Objectives and Key Results) methodology is a goal-management system that aligns the entire organisation, from the CEO to every team, around ambitious, measurable goals. Each qualitative objective pairs with quantifiable key results, reviewed every quarter to keep focus without the rigidity of an annual plan.
Agile methodologies (Scrum, Kanban, Extreme Programming) replace rigid upfront planning with short, iterative cycles: each sprint delivers working software, brings in real customer feedback, and lets teams correct course before a mistake becomes expensive. Born from the 2001 Agile Manifesto, they are now applied well beyond software, in marketing, design, and research too.
SMART, OKR, and Balanced Scorecard are the three reference methodologies for defining strategic objectives: SMART validates that each objective is specific and measurable, OKR vertically aligns organisational ambition through quarterly reviews, and Balanced Scorecard connects financial indicators with processes, customers, and learning across four complementary perspectives.
5 min2394.5
We use first- and third-party cookies to analyze site traffic. You can accept them, reject them, or configure your choice.
Learn more about cookies
Cookie preferences
NecessaryEssential for the site to work. Always on.
AnalyticsHelp us understand how the site is used (Google Analytics).