Using an LLM to judge another LLM became widespread in 2024 and remains, in 2026, the only scalable way to evaluate qualitative quality in LLM systems. It is reliable when judge-human correlation exceeds 0.7 on 30 cases and gets recalibrated quarterly; below that threshold, do not trust the number.
Opus 4.7 launched as Anthropic's most capable model, with emphasis on long-horizon agentic work. After two months of intensive use, these are the practical changes versus Opus 4.6.
AI agents fail in production, and what matters is how you respond in the first twenty minutes. This runbook covers severity classification, isolating before investigating, purging contaminated memory, communicating without inventing facts, and turning every incident into a regression test before closing it as done.
Prompt engineering has moved from viral tricks to a discipline with reproducible patterns: few-shot, chain-of-thought, and structured output with function calling. Teams treating prompts like code (versioned, tested, and monitored) get consistently better results than those who improvise.
Durante 2025 cientos de equipos pusieron agentes IA en producción real. A principios de 2026, con datos suficientes, emergen lecciones consistentes sobre qué falla, qué funciona, cuánto cuesta y qué tareas no encajan. Repaso ordenado para equipos que empiezan ahora.
A selection of postmortems published between 2025 and 2026 by teams running AI systems in production reveals repeated patterns: guardrail failures, silent model drift, hidden vendor dependency, and a collection of near-misses worth distilling.
Four years ago it was an academic curiosity. Today, scheduling workloads by grid carbon intensity is a built-in option in Kubernetes, in several cloud provider services, and in CI tooling. We look at what genuinely changed and what is still more promise than practice.
Casi nueve meses después del lanzamiento de Computer Use, algunos equipos lo han llevado a producción para tareas reales. Dónde funciona, dónde todavía no conviene, y qué patrones están emergiendo para que un agente que maneja ratón y teclado no acabe siendo más problema que solución.
Continuous profiling with eBPF samples every process's execution stack every few milliseconds without touching the code, then stores the history so you can compare last week's performance with today's. The cost measured in production runs between 1% and 3% of CPU, and it pays off most in databases, API gateways and high-concurrency services.
Después de años acumulando SBOMs, el cuello de botella es filtrar qué CVEs afectan de verdad. VEX aparece como la pieza que convierte el ruido en señal, y en 2025 empieza a tener adopción real en pipelines de supply chain.
Two years after Zero Trust stopped being a marketing word, it is worth looking at how it connects with the SIEM teams run day to day. A look at useful signals, avoidable noise, and the decisions that actually change security posture.
Dependabot and Renovate chase the same goal with different philosophies. I compare both after years running them on my own and client projects, covering when one fits better and when the other suits a team's workflow more.
SLSA v1.0 splits software supply-chain security into three tracks (Build, Source, and Dependencies), of which only Build is stabilized, with three levels: L1, L2, and L3. If you build in GitHub Actions, reaching L2 with Sigstore-signed provenance takes a few hours and is the starting point I recommend to any team.
Software is not immaterial: every request and database query consumes electricity with a carbon footprint. The Green Software Foundation encodes eight practical principles to reduce that footprint without rewriting systems. The result is a more efficient service, a lower cloud bill, and readiness for ESG regulation.
CrewAI modela agentes como un equipo con roles y tareas. Cómo se compara con LangGraph y AutoGen, y cuándo merece la pena adoptar un patrón multi-agente.
Evaluating a RAG system without metrics is pure guesswork. Ragas measures four core signals: faithfulness, answer relevancy, context precision and context recall, using an LLM as judge. TruLens, DeepEval and other frameworks cover similar ground. Wiring evaluation into CI from day one catches regressions in prompts, chunking or model choice before they reach production.
Carbon-aware computing runs flexible workloads when grid electricity emits less CO2, cutting emissions 10-30% without changing infrastructure. Grid carbon intensity varies up to 16x by hour and region; tools like Electricity Maps, WattTime and the Carbon Aware SDK make that scheduling possible with real grid data.
Sigstore has become the standard signing layer for OCI artefacts. GHCR is the best-integrated registry; Harbor 2.5+ and Quay offer native support; AWS ECR pushes its own KMS scheme. Verification earns its keep at three points: the cluster admission controller, the GitOps layer, and the CI/CD pipeline. The public Rekor has rate limits that force self-hosting past a certain build volume.
SLOs and error budgets only work when the budget drives real decisions. A feature freeze that triggers on exhaustion, deploy velocity that adjusts to consumption. With two or three well-chosen SLIs, a clear freeze policy, and simple tools like Prometheus with Sloth, a team can sustainably balance velocity and reliability in production.
Blameless post-mortems are easy to proclaim but hard to execute well. Without genuine blame-free culture, a factual timeline, honest contributor analysis, and action items with a clear owner and deadline, the exercise degenerates into empty ritual that does nothing to prevent the same incidents from recurring.
An Internal Developer Platform (IDP) centralises service discovery, provisioning and observability in a single portal, so developers stop depending on stale wikis and Slack channels. Backstage, Port and Cortex dominate the market: Backstage is open source with a dedicated team, Port is fast low-code SaaS, and Cortex focuses on scorecards for measurable technical discipline based on team size.
The SaaS market is consolidating after years of fragmentation: private equity acquisitions, licence changes, and double-digit price hikes have shifted negotiating power toward vendors. A practical framework to audit your exposure, build credible migration pressure, and design exit strategies that work when you actually need them.
SLSA v1.0, published in April 2023, defines four maturity levels for securing the software supply chain, from basic provenance to isolated builds. Level 3 requires every build to run in an ephemeral, stateless environment, eliminating attacks like build contamination and insider threat, and is achievable with GitHub Actions and OIDC signing via Sigstore.
With 30 or more microservices, end-to-end tests become slow, fragile and impractical. Pact implements consumer-driven contract testing: the consumer defines what it expects, the provider verifies it in its own CI pipeline, with no shared environment needed. The result is integration proof in seconds, not minutes.
Design thinking is a user-centred problem-solving methodology structured around five iterative phases: empathise, define, ideate, prototype, and test. Following the Design Council Double Diamond model, it first identifies the right problem, then designs the right solution. Applicable to digital products, internal processes, and business models alike.
The OKR (Objectives and Key Results) methodology is a goal-management system that aligns the entire organisation, from the CEO to every team, around ambitious, measurable goals. Each qualitative objective pairs with quantifiable key results, reviewed every quarter to keep focus without the rigidity of an annual plan.
SMART, OKR, and Balanced Scorecard are the three reference methodologies for defining strategic objectives: SMART validates that each objective is specific and measurable, OKR vertically aligns organisational ambition through quarterly reviews, and Balanced Scorecard connects financial indicators with processes, customers, and learning across four complementary perspectives.
5 min2394.5
We use first- and third-party cookies to analyze site traffic. You can accept them, reject them, or configure your choice.
Learn more about cookies
Cookie preferences
NecessaryEssential for the site to work. Always on.
AnalyticsHelp us understand how the site is used (Google Analytics).