Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on DevOps, CI/CD, Automation and related technologies.

90% AI Adoption. Still Failing. DORA Explains Why.

AI adoption is nearly universal. So why are most teams still struggling? In this session from GitKon, Nathen Harvey, head of DORA at Google Cloud, shares findings from the 2025 DORA State of AI-Assisted Software Development report, drawing on data from nearly 5,000 developers worldwide. The answer isn't more AI. It's what surrounds it.

npm axios attack - What happened and how to protect your supply chain

100M+ weekly downloads. One compromised maintainer account. A remote access trojan in two active release branches. This is a 30-minute breakdown of the Axios npm supply chain attack – how it happened, why it was hard to detect, and what any engineering team can do right now to reduce exposure. Nigel Douglas, Head of Developer Relations at Cloudsmith, is joined by Jenn Gile, co-founder of Open Source Malware, a community-driven threat intelligence platform focused on malicious open source packages.

Konstruct product updates: Hosted control planes and multi-cloud

March signified a very important period for the Konstruct team, where we were able to focus on something we’ve heard consistently from teams: reduce the time to value without compromising control. In the previous post, we walked through how Konstruct 0.1–0.3 established the core platform model, introduced templates, and expanded GitOps into something that can represent both infrastructure and applications. With 0.4, we’re taking a more opinionated step forward.

Meet Cortex: The Engineering Operations Platform

Standardize. Visualize. Drive Change. Cortex is the leading Engineering Operations Platform that helps organizations define what "good" looks like and empowers teams to reach those standards. From tracking DORA metrics to driving large-scale migrations, Cortex provides the visibility and tools necessary to maintain a high-performing engineering culture. In this video, you’ll see how to: Set the Standards: Create custom Scorecards (like Operational Maturity or DORA Metrics) with automated rules integrated directly from tools like PagerDuty, Incident.io, and GitHub.

Conversations: Ask Netdata About Anything You're Looking At

Netdata AI can already troubleshoot your alerts and generate Insights reports. What it couldn’t do, until now, was have a back-and-forth conversation. You could get a one-shot analysis, but you couldn’t ask follow-up questions, pull in additional context, or go from a quick question to a full investigation without starting over. We’ve added a conversational layer to Netdata AI.

The pipeline that never reached production | Harness Blog

Modern CI/CD platforms allow engineering teams to ship software faster than ever before. Pipelines complete in minutes. Deployments that once required carefully coordinated release windows now happen dozens of times per day. Platform engineering teams have succeeded in giving developers unprecedented autonomy, enabling them to build, test, and deploy their services with remarkable speed. Yet in highly regulated environments-especially in the financial services sector-speed alone cannot be the objective.

How to deploy PostgresSQL on Kubernetes

Kubernetes is a container orchestration platform that automates the deployment, scaling, and management of containerized applications, abstracting many of the manual steps of rolling upgrades and scaling. When building cloud-native applications in a Kubernetes environment, you’ll often need to deploy database applications like a PostgreSQL database so that your applications can leverage their features within the cluster.

Introducing Zero Trust Architecture for Software Delivery | Harness Blog

For the world’s largest financial institutions, places like Citi and National Australia Bank, shipping code fast is just part of the job. But at that scale, speed is nothing without a rock-solid security foundation. It’s the non-negotiable starting point for every release. Most Harness users believe they are fully covered by our fine-grained Role-Based Access Control (RBAC) and Open Policy Agent (OPA).