Operations | Monitoring | ITSM | DevOps | Cloud

If you’ve been eyeing chat-native incident tools and wondering whether PagerDuty can compete in Slack, this one’s for you. Are you still treating your incident management platform like a glorified pager? It’s time for an update. Over the past months, we’ve been evolving our Slack app from a notification tool into a full incident command center, and we’re coming for the chat-native tools (ahem, incident.io).

The CertKit Agent 1.6 is out. Three things in this release, all of them coming from the same underlying problem: the shorter certificate lifespans get, the more certificate deployment has to behave like real software deployments.

Application control is one of those security topics where many people carry old assumptions. Traditional allowlisting feels safe but quickly becomes a maintenance burden. Blocklisting feels reactive and incomplete. And while tools like Microsoft AppLocker led many to believe that strict allowlisting is the gold standard, modern attacks have proven otherwise. Attackers increasingly rely on legitimate, signed tools — used in the wrong context — to bypass list-based controls entirely.

In the previous posts, we’ve looked at how alert noise emerges from design decisions, why notification lists fail to create accountability, and why alerts only work when they’re designed around a clear outcome. Taken together, these ideas point to a broader conclusion. That alerting is not just a technical system, it’s a socio-technical one. Alerting systems encode assumptions about how people behave, how responsibility is distributed, and how decisions are made under pressure.

Every year, Honeycomb runs disaster recovery scenarios in multiple environments, including in production. Although each of our instances runs in a single region, on at least three Availability Zones (AZs), we have multiple plans for partial regional failures, and particularly, zonal failures. One of these tests was run on December 5th, and after its successful completion came its cleanup steps.

In 2024, Civo acquired Konstruct (formerly Kubefirst) to reinforce our commitment to simplifying cloud computing complexities. When this acquisition was made, it began a whole new chapter for the team behind Konstruct. Over the years, we assembled our team by working with a community of thousands of engineers in what can be a very complex cloud native environment. We were fortunate to join forces with Civo as they aligned with our cloud native and portable vision.

Over the past few years, Digital Employee Experience (DEX) has moved from emerging concept to essential capability for modern IT organizations. The conversation has changed. IT is no longer measured only by system uptime or ticket resolution. Today, success is defined by how technology actually performs for employees — and how consistently organizations can deliver productive, friction-free digital work.

I was looking at our Claude Code spend in the Anthropic console the other day. Aggregate cost, aggregate tokens — no breakdown by developer, no breakdown by session. I knew my Hackathon team had been using it heavily on building out new features for the OpenTelemetry Distro Builder. But heavily how? I had no idea. Turns out Claude Code has been emitting OpenTelemetry signals the whole time. Per-session cost, token counts, every tool call it makes on your codebase.

The “works on my machine” era is officially over. Nix is changing the way we think about software by treating packages as functional, immutable values, ensuring that a build works exactly the same way every time, on every machine. But while Nix excels on a local laptop, scaling that level of reproducibility across a global enterprise has historically been a challenge.

Compliance audits used to be annual fire drills. Teams would scramble for weeks gathering screenshots, pulling logs, and hoping nothing slipped through the cracks. That approach no longer works when regulations like GDPR and HIPAA require continuous documentation and real-time evidence of security controls. Website monitoring tools designed for compliance have evolved to address this reality, automating evidence collection and flagging issues before auditors ever arrive.