Operations | Monitoring | ITSM | DevOps | Cloud

Today, Kosli and Adaptavist announce a strategic partnership to help regulated enterprises automate governance for AI driven software delivery - making it automated, continuous, and evidence-driven rather than a manual checkpoint that sits apart from DevOps and CI/CD. Adaptavist brings deep enterprise DevOps transformation expertise: assessment and strategy, DevSecOps integration, developer experience, and implementation across Atlassian, GitLab, and AWS.

Every engineering team wants to ship high-quality, reliable software quickly. Historically, engineers used a few guiding principles to help them consistently write clean code: keep code DRY, shift security left, write solid test cases, own your services, document your runbooks, and more.

At SREday NYC 2026, the ShipTalk podcast spoke with Phil Christianson, Chief Product Officer at Xurrent, for a leadership perspective on the intersection of product strategy, engineering investment, and platform reliability. While many of the conversations at the conference focused on tools, automation, and incident response, Phil offered a view from the C-suite level, where decisions about engineering priorities and R&D investment ultimately shape how reliability practices evolve.

When AI agents operate across a multi-module platform like Harness (from CI/CD to DevSecOps to FinOps), the number one goal is to give you answers that are correct, consistent, and grounded in real data. Getting there requires a deliberate architectural choice: when a question can be answered from structured platform data, the agent should use a schema-driven Knowledge Graph rather than raw API calls via MCP. The principle is simple: if the data is modeled, retrieval should be deterministic.

Infrastructure as Code (IaC) solves the provisioning problem. It doesn't solve the governance problem. You can version your Terraform configuration, run it in a pipeline, review every pull request — and still deploy an S3 bucket with public access, a VM with no encryption, or a resource that exceeds your cost budget. Nothing in the standard IaC workflow checks for those things. The reviewer has to know what to look for. And they won't catch it every time. Policy as Code changes that.

You could have the most detailed metrics displayed on your dashboard, but if no one gets notified when things break, you’re just collecting data. Alerts help turn this passive monitoring into an active response. It’s like they tell you, “Hey, your error rate just spiked!” or “Your memory usage is through the roof,” even before your users start filing support tickets, or worse, give up on your tool entirely.

In Grafana Cloud we use a simple yet generous formula that lets you query up to 100x your monthly ingested log volume in gigabytes for free. This works for the vast majority of our customers, but if you aren’t careful and strategic with your usage, you could find yourself with an overage bill.

Autonomous IT becomes real when teams move from insight to governed action. Most IT teams still operate on an alert-first, human-coordinated model. When something breaks, alerts fire across multiple tools, engineers get pulled in, and the first part of the response goes to figuring out who owns the problem, which signals matter, and how far the impact has spread. Containment comes after that. That sequence made sense in slower, more isolated environments.

The most expensive hour in software engineering is the hour spent trying to figure out why a bug exists in production that doesn’t exist anywhere else. For many teams, the first 70% of a debugging cycle isn't spent fixing code; it is spent on "plumbing." This is the time lost to reproducing the issue, wrestling with environment drift, and sanitizing datasets just to get to a starting line.

Organizations frequently debate ITAM vs CMDB because both disciplines describe the same environment from different angles. A CMDB gives operational context – how services, applications, and infrastructure relate – so teams can restore service fast and manage risk. ITAM focuses on financial accountability, control, and governance across the asset management lifecycle, from request to retirement. In practice, the strongest ITSM operating models connect both.