Operations | Monitoring | ITSM | DevOps | Cloud

Latest posts

Is It Time to Rethink Your Multicloud Strategy?

The original case for multicloud still holds — but the conditions around it have shifted significantly. Here's what you should be asking before your next cloud decision. Most organizations didn’t set out to have a multicloud strategy. They just accumulated one – a mix of providers, tools, and integrations built up over time as individual workload decisions compounded into something that now requires a strategy of its own.

AI Is Writing More Code Than Ever. Your Release Process Hasn't Kept Up. | Harness Blog

A new report from LeadDev and Harness makes one thing clear: AI coding tools have fundamentally changed how much code organizations are producing. What has not changed nearly fast enough is how that code gets released. The State of AI-Driven Software Releases 2026 report, based on responses from 500424 engineers across industries and company sizes, puts real numbers behind a problem that engineering leaders have been feeling for a while. AI is accelerating the code creation side of the SDLC.

Poisoning The Pipeline: How The Mastra AI Ecosystem Was Poisoned At The Registry Level | Harness Blog

The open-source landscape has witnessed another highly automated, ecosystem-level subversion. On June 17, 2026, a critical software supply chain attack struck the Mastra AI framework - a popular open-source TypeScript ecosystem used widely to build AI agents, workflows and RAG pipelines. By exploiting a compromised contributor account, threat actors successfully mass-published 144 malicious packages under the official @mastra npm scope.

Compliance Without Complexity: Introducing Harness Rego Policy Packs | Harness Blog

In the fast-paced world of modern software delivery, compliance is often a bottleneck. While our existing OPA-based Policy as Code feature has long empowered teams to encode complex authorization checks and enforce granular governance across their DevOps workflows, we know that starting from a blank page can be daunting. Security and governance teams struggle to keep up with the volume of releases, while developers often find the initial setup of these policies to be time-consuming.

A new way to SIEM

For years, security teams have been sold the same bargain: send in more data, buy more tools, tune more rules, and you'll be better protected. In practice, a lot of teams have ended up with the opposite. They're carrying more cost and more complexity, and they still don't have much confidence that their detections are actually working the way they should. That's the backdrop for why Cribl is acquiring CardinalOps.

Life after SaaS: Enabling the System of Context

By: Tucker Callaway, CEO at Mezmo The market keeps saying “SaaS is dead.” That’s probably true, but it’s also incomplete. What’s actually dying is the idea that value lives inside a vendor-controlled black box. The next era is about utilities: unlimited coding capacity and unlimited analytical capability. And if those two utilities are real, then the vendor model has to change.

We built an SRE bot on AURA. Here's what we learned.

PagerDuty fires. You open the incident. Title, timestamp, nothing else. Whatever context exists is in someone's head, in a Slack thread from two weeks ago, or in a runbook nobody has touched since the last reorg. We got tired of that. So we put an AURA agent behind a Slack bot and pointed it at our own production environment.

An SRE agent for production

AI has changed how software gets built. It hasn't changed how software gets run. Most of the AI money in software has gone into the IDE: code generation, copilots, developer assistants, faster pull requests. That work matters. But writing software is one slice of the lifecycle. The harder problem, and the more expensive one, is running that software in production. Production is where systems fail in ways nobody predicted. Incidents don't stay inside one service.

Agentic Automation vs. Process Automation: What's the Difference?

Automation has always promised the same basic things: less work, faster resolution, and more consistency. What has changed is how much judgment automation can now apply before work begins. Traditional process automation is excellent at executing known steps. Agentic automation, though, adds a new layer: AI systems that can decide which action or workflow should happen next. That difference matters a whole lot.

The Cost of Idle Resources in Your Data Center

Idle resources in your data center are a liability. Every unused server drawing power, every underutilized rack consuming cooling capacity, and every stranded port sitting dark on a switch represents money spent with no operational return. That's always been true for traditional compute. It's even more consequential as organizations invest in GPU infrastructure for AI workloads, where the hardware is an order of magnitude more expensive and the cost of underutilization scales accordingly.