Operations | Monitoring | ITSM | DevOps | Cloud

CertKit is officially out of beta. We started building CertKit a year ago, and since then over 600 people signed up, issued certificates, and deployed to their infrastructure. Several are running it as their production certificate management platform right now. We built a lot during the beta. Some of it we planned: SSO, team management, alerting. Other things, users had to beat into us. The Keystore came from enterprise security requirements to keep private keys in house.

The market for enterprise service desk automation platforms has matured, but the way most enterprises evaluate them hasn’t. A lot of teams still start in the same place. They pull a shortlist from a review site, they compare pricing tiers, and sit through a few polished demos. Then, somewhere down the line, they realize they still haven’t answered the real questions that matter for their organization. What happens when the environment gets complicated and messy?

The most expensive hour in software engineering is the hour spent trying to figure out why a bug exists in production that doesn’t exist anywhere else. For many teams, the first 70% of a debugging cycle isn't spent fixing code; it is spent on "plumbing." This is the time lost to reproducing the issue, wrestling with environment drift, and sanitizing datasets just to get to a starting line.

Infrastructure as Code (IaC) solves the provisioning problem. It doesn't solve the governance problem. You can version your Terraform configuration, run it in a pipeline, review every pull request — and still deploy an S3 bucket with public access, a VM with no encryption, or a resource that exceeds your cost budget. Nothing in the standard IaC workflow checks for those things. The reviewer has to know what to look for. And they won't catch it every time. Policy as Code changes that.

When AI agents operate across a multi-module platform like Harness (from CI/CD to DevSecOps to FinOps), the number one goal is to give you answers that are correct, consistent, and grounded in real data. Getting there requires a deliberate architectural choice: when a question can be answered from structured platform data, the agent should use a schema-driven Knowledge Graph rather than raw API calls via MCP. The principle is simple: if the data is modeled, retrieval should be deterministic.

At SREday NYC 2026, the ShipTalk podcast spoke with Phil Christianson, Chief Product Officer at Xurrent, for a leadership perspective on the intersection of product strategy, engineering investment, and platform reliability. While many of the conversations at the conference focused on tools, automation, and incident response, Phil offered a view from the C-suite level, where decisions about engineering priorities and R&D investment ultimately shape how reliability practices evolve.

Every engineering team wants to ship high-quality, reliable software quickly. Historically, engineers used a few guiding principles to help them consistently write clean code: keep code DRY, shift security left, write solid test cases, own your services, document your runbooks, and more.

Today, Kosli and Adaptavist announce a strategic partnership to help regulated enterprises automate governance for AI driven software delivery - making it automated, continuous, and evidence-driven rather than a manual checkpoint that sits apart from DevOps and CI/CD. Adaptavist brings deep enterprise DevOps transformation expertise: assessment and strategy, DevSecOps integration, developer experience, and implementation across Atlassian, GitLab, and AWS.

I worked in observability for years, and the same pattern showed up across teams. An alert fired, the on-call rotation scrambled, and everyone did what they had to do to stabilize production. Then came the retrospective. Once the immediate pressure was gone, the conversation shifted to one question: how do we make sure this never happens again? My friend Jade Rubick coined a name for that principle: DRI, “don’t repeat the incident”.

We are excited to announce the latest release of SecureBridge, EntityDAC, and the full family of dbExpress drivers. This update delivers expanded IDE compatibility, support for the latest database versions, new security components, and platform improvements that benefit developers across the Delphi and Lazarus ecosystem.