LodeHQSubscribe →

Prefect buys Dagster, Linkerd slashes memory 85%

DevOps · 2026-07-14

CI/CD & Automation
Prefect buys Dagster, merging the two leading AI‑focused orchestration platforms2 MIN

Prefect has acquired Dagster, uniting the two most popular modern workflow orchestrators that have competed for AI, data and CI/CD teams. The announcement promises no changes for current users, but signals a broader shift toward a single platform that can handle data, ML, and infrastructure automation under one roof.

Containers & Orchestration
Headlamp adds native Kubeflow UI, letting operators troubleshoot ML workloads in Kubernetes4 MIN

The new Headlamp plugin surfaces Kubeflow’s CRDs, notebooks, pipelines, training jobs, and hyperparameter tuning, in the general‑purpose Kubernetes dashboard. Operators can now see pod conditions, failures, and resource status without jumping to kubectl, streamlining ML workload management across namespaces. It unifies ML and infra monitoring in a single UI.

Linkerd 2.20 Cuts Control‑Plane Memory by 85%, Enabling Leaner Mesh Deployments2 MIN

Linkerd 2.20 cuts control‑plane memory usage by up to 85% while preserving mTLS, traffic splitting and observability. The shrink lets operators run the mesh on smaller clusters or free RAM for other workloads, trimming cloud spend. It also adds smarter traffic routing and rate‑limit‑aware load balancing.

Cloud & Platform Engineering
Port adds mandatory governance to AI‑written code to curb hidden debt4 MIN

Port’s new AI Builder forces AI‑generated code through a Plan Mode that requires human approval and versioned audit trails. CEO Zohar Einy warns that unchecked "vibe coding" builds hidden technical debt and security gaps, so platform teams must embed governance guardrails now.

Turning Compliance Chaos into a Self‑Service Platform Teams Actually Use14 MIN

Davide de Paolis shows how his team stopped dev friction by restructuring AWS accounts and automating compliance signals, turning a dreaded “cloud police” rollout into a self‑service platform that developers actually use. The playbook includes multi‑account isolation, cost allocation, and Slack alerts that surface violations before they break a sprint.

DevSecOps
Ghost GitHub accounts silently map orgs, exposing private repos6 MIN

Datadog Security Labs uncovered coordinated campaigns that wield dormant "ghost" GitHub accounts and compromised tokens to mass‑enumerate orgs, repos, and members via the public API. The low‑profile traffic blends with legitimate requests, but at scale it creates a detailed reconnaissance map that can lead to private‑repo theft. Defenders can hunt the behavior by flagging suspicious user agents, token types, and ASN patterns.

AI triage can end SOC alert fatigue, says ex‑NSA red teamer3 MIN

An ex‑NSA red teamer warns that SOCs drown analysts in raw alerts, turning detection into a needle‑in‑haystack problem. He argues AI‑driven triage and time‑series context can cut the noise, letting humans focus on genuine threats. The shift could slash response times and reduce burnout across security teams.

AWS Security Hub now covers Azure, unifying multi‑cloud risk management1 MIN

AWS Security Hub adds native Azure monitoring, consolidating posture, vulnerability and response data from both clouds into one console. The integration auto‑discovers Azure VMs, containers, functions and identities, applying CIS Benchmarks and feeding findings to EventBridge, so security teams can prioritize and remediate risks without juggling separate tools.

Unified access architecture lets AI agents share VPN security without new tools2 MIN

Enterprises deploying hundreds of AI agents are hitting an access‑control wall: VPNs and IAM were built for humans, not non‑human identities. A unified access architecture blends zero‑trust networking, PAM, and agent‑specific policies into a single policy layer, letting teams secure both people and bots without extra overhead.

Why insecure workstations are the newest software supply‑chain weak point5 MIN

Compromised developer machines can inject malicious code before it ever reaches a repo or CI pipeline, turning a single workstation into a supply‑chain attack hub. Recent incidents, from malicious VS Code extensions to typosquatted packages, show the scale of the threat and why securing workstations is now a top priority for DevSecOps teams.

Get DevOps in your inbox, every issue.
Subscribe free
Privacy · Terms · About · Contact
© 2026 LodeHQ