Prefect buys Dagster, Linkerd slashes memory 85%
Prefect has acquired Dagster, uniting the two most popular modern workflow orchestrators that have competed for AI, data and CI/CD teams. The announcement promises no changes for current users, but signals a broader shift toward a single platform that can handle data, ML, and infrastructure automation under one roof.
The new Headlamp plugin surfaces Kubeflow’s CRDs, notebooks, pipelines, training jobs, and hyperparameter tuning, in the general‑purpose Kubernetes dashboard. Operators can now see pod conditions, failures, and resource status without jumping to kubectl, streamlining ML workload management across namespaces. It unifies ML and infra monitoring in a single UI.
Linkerd 2.20 cuts control‑plane memory usage by up to 85% while preserving mTLS, traffic splitting and observability. The shrink lets operators run the mesh on smaller clusters or free RAM for other workloads, trimming cloud spend. It also adds smarter traffic routing and rate‑limit‑aware load balancing.
Port’s new AI Builder forces AI‑generated code through a Plan Mode that requires human approval and versioned audit trails. CEO Zohar Einy warns that unchecked "vibe coding" builds hidden technical debt and security gaps, so platform teams must embed governance guardrails now.
Davide de Paolis shows how his team stopped dev friction by restructuring AWS accounts and automating compliance signals, turning a dreaded “cloud police” rollout into a self‑service platform that developers actually use. The playbook includes multi‑account isolation, cost allocation, and Slack alerts that surface violations before they break a sprint.
Datadog Security Labs uncovered coordinated campaigns that wield dormant "ghost" GitHub accounts and compromised tokens to mass‑enumerate orgs, repos, and members via the public API. The low‑profile traffic blends with legitimate requests, but at scale it creates a detailed reconnaissance map that can lead to private‑repo theft. Defenders can hunt the behavior by flagging suspicious user agents, token types, and ASN patterns.
An ex‑NSA red teamer warns that SOCs drown analysts in raw alerts, turning detection into a needle‑in‑haystack problem. He argues AI‑driven triage and time‑series context can cut the noise, letting humans focus on genuine threats. The shift could slash response times and reduce burnout across security teams.
AWS Security Hub adds native Azure monitoring, consolidating posture, vulnerability and response data from both clouds into one console. The integration auto‑discovers Azure VMs, containers, functions and identities, applying CIS Benchmarks and feeding findings to EventBridge, so security teams can prioritize and remediate risks without juggling separate tools.
Enterprises deploying hundreds of AI agents are hitting an access‑control wall: VPNs and IAM were built for humans, not non‑human identities. A unified access architecture blends zero‑trust networking, PAM, and agent‑specific policies into a single policy layer, letting teams secure both people and bots without extra overhead.
Compromised developer machines can inject malicious code before it ever reaches a repo or CI pipeline, turning a single workstation into a supply‑chain attack hub. Recent incidents, from malicious VS Code extensions to typosquatted packages, show the scale of the threat and why securing workstations is now a top priority for DevSecOps teams.
Subscribe free