Category: Tidbits

As machine learning programs require ever-larger sets of data to train and improve, traditional central training routines creak under the burden of privacy requirements, inefficiencies in operations, and growing consumer skepticism. Liability information, such as medical records or payment history, can’t easily be collected together in a place due to ethical and legal restrictions. Federated

For most of its history, networking has been a standards-first, protocol-governed domain. From the OSI model to the TCP/IP stack, progress was measured in working groups and RFCs, not GitHub commits. But that is changing fast. Projects like eBPF and Cilium, along with the architectural demands of Kubernetes, are moving networking from a specification-bound world

Preamble I recently had a conversation with my friend about starting a new company. We discussed the various stages a company should go through to become mature and secure enough to operate in the modern market. This article will outline those stages. The suggested approach is based on the following principles: Security by default Security

In this article, I will go through the concepts of digital experience monitoring (DEM) and Endpoint Posture Checks and discuss how these essential capabilities are integrated into the SASE framework to enforce the zero trust principle. Together, these capabilities empower enterprises’ security and IT teams to maintain optimal performance, a strong security posture, and trust,

Everywhere I go, cloud and DevOps teams are asking the same question: “Are we ready for AI?”

Attackers only really care about two aspects of a leaked secret: does it still work, and what privileges it grants once they are in. One of the takeaways from GitGuardian’s 2025 State of Secrets Sprawl Report was that the majority of GitLab and GitHub API keys leaked in public had been granted full read and

Done well, knowledge base integrations enable AI agents to deliver specific, context-rich answers without forcing employees to dig through endless folders. Done poorly, they introduce security gaps and permissioning mistakes that erode trust. The challenge for software developers building these integrations is that no two knowledge bases handle permissions the same way. One might gate

You think you know your SDLC like the back of your carpal-tunnel-riddled hand: You’ve got your gates, your reviews, your carefully orchestrated dance of code commits and deployment pipelines.  But here’s a plot twist straight out of your auntie’s favorite daytime soap: there’s an evil twin lurking in your organization (cue the dramatic organ music). 

In multi-user environments with high-security requirements, robust permission controls are fundamental for resource isolation. Linux’s file permission model provides a flexible access control mechanism, ensuring system security through user/group permission settings. For distributed file systems supporting Linux, compliance with this model is critical for consistent security. This article explores key Linux permission mechanisms and their

FOSDEM 2025 has come to a close, and it certainly was not without a lot of content and participation from Apache Software Foundation (ASF) members, committers, and contributors! We asked ASF participants to provide summaries and observations from this year’s premier free software event, to share a small part of the work that ASF community