News and Tech Update

DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these challenging economic times is to make it just that much easier for DevOps professionals to advance their careers. Of course, the pool of available DevOps talent is still relatively constrained, so when one DevOps professional takes on a new role, it tends to create opportunities for others. The five job postings shared this week are selected based on the company looking to hire, the vertical industry segment and naturally, the pay scale being offered. We’re also committed to providing additional insights into the state of the DevOps job market. In the meantime, for your consideration. Indeed.com Amentum Hanover, MD Cloud Engineer $230,000 to $300,000 LinkedIn Galileo Brooklyn, NY Senior DevOps Engineer $200,000 to $240,000 The Job Network Sonatus Sunnyvale, CA DevOps Man...

Cybersecurity researchers from Bitdefender, a provider of an endpoint detection and response (EDR) platform, have discovered an extension to the Windsurf integrated development environment (IDE) that steals credentials and data after code is downloaded from the Solana blockchain platform. Silviu Stahie, a security analyst for Bitdefender, said the extension makes use of typosquatting tactics to make it appear as though it is a legitimate instance of REditorSupport, an extension that provides an IDE to developers that are building applications using the R programming language that is typically used to build statistical computing and data visualization applications. Windsurf, like most AI coding tools, is based on Visual Studio (VS) Code, an open source AI code editor. The issue that more DevSecOps teams need to be aware of is that fake extensions to tools based on VS Code are now being employed more widely to compromise software supply chains, said Stahie. In this instance, the ex...

A customer deploys AKS in a regulated environment, hits an issue during node bootstrapping, and wants to know exactly what happens when a node joins the cluster. The question sounds simple. The answer is spread across the AgentBaker source code, the cloud-provider-azure module, a Microsoft Learn article, three abstraction levels above what actually runs on the node, and the institutional knowledge of a teammate who may or may not be online. That’s the daily reality for Microsoft’s Global Black Belts — field engineers handling deep technical questions about Azure Kubernetes Service (AKS) and Azure Red Hat OpenShift (ARO). Two of them, Diego Casati and Ray Kao, built a system that does what they do: retrieve, correlate, verify, and write up the answer. They call it Project Nighthawk. What Nighthawk Does Nighthawk is a multi-agent research system built inside VS Code with GitHub Copilot. You type a command like /Nighthawk how does AKS implement KMS encryption with customer-managed k...

AI coding assistants can generate pull requests faster than most teams can review them, and that mismatch is creating a new kind of bottleneck across engineering organizations. The volume of AI-generated code is growing rapidly, but without a reliable way to validate that code against real production environments, teams are left choosing between slowing down to manually review everything or accepting the risk of pushing untested changes forward. Alan Shimel speaks with Sumeet Vaidya, CEO and co-founder of Crafting.dev, about the emerging concept of closed-loop autonomous development. The idea is straightforward: rather than treating AI agents as tools that hand off code for humans to verify, give those agents the ability to test their own output against live dependencies and real infrastructure before a human ever needs to get involved. The conversation explores what it takes to make that work in practice. Traditional sandboxing approaches struggle to replicate the complexity of...

A survey of 712 IT professionals finds that programming languages and frameworks (49%), followed closely by ​databases and data technologies (46%), DevOps/GitOps/DevSecOps tooling (39%) and cloud and container technologies (38%) are the areas where open source software is most widely adopted. Conducted in collaboration with the Open Source Initiative (OSI) consortium and the Eclipse Foundation, the survey also finds nearly half (49%) of respondents reporting they have increased use of open source software in the last year, with 21% describing that increase as significant. Nearly half (49%), however, said usage of open source software remained the same in the last year. Not surprisingly, the primary reason cited for adopting open source software was reduced costs derived from no licensing fee (62%), followed by avoiding vendor lock-in (55%). Despite that level of adoption, roughly a third of respondents also noted they still struggle with Security updates and patches (39%), instal...

AI is no longer a side experiment in software delivery. Gartner estimates that by 2028, three-quarters of enterprise software engineers will use AI code assistants, up from less than 10% in early 2023 . That scale matters because it shifts day-to-day work across the entire software development lifecycle — from what makes it into the backlog to how we release and learn after incidents. From SDLC to Flow: What Really Changes Across planning and design, AI reduces noise. Backlogs get de-duplicated, related items are grouped, and dependency-heavy work is surfaced earlier, so sprints start clearer. During build and test, assistants suggest edge cases, flag risky changes, and help teams focus on the small number of issues that truly threaten stability. In release and operations, AI connects the dots between recent deploys, logs and user impact, so responders get to the first safe action faster. None of this is magic; it’s shorter feedback loops and better signals, stitched into the work...