Skip to main content

Posts

Autonomous AWS Agent Automates Modernization of Codebases

Amazon Web Services (AWS) today made available a preview of an artificial intelligence (AI) agent that has been trained to continuously modernize codebases. Announced at the AWS New York Summit , the AI agent is being embedded into AWS Transform , the application modernization service AWS launched last year. Sriram Devanathan, director of AWS Transform, said the autonomous AI agent added to the service will, unlike existing agents, asynchronously execute tasks such as remediating code or analyzing technical debt. AWS Transform automatically scans your code repositories against configurable baselines and generates findings in hours. Policies for detecting end-of-life dependencies, deprecated frameworks, and other common sources of technical debt are already embedded. If a DevOps team has deprecated an internal library or prefers a particular logging pattern, it can be codified as a policy that runs continuously across code repositories. Once an issue is detected, AI agents will auton...
Recent posts

Why AI Testing Must Live Inside Your CI/CD Pipeline

Here is a situation most engineering leaders recognize. You roll out AI coding tools. Features ship faster. Developers are more productive. Then, a few months in, you realize something unexpected: the engineers you most wanted to free up are busier than ever. They are reviewing PRs, firefighting regressions, juggling a dozen half-shipped features and the edge cases that came with each one. AI made them more efficient. It also made them ten times more busy. The bottleneck did not disappear. It moved. And it moved to exactly the place most teams are least equipped to handle quickly: verification. This is the problem that CI/CD, in its current form, is not set up to solve on its own. CI/CD is a delivery mechanism. It runs what you give it. If you give it a pipeline that still depends on humans to write tests, review logic, and triage failures, adding AI on the generation side just means the human verification step gets hit harder. You are filling a faster funnel into the same narrow dr...

AWS Continuum Service Employs AI to Secure Software Supply Chains

Amazon Web Services (AWS) today launched a service that expands the scope of the artificial intelligence (AI) tools it provides to secure code to include an agent that discovers, validates and prioritizes vulnerabilities that are then used to surface a remediation recommendation. Announced at the AWS New York Summit , the AWS Continuum service also adds a tool to automatically create threat models for codebases. Additionally, AWS is now making it possible to run code reviews, generate threat models, and remediate findings directly from within an integrated development environment (IDE) or command line interface (CLI) by invoking the Model Context Protocol (MCP). Those tools and capabilities will be added to a previously launched AI tool to automate penetration testing using an AWS Security Agent that is now generally available. Chet Kapoor, vice president of security services and observability for AWS, told conference attendees that in the wake of more advanced AI models such as M...

Five Technology Shifts In: Why the Hype Curve Lies in Both Directions

I’ve lived through five major technology shifts: mainframe to Windows in the early ‘90s, internet computing in the late ‘90s and early 2000s, Agile in the mid-2000s, cloud through the 2010s, and now AI. You learn things by surviving that many. You learn that vendors oversell. That leadership wants results yesterday. That the breathless predictions almost never land on the calendar that everyone promised. So you learn to discount the hype. And that reflex, the one thing that five shifts trained into me, is the thing I’d warn other veterans about right now. The hype curve lies in both directions. Everyone knows it inflates expectations early. What we forget is that it deflates them later, right around the time the technology actually starts to matter. The people who got burned chasing the last four shifts are the ones primed to under-react to this one. The engineer who lost a year to a premature cloud migration is the same engineer waving off agentic coding today. Same scar, wron...

GitHub Actions Gets Serious About Self-Hosted Runner Versions

GitHub is resuming enforcement of minimum version requirements for GitHub Actions self-hosted runners — and this time, the deadlines are firm. After a rocky start that included multiple delays and a temporary pause earlier this year, GitHub has published a clear enforcement timeline for both GitHub Enterprise Cloud and GitHub Enterprise Cloud with Data Residency. If your team runs self-hosted runners and hasn’t upgraded them yet, now is the time to act. Why This Is Happening In early 2024, the GitHub Actions team began rearchitecting the backend services that power job execution and runner communication. That foundational rebuild now handles over 120 million jobs per day — more than three times the pre-migration volume — and lets enterprises start seven times more jobs per minute than before. Version enforcement is the final step in completing that migration. Older runner versions that are incompatible with the updated infrastructure can no longer be supported as all runners m...

Checkmarx Adds Hybrid SAST Engine to Improve AppSec in AI Era

Checkmarx this week revealed it has re-engineered the core engines embedded within its static application security testing (SAST) tools for the agentic artificial intelligence (AI) era. At the core of that effort is a next-generation SAST hybrid scanning engine that combines three distinct capabilities within the Checkmarx One platform. An existing deterministic rules-based foundation is now being extended using a purpose-built large language model (LLM) and a Finding Analysis Engine (FAE) that suppresses false positives. Frank Emery, director of product management for Checkmarx, said the SAST tools embedded in the Checkmarx One platform, as a result, now combine existing deterministic results for specific programming languages with the probabilistic insight generated by large language models (LLMs) that have been shown to be effective at discovering vulnerabilities. The challenge is that LLMs tend to generate a lot of false positives, which can now be sharply reduced using the FAE,...

SpaceX to Acquire AI Coding Leader Cursor in $60 Billion Blockbuster Deal

Fresh off a historic initial public offering, SpaceX announced Tuesday that it has entered a definitive agreement to acquire Anysphere Inc., the parent company of the popular artificial intelligence (AI) coding assistant Cursor, in an all-stock transaction valued at $60 billion. The acquisition cements SpaceX’s sudden transformation into an AI powerhouse, following its merger with Elon Musk’s xAI venture in February. The deal is expected to close in the third quarter of 2026, subject to regulatory approvals. Under the agreement, Cursor common and preferred stock will convert into SpaceX Class A common stock. The exchange ratio will be determined by the volume-weighted average closing price of SpaceX stock over the seven trading days prior to closing. Neither SpaceX nor Cursor immediately responded to requests for comment. The transaction materializes an option SpaceX unveiled in April, which gave the aerospace-and-AI giant the choice to either buy the San Francisco-based start...