AppSec MCP server
Reference implementation — 8 tools, 5 ordered guardrails, 3 pluggable LLM providers, end-to-end OpenTelemetry observability.
Published platform engineering and application security work — the reference implementations and architecture write-ups behind the GenAI/AppSec advisory practice.
Reference implementation — 8 tools, 5 ordered guardrails, 3 pluggable LLM providers, end-to-end OpenTelemetry observability.
Enterprise GitOps platform on EKS — multi-cluster DEV/PROD isolation, ArgoCD, and security controls.
GitOps platform architecture suitable for high-volume financial services environments.
Backstage internal developer portal — self-service platform for a regulated enterprise.
From reactive operations to self-service — Crossplane, Temporal, and AI-augmented developer experience.
Tiered-storage architecture diagrams — QuestDB Enterprise feeding Azure Blob with declarative lifecycle management.
Migration guide and approach for moving from GitHub to GitLab.
Architecture review of the GitOps demo environment.
OpenTelemetry metrics, traces, and logs unified in Grafana with Tempo and Loki backends. A parent span per request, child spans for each guardrail and downstream call, and a shared trace ID injected into every log line — one correlation ID ties spans, traces, and logs together.
Field notes on progressive disclosure — how Claude Skills change the economics of agentic coding work.
Part two — wiring the playbook across a polyglot platform: memory load order, path-scoped rules, conditional guards, and managing the live context budget.
Structured 4-week proof of concept — org setup, repo-trained customizations, baseline metrics, and a go/no-go decision package.
91% SonarQube coverage using Claude Opus 4 + GitHub Copilot with three enforcement layers keeping production source frozen. Reference config kit included.
A Copilot-only, cost-aware workflow that raises Java test coverage to 91% — autonomous agent loop, defense-in-depth guardrails, and token engineering.
Field notes on the economics of agentic AI: why token cost grows every turn, and the four levers that cut it — lean context, load-on-demand, compress inputs, keep tool output off the meter.
A migration, guardrail, and AWS-baseline starter for a team standing up a new ML/Ops environment — built so enforcement doesn't depend on which AI tool an engineer picks.
GitHub Copilot vs Claude Code — how each tool builds context, what it ignores vs loads, and the levers that control token usage.
A Phoenix Project-style narrative on why token cost is a work-in-progress problem, not a model problem. Six levers for controlling Copilot spend, in order.
What your AI coding assistant costs vs whether the services are up — in plain terms, applied to Copilot and Claude.
What Orbit's SDLC knowledge graph does for AI agents like Claude, where it helps, and the blind spot — the code it won't read — to plan around before you rely on it.
From a single ad-hoc workload to a governed, enterprise-wide platform — five maturity levels, the enterprise value chain, and responsible AI built in from Level 3.
From legacy delivery to a team-owned, self-service platform — agentic-native and compliant by default. Layered architecture with phased migration path.
Executive-director-level background spanning platform engineering and security.