Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Automated Vulnerability Management Automated vulnerability management is a key practice in DevSecOps. It involves using automated tools to identify, prioritize, and remediate vulnerabilities in an organization’s systems and applications. Automated vulnerability management includes the following activities: Shift-Left Testing Shift-left testing… Continue reading
Category: Technology Engineering
Technology Engineering
DevSecOps: Integrating Security into DevOps – Part 6
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Threat Intelligence Threat intelligence is the process of gathering information about potential threats and vulnerabilities to an organization’s systems and applications. It involves collecting, analyzing, and disseminating information about potential threats, vulnerabilities, and threat actors. Threat intelligence includes the following… Continue reading
DevSecOps: Integrating Security into DevOps – Part 5
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Identity and Access Management Identity and Access Management (IAM) is a critical aspect of DevSecOps. It involves managing user identities and controlling their access to resources based on their roles and responsibilities. IAM includes the following activities: Infrastructure as Code… Continue reading
DevSecOps: Integrating Security into DevOps – Part 4
In this continuation blog, we will explore some more advanced topics related to DevSecOps implementation. Threat Modeling Threat modeling is the process of identifying potential threats to an application or system and evaluating their impact. It helps identify potential security vulnerabilities and prioritize security activities. The following steps are involved in the threat modeling process:… Continue reading
DevSecOps: Integrating Security into DevOps – Part 3
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Shift-Left Testing One of the key concepts in DevSecOps is shift-left testing. This means shifting security testing as far left in the software development process as possible. This helps identify security issues early in the development process, which is much… Continue reading
DevSecOps: Integrating Security into DevOps – Part 2
Continuing from my previous blog, let’s dive deeper into the implementation of DevSecOps. Integrating Security into DevOps To implement DevSecOps, it is essential to integrate security into every phase of the DevOps lifecycle. The following are the key phases in DevOps and how to integrate security into each phase: DevSecOps Best Practices Here are some… Continue reading
Agent Tool Selection: Building AI Agents That Choose and Use the Right Tools
Introduction: AI agents become powerful when they can use tools—searching the web, querying databases, calling APIs, executing code. But tool selection is where many agent implementations fail. The agent might choose the wrong tool, call tools with incorrect parameters, or get stuck in loops trying tools that won’t work. This guide covers practical patterns for… Continue reading
LLM Fine-tuning Fundamentals: When, Why, and How to Customize Language Models
Introduction: Fine-tuning transforms a general-purpose LLM into a specialized model for your specific use case. While prompt engineering works for many applications, fine-tuning offers advantages when you need consistent formatting, domain-specific knowledge, or reduced latency from shorter prompts. This guide covers practical fine-tuning: when to fine-tune versus prompt engineer, preparing training data, running fine-tuning jobs… Continue reading
Prompt Versioning and Management: Bringing Software Engineering Rigor to LLM Development
Introduction: Prompts are code. They determine how your LLM application behaves, and like code, they need version control, testing, and deployment pipelines. Yet many teams treat prompts as afterthoughts—hardcoded strings scattered across the codebase, changed ad-hoc without tracking. This leads to regressions, inconsistent behavior, and difficulty understanding why outputs changed. This guide covers practical prompt… Continue reading
Multi-turn Conversation Design: Building Natural Dialogue Systems with LLMs
Introduction: Multi-turn conversations are where LLM applications become truly useful. Users don’t just ask single questions—they refine, follow up, reference previous context, and expect the assistant to remember what was discussed. Building effective multi-turn systems requires careful attention to context management, history compression, turn-taking logic, and graceful handling of topic changes. This guide covers practical… Continue reading