That Time The Team Created an Acronym Just for Me
“I’ll admit it: I’m an acronym addict. My colleagues have even created their own acronym for me – AHtGLA (Always Have to Google Lothar’s Acronyms).
OWASP Guide to Securing Agentic AI Applications: Best Practices for Trustworthy and Secure AI Systems
Discover how architectural choices can be a defense in securing agentic AI systems. This comprehensive guide explores OWASP’s latest “Securing Agentic Applications” paper, covering everything from Sequential and Hierarchical architectures to the 15 critical threat categories facing autonomous AI applications. Learn practical implementation strategies, universal security principles, and how to build trust into your agentic AI systems from the ground up.
Kiro vs GitHub Copilot: Which AI Coding Assistant Wins for React Development?
I tested Kiro’s structured, spec-driven development approach against GitHub Copilot’s rapid iteration style by building the same React quiz app with both tools. While Kiro excelled at upfront planning and task breakdown, its rigid methodology failed to produce working code. Copilot’s pragmatic approach with real-time feedback ultimately delivered a functional prototype. The key insight? Understanding when to use structured planning versus rapid prototyping can make or break your AI-assisted development workflow.
Kiro IDE Review: Spec-Driven AI Agent Development vs Traditional Coding Assistants
Kiro IDE review: An agentic development environment featuring spec-driven workflows, EARS requirements syntax, and advanced security controls. Discover Kiro’s autopilot vs supervised modes, trusted command configurations, and real-time change tracking. Essential reading for developers evaluating structured alternatives to prompt-based coding assistants.
Should Your Backend for Frontend (BFF) Consume Kafka Messages?
Dive into the discussion around integrating Kafka consumers within the Backend for Frontend (BFF) pattern. Learn when it’s a powerful tool for real-time UI updates and data projections, and critically, when business logic should remain separate for architectural health and scalability.
Flow Coding Security Analysis: Expert Personas for Rust Code Review
This analysis examines a multi-persona AI prompt technique applied to Rust development, testing its effectiveness on a protein translation exercise. While the approach successfully transformed imperative code into functional pipelines and improved error handling, it revealed critical limitations including AI hallucination risks and test compatibility issues. For security-conscious teams, the technique offers valuable code quality improvements when integrated with human oversight and comprehensive validation processes.
Let the Agents Vibe: Introducing Flow Coding
Introducing “flow coding”—a new multi-agent development approach where you orchestrate AI agents to collaborate on software projects. Unlike vibe coding’s human-AI partnership, flow coding enables AI-to-AI collaboration while you guide the creative process from above.
Google Gemini vs. Claude Sonnet 4: A Head-to-Head for Rapid AI Prototyping
Curious about the speed of AI app creation? I put Google Gemini’s “Create with Canvas” and Claude Sonnet 4 to the test, generating a “weird animals quiz.” Explore my findings on their “fast vibe coding” capabilities, aesthetic preferences, and the critical role of speed in prototyping.
Getting Started with Google Gemini CLI: Complete Setup Guide and Rust Testing Experience
Hands-on review of Google’s new Gemini CLI. Covers sandbox mode, auto-code generation and configuration options.
Skip the Code: How AI Prompts Now Handle Tech Due Diligence Better Than Custom Scripts
I built a Python solution in January for AI-powered supplier due diligence that required Jupyter notebooks and custom code. Now I’ve discovered something game-changing: modern AI systems like like Claude, ChatGPT, and Perplexity can handle complex tech assessments through simple prompts with zero technical setup. This post reveals the comprehensive prompt framework that delivers professional due diligence results without any coding, making AI-powered supplier assessments accessible to any CISO team.