Microsoft is officially deprecating the IntelliCode AI-assisted code completion extensions for the Visual Studio Code editor, and is recommending that C# developers use the GitHub Copilot Chat conversational AI assistant instead.

A Microsoft post on GitHub lists the following VS Code extensions as being deprecated: IntelliCode, IntelliCode Completions, IntelliCode for C# Dev Kit, and IntelliCode API Usage Examples. The company recommends that developers uninstall the IntelliCode for C# Dev Kit extension and continue using the built-in language server support from Roslyn or install GitHub Copilot Chat for advanced suggestions and inline completions. In the wake of the deprecations, developers will get the same language server-powered completion lists (IntelliSense) along with other language server features such as signature help, hover information, and syntax highlighting from the Roslyn .NET compiler platform in VS Code.

Bug fixes and support ends immediately for listed extensions, which will be marked as deprecated. Also, the deprecation specifically means that starred completions in the code completion lists, i.e. IntelliSense, will no longer be shown. Additionally, inline gray text suggestions will be removed and no new features will be added for listed extensions.

Eying its competition with Oracle in the Java space, Azul has acquired Payara, a provider of enterprise solutions for Jakarta EE Java-based applications and microservices for cloud-native and hybrid cloud deployments.

Announced December 10, the deal enables Java platform provider Azul to offer faster, more efficient, more secure, and more cost-effective deployments in the Java application stack, Azul said. The company said the combination of Azul and Payara addresses pressing challenges enterprises face today: accelerating application modernization, achieving cloud-native agility, and reducing dependencies on proprietary platforms. With an integrated offering, users are provided with a unified, enterprise-grade Java platform based on open-source that can support an organization’s full Java fleet – from business-critical applications to IoT, microservices, and modern Java frameworks, Azul said.

The acquisition marks a moment in enterprise Java innovation and builds on nearly eight years of collaboration between Azul and Payara, according to Azul. This collaboration between with the two began in 2018 with the introduction of Azul Platform Core embedded into Payara Server Enterprise. Payara adds engineering expertise and experience in Java Enterprise Edition, thus strengthening the Azul Java platform with complementary products and enhanced market reach, said Azul.

Last week at AWS re:Invent, amid many product announcements and cloud messages, AWS introduced AWS AI Factories. The press release emphasizes accelerating artificial intelligence development with Trainium, Nvidia GPUs, and reliable, secure infrastructure, all delivered with the ease, security, and sophistication you’ve come to expect from Amazon’s cloud. If you’re an enterprise leader with a budget and a mandate to “do more with AI,” the announcement is likely to prompt C-suite inquiries about deploying your own factory.

The reality warrants a more skeptical look. AWS AI Factories are certainly innovative, but as is so often the case with big public cloud initiatives, I find myself asking who this is actually for—and at what ultimate cost? The fanfare glosses over several critical realities that most enterprises simply cannot afford to ignore.

First, let’s get one uncomfortable truth out of the way: For many organizations, especially those beholden to strict regulatory environments or that require ultra-low latency, these “factories” are little more than half measures. They exist somewhere between true on-premises infrastructure and public cloud, offering AWS-managed AI in your own data center but putting you firmly inside AWS’s walled garden. For some, that’s enough. For most, it creates more headaches than it solves.

Innovative but also expensive

AWS AI Factories promise to bring cutting-edge AI hardware and foundation model access to your own facilities, presumably addressing concerns around data residency and sovereignty. But as always, the devil is in the details. AWS delivers and manages the infrastructure, but you provide the real estate and power. You get Bedrock and SageMaker, you bypass the procurement maze, and, in theory, you enjoy the operational excellence of AWS’s cloud—homegrown, in your own data center.

Here’s where theory and practice diverge. For customers that need to keep AI workloads and data truly local, whether for latency, compliance, or even corporate paranoia, this architecture is hardly a panacea. There’s always an implicit complexity to hybrid solutions, especially when a third party controls the automation, orchestration, and cloud-native features. Instead of true architectural independence, you’re just extending your AWS dependency into your basement.

What about cost? AWS has not formally disclosed and almost certainly will not publish a simple pricing page. My experience tells me the price tag will come in at two to three (or more) times the cost of a private cloud or on-premises AI solution. That’s before you start factoring in the inevitable customizations, integration projects, and ongoing operational bills that public cloud providers are famous for. While AWS promises faster time to market, that acceleration comes at a premium that few enterprises can ignore in this economy.

Let’s also talk about lock-in, a subject that hardly gets the attention it deserves. With each layer of native AWS AI service you adopt—the glue that connects your data to their foundation models, management tools, and development APIs—you’re building business logic and workflows on AWS terms. It’s easy to get in and nearly impossible to get out. Most of my clients now find themselves married to AWS (or another hyperscaler) not because it’s always the best technology, but because the migrations that started five, eight, or ten years ago created a dependency web too expensive or disruptive to untangle. The prospect of “divorcing” the public cloud, as it’s been described to me, is unthinkable, so they stay and pay the rising bills.

What to do instead

My advice for most enterprises contemplating an AI Factories solution is simple: Pass. Don’t let re:Invent theatrics distract you from the basics of building workable, sustainable AI. The hard truth is that you’re likely better off building your own path with a do-it-yourself approach: choosing your own hardware, storage, and frameworks, and integrating only those public cloud services that add demonstrable value. Over the long term, you control your stack, you set your price envelope, and you retain the flexibility to pivot as the industry changes.

So, what’s the first step on an enterprise AI journey? Start by honestly assessing your actual AI requirements in depth. Ask what data you really need to stay local, what latency targets are dictated by your business, and what compliance obligations you must meet. Don’t let the promise of turnkey solutions lure you into misjudging these needs or taking on unnecessary risk.

Second, develop a strategy that guides AI use for the next five to ten years. Too often, I see organizations jump on the latest AI trends without a clear plan for how these capabilities should develop alongside business goals and technical debt. By creating a strategy that includes both short-term successes and long-term adaptability, it’s much less likely you’ll be trapped in costly or unsuitable solutions.

Finally, look at every vendor and every architectural choice through the lens of total cost of ownership. AWS AI Factories will likely be priced at a premium that’s hard to justify unless you’re absolutely desperate for AWS integration in your own data center. Consider hardware life-cycle costs, operational staffing, migration, vendor lock-in, and, above all, the costs associated with switching down the line if your needs or your vendor relationships change. Price out all the paths, not just the shiny new one a vendor wants to sell you.

The future has a bottom line

AWS AI Factories introduce a new twist to the cloud conversation, but for most real enterprise needs, it’s not the breakthrough the headlines suggest. Cloud solutions, especially those managed by your cloud provider in your own house, may be easy in the short term. However, that ease is always expensive, always anchored to long-term lock-in, and ultimately much more complex to unwind than most leaders anticipate.

The winners in the next phase of enterprise AI will be those who chart their own course, building for flexibility, cost-efficiency, and independence regardless of what’s splashed across the keynote slides. DIY is harder at the outset, but it’s the only way to guarantee you’ll hold the keys to your future rather than handing them over to someone else—no matter how many accelerators are in the rack.

AI agents combine language and reasoning models with the ability to take action through automations and APIs. Agent-to-agent protocols like the Model Context Protocol (MCP) enable integrations, making each agent discoverable and capable of orchestrating more complex operations.

Many organizations will first experiment with AI agents embedded in their SaaS applications. AI agents in HR can assist recruiters with the hiring process, while AI agents in operations address complex supply-chain issues. AI agents are also transforming the future of work by taking notes, scheduling meetings, and capturing tasks in workflow tools.

Innovative companies are taking the next steps and developing AI agents. These agents will augment proprietary workflows, support industry-specific types of work, and will be integrated into customer experiences. To develop these AI agents, organizations must consider the development principles, architecture, non-functional requirements, and testing methodologies that will guide AI agent rollouts. These steps are essential before deploying experiments or promoting AI agents into production.

Rapidly deploying AI agents poses operational and security risks, prompting IT leaders to consider a new set of agentic operations practices. agenticops will extend devops practices and IT service management functions to secure, observe, monitor, and respond to AI agent incidents.

What is agenticops?

Agenticops builds on several existing IT operational capabilities:

• AIops emerged several years ago to address the problem of having too many independent monitoring tools. AIops platforms centralize logfiles and other observability data, then apply machine learning to correlate alerts into manageable incidents.
• Modelops emerged as a separate capability to monitor machine learning models in production for model drift and other operational issues.
• Combining platform engineering, automating IT processes, and using genAI in IT operations helps IT teams improve collaboration and resolve incidents efficiently.

Agenticops must also support the operational needs unique to managing AI agents while providing IT with new AI capabilities.

DJ Sampath, SVP of the AI software and platform group at Cisco, notes that there are “three core requirements of agenticops”:

• Centralizing data from across multiple operational silos together
• Supporting collaboration between humans and AI agents
• Leveraging purpose-built AI language models that understand networks, infrastructure, and applications

“AI agents with advanced models can help network, system, and security engineers configure networks, understand logs, run queries, and address issue root causes more efficiently and effectively,” he says.

These requirements address the distinct challenges involved with managing AI agents versus applications, web services, and AI models.

“AI agents in production need a different playbook because, unlike traditional apps, their outputs vary, so teams must track outcomes like containment, cost per action, and escalation rates, not just uptime,” says Rajeev Butani, chairman and CEO of MediaMint. “The real test is not avoiding incidents but proving agents deliver reliable, repeatable outcomes at scale.”

Here are five agenticops practices IT teams can begin to integrate now, as they begin to develop and deploy more AI agents in production.

1. Establish AI agent identities and security profiles

What data and APIs are agents empowered to access? A recommended practice is to provision AI agents the same way we do humans, with identities, authorizations, and entitlements using platforms like Microsoft Entra ID, Okta, Oracle Identity and Access Management, or other IAM (identity and access management) platforms.

“Because AI agents adapt and learn, they need strong cryptographic identities, and digital certificates make it possible to revoke access instantly if an agent is compromised or goes rogue,” says Jason Sabin, CTO of DigiCert. Securing agent identities in this manner, similar to machine identities, ensures digital trust and accountability across the security architecture.”

Recommendation: Architects, devops engineers, and security leaders should collaborate on standards for IAM and digital certificates for the initial rollout of AI agents. But expect capabilities to evolve, especially as the number of AI agents scales. As the agent workforce grows, specialized tools and configurations may be needed.

2. Extend platform engineering, observability, and monitoring for AI agents

As a hybrid of application, data pipelines, AI models, integrations, and APIs, AI agents require combining and extending existing devops practices. For example, platform engineering practices will need to consider unstructured data pipelines, MCP integrations, and feedback loops for AI models.

“Platform teams will play an instrumental role in moving AI agents from pilots into production,” says Christian Posta, Global Field CTO of Solo.io. “That means evolving platform engineering to be context aware, not just of infrastructure, but of the stateful prompts, decisions, and data flows that agents and LLMs rely on. Organizations get observability, security, and governance without slowing down the self-service innovation AI teams need.”

Similarly, observability and monitoring tools will need to help diagnose more than uptime, reliability, errors, and performance.

“AI agents require multi-layered monitoring, including performance metrics, decision logging, and behavior tracking,” says Federico Larsen, CTO of Copado. “Conducting proactive anomaly detection using machine learning can identify when agents deviate from expected patterns before business impact occurs. You should also establish clear escalation paths when AI agents make unexpected decisions, with human-in-the-loop override capabilities.”

Observability, monitoring, and incident management platforms with capabilities supporting AI agents as of this writing include BigPanda, Cisco AI Canvas, Datadog LLM observability, and SolarWinds AI Agent.

Recommendation: Devops teams will need to define the minimally required configurations and standards for platform engineering, observability, and monitoring for the first AI agents deployed to production. Then, teams should monitor their vendor capabilities and review new tools as AI agent development becomes mainstream.

3. Upgrade incident management and root cause analysis

Site reliability engineers (SREs) often struggle to find root causes for application and data pipeline issues. With AI agents, they will face significantly greater challenges.

When an AI agent hallucinates, provides an incorrect response, or automates improper actions, SREs and IT operations must respond and resolve issues. They will need to trace the agent’s data sources, models, reasoning, empowerments, and business rules to identify root causes.

“Traditional observability falls short because it only tracks success or failure, and with AI agents, you need to understand the reasoning pathway—which data the agent used, which models influenced it, and what rules shaped its output,” says Kurt Muehmel, head of AI strategy at Dataiku. “Incident management becomes inspection, and root cause isn’t just, “the agent crashed,” it’s “the agent used stale data because the upstream model hadn’t refreshed.” Enterprises need tools that inspect decision provenance and tune orchestration—getting under the hood, not just asking what went wrong.”

Andy Sen, CTO of AppDirect, recommends repurposing real-time monitoring tools and utilizing logging and performance metrics to track AI agents’ behavior. “When incidents occur, keep existing procedures for root cause analysis and post-incident reviews, and provide this data to the agent as feedback for continuous improvement. This integrated approach to observability, incident management, and user support not only enhances the performance of AI agents but also ensures a secure and efficient operational environment.”

Recommendation: Select tools and train SREs on the concepts of data lineage, provenance, and data quality. These areas will be critical to up-skilling IT operations to support incident and problem management related to AI agents.

4. Track KPIs on model accuracy, drift, and costs

Most devops organizations look well beyond uptime and system performance metrics to gauge an application’s reliability. SREs manage error budgets to drive application improvements and reduce technical debt.

Standard SRE practices of understanding business impacts and tracking subtle errors become more critical when tracking AI agents. Experts identified three areas where new KPIs and metrics may be needed to track an AI agent’s behaviors and end-user benefits continuously:

• Craig Wiley, senior director of product for AI/ML at Databricks, says, “Defining KPIs can help you establish a proper monitoring system. For example, accuracy must be higher than 95%, which can then trigger alert mechanisms, providing your organization with a centralized visibility and response system.”
• Jacob Leverich, co-founder and CPO of Observe, Inc., says, “With AI agents, teams may find themselves taking a heavy dependency on model providers, so it becomes critical to monitor token usage and understand how to optimize costs associated with the use of LLMs.”
• Ryan Peterson, EVP and CPO at Concentrix, says, “Data readiness isn’t a one-time check; it requires continuous audits for freshness and accuracy, bias testing, and alignment to brand voice. Metrics like knowledge base coverage, update frequency, and error rates are the real tests of AI-ready data.”

Recommendation: Leaders should define a holistic model of operational metrics for AI agents, which can be implemented using third-party agents from SaaS vendors and proprietary ones developed in-house.

5. Capture user feedback to measure AI agent usefulness

Devops and ITops sometimes overlook the importance of tracking customer and employee satisfaction. Leaving the review of end-user metrics and feedback to product management and stakeholders is shortsighted, even in the application domain. Such review becomes a more critical discipline when supporting AI agents.;

“Managing AI agents in production starts with visibility into how they operate and what outcomes they drive,” says Saurabh Sodani, chief development officer at Pendo. “We think about connecting agent behavior to the user experience and not just about whether an agent responds, but whether it actually helps someone complete a task, resolve an issue, or move through a workflow, all the while being compliant. That level of insight is what allows teams to monitor performance, respond to issues, and continuously improve how agents support users in interactive, autonomous, and asynchronous modes.”

Recommendation: User feedback is essential operational data that shouldn’t be left out of scope in AIops and incident management. This data not only helps to resolve issues with AI agents, but is critical for feeding back into AI agent language and reasoning models.

Conclusion

As more organizations develop and experiment with AI agents, IT operations will need the tools and practices to manage them in production. IT teams should start now by tracking end-user impacts and business outcomes, then work deeper into tracking the agent’s performance in recommending decisions and providing responses. Focusing only on system-level metrics is insufficient when monitoring and resolving issues with AI agents.

AI agents must be able to cooperate, coordinate, and execute across large contexts and long time periods, and this, says Nvidia, demands a new type of infrastructure, one that is open.

The company says it has the answer with its new Nemotron 3 family of open models.

Developers and engineers can use the new models to create domain-specific AI agents or applications without having to build a foundation model from scratch. Nvidia is also releasing most of its training data and its reinforcement learning (RL) libraries for use by anyone looking to build AI agents.

[ Related: More Nvidia news and insights ]

“This is Nvidia’s response to DeepSeek disrupting the AI market,” said Wyatt Mayham of Northwest AI Consulting. “They’re offering a ‘business-ready’ open alternative with enterprise support and hardware optimization.”

Introducing Nemotron 3 Nano, Super, and Ultra

Nemotron 3 features what Nvidia calls a “breakthrough hybrid latent mixture-of-experts (MoE) architecture”. The model comes in three sizes:

• Nano: The smallest and most “compute-cost-efficient,” intended for targeted, highly-efficient tasks like quick information retrieval, software debugging, content summarization, and AI assistant workflows. The 30-billion-parameter model activates 3 billion parameters at a time for speed and has a 1-million-token context window, allowing it to remember and connect information over multi-step tasks.
• Super: An advanced, high-accuracy reasoning model with roughly 100 billion parameters, up to 10 billion of which are active per token. It is intended for applications that require many collaborating agents to tackle complex tasks, such as deep research and strategy planning, with low latency.
• Ultra: A large reasoning engine intended for complex AI applications. It has 500 billion parameters, with up to 50 billion active per token.

Nemotron 3 Nano is now available on Hugging Face and through other inference service providers and enterprise AI and data infrastructure platforms. It will soon be made available on AWS via Amazon Bedrock and will be supported on Google Cloud, CoreWeave, Microsoft Foundry, and other public infrastructures. It is also offered as a pre-built Nvidia NIM microservice.

Nemotron 3 Super and Ultra are expected to be available in the first half of 2026.

Positioned as an infrastructure layer

The strategic positioning here is fundamentally different from that of the API providers, experts note.

“Nvidia isn’t trying to compete with OpenAI or Anthropic’s hosted services — they’re positioning themselves as the infrastructure layer for enterprises that want to build and own their own AI agents,” said Mayham.

Brian Jackson, principal research director at Info-Tech Research Group, agreed that the Nemotron models aren’t intended as a ready-baked product. “They are more like a meal kit that a developer can start working with,” he said, “and make desired modifications along the way to get the exact flavor they want.”

Hybrid architecture enhances performance

So far, Nemotron 3 seems to be exhibiting impressive gains in efficiency and performance; according to third-party benchmarking company Artificial Analysis, Nano is the most efficient among those of its size, and leads in accuracy.

Nvidia says Nano’s hybrid Mamba-Transformer MoE architecture, which integrates three architectures into a single backbone, supports this efficiency. Mamba layers offer efficient sequence modeling, transformer layers provide precision reasoning, and MoE routing gives scalable compute efficiency. The company says this design delivers a 4X higher token throughput compared to Nemotron 2 Nano while reducing reasoning-token generation by up to 60%.

“Throughput is the critical metric for agentic AI,” said Mayham. “When you’re orchestrating dozens of concurrent agents, inference costs scale dramatically. Higher throughput means lower cost per token and more responsive real-time agent behavior.”

The 60% reduction in reasoning-token generation addresses the “verbosity problem,” where chain-of-thought (CoT) models generate excessive internal reasoning before producing useful output, he noted. “For developers building multi-agent systems, this translates directly to lower latency and reduced compute costs.”

The upcoming Nemotron 3 Super, Nvidia says, excels at applications that require many collaborating agents to achieve complex tasks with low latency, while Nemotron 3 Ultra will serve as an advanced reasoning engine for AI workflows that demand deep research and strategic planning.

Mayham explained that these as-yet-unreleased models feature latent MoE, which projects tokens into a smaller, latent, dimension before expert routing, “theoretically” enabling 4X more experts at the same inference cost because it reduces communication overhead between GPUs.

The hybrid architecture behind Nemotron 3 that combines Mamba-2 layers, sparse transformers, and MoE routing is “genuinely novel in its combination,” Mayham said, although each technique exists individually elsewhere.

Ultimately, Nemotron pricing is “attractive,” he said; open weights are free to download and run locally. Third-party API pricing on DeepInfra starts at $0.06/million input tokens for Nemotron 3 Nano, which is “significantly cheaper” than GPT-4o, he noted.

Differentiator is openness

To underscore its commitment to open source, Nvidia is revealing some of Nemotron 3’s inner workings, releasing a dataset with real-world telemetry for safety evaluations, and 3 trillion tokens of Nemotron 3’s pretraining, post-training, and RL datasets.

In addition, Nvidia is open-sourcing its NeMo Gym and NeMo RL libraries, which provide Nemotron 3’s training environments and post-training foundation, and NeMo Evaluator, to help builders validate model safety and performance. All are now available on GitHub and Hugging Face. Of these, Mayham noted, NeMo Gym might be the most “strategically significant” piece of this release.

Pre-training teaches models to predict tokens, not to complete domain-specific tasks, and traditional RL from human feedback (RLHF) doesn’t scale for complex agentic behaviors, Mayham explained. NeMo Gym enables RL with verifiable rewards — essentially computational verification of task completion rather than subjective human ratings. That is, did the code pass tests? Is the math correct? Were the tools called properly?

This gives developers building domain-specific agents the infrastructure to train models on their own workflows without having to understand the full RL training loop.

“The idea is that NeMo Gym will speed up the setup and execution of RL jobs for models,” explained Jason Andersen, VP and principal analyst with Moor Insights & Strategy. “The important distinction is NeMo Gym decouples the RL environment from the training itself, so it can easily set up and create multiple training instances (or ‘gyms’).”

Mayham called this “unprecedented openness” the real differentiator of the Nemotron 3 release. “No major competitor offers that level of completeness,” he said. “For enterprises, this means full control over customization, on premises deployment, and cost optimization that closed providers simply can’t match.”

But there is a tradeoff in capability, Mayham pointed out: Claude and GPT-4o still outperform Nemotron 3 on specialized tasks like coding benchmarks. However, Nemotron 3 seems to be targeting a different buyer: Enterprises that need deployment flexibility and don’t want vendor lock-in.

“The value proposition for enterprises isn’t raw capability, it’s the combination of open weights, training data, deployment flexibility, and Nvidia ecosystem integration that closed providers can’t match,” he said.

More Nvidia news:

1. HPE loads up AI networking portfolio, strengthens Nvidia, AMD partnerships
2. Nvidia’s $2B Synopsys stake tests independence of open AI interconnect standard
3. Nvidia chips sold out? Cut back on AI plans, or look elsewhere
4. Nvidia’s first exascale system is the 4th fastest supercomputer in the world
5. Nvidia highlights considerable science-based supercomputing efforts
6. Nvidia’s first exascale system is the 4th fastest supercomputer in the world
7. Nvidia touts next-gen quantum computing interconnects
8. Nvidia highlights considerable science-based supercomputing efforts
9. Next-generation HPE supercomputer offers a mix of Nvidia and AMD silicon
10. Cisco, Nvidia strengthen AI ties with new data center switch, reference architectures

It is becoming increasingly difficult to separate the signal from the noise in the world of artificial intelligence. Every day brings a new benchmark, a new “state-of-the-art” model, or a new claim that yesterday’s architecture is obsolete. For developers tasked with building their first AI application, particularly within a larger enterprise, the sheer volume of announcements creates a paralysis of choice.

The rankings won’t help. They change too often. In just the past week we got a new model from Mistral, a massive update from Google, and an open-weights contender that claims to beat GPT-4o on coding benchmarks. What are you supposed to do? Wait because if you build on today’s (yesterday’s) model you’ll be shipping legacy code before you even push to production? What if you have a more fundamental concern, i.e., that if you’re not yet building fully autonomous agentic systems that plan, reason, and execute complex workflows, you must already be way behind?

Stop that nonsense. You’re not.

The reality of enterprise AI has almost nothing to do with the winner of this week’s “chatbot arena.” It has everything to do with the unglamorous, boring work of data engineering, governance, and integration. We are leaving AI’s phase of magical thinking and entering the phase of industrialization. The challenge isn’t picking the smartest model. It is building a system that can survive the inanity of the real world.

Here are some suggestions on how to approach building that first app.

It’s a trap!

It is easy to get caught up in the “Leaderboard Illusion.” You see a model score 1% higher on a math benchmark and assume it is the only viable choice. Simon Willison calls this “vibes-based evaluation.” It is a decent proxy for which chatbot feels “smart” in a casual conversation, but it is a terrible proxy for your production workload. We need to stop looking at AI through the lens of 1990s software wars where one platform takes all.

Model weights are becoming undifferentiated heavy lifting, the boring infrastructure that everyone needs but no one wants to manage. Whether you use Anthropic, OpenAI, or an open weights model like Llama, you are getting a level of intelligence that is good enough for 90% of enterprise tasks. The differences are marginal for a first version. The “best” model is usually just the one you can actually access securely and reliably.

Andrew Ng, who has seen more AI cycles than almost anyone, recently offered this astute (if unremarkable) bit of advice: “Worry much more about building something valuable.” Seems obvious but too often isn’t. Ng argues that the application layer is where the real value sits, not the model layer. If you build a tool that solves a genuine business problem, such as automatically reconciling invoices or summarizing legal briefs, no one (including you!) will care if the underlying model is ranked first or third on a leaderboard.

The physics of AI are fundamentally different from traditional software. In the open source world, we are used to code being the asset. In the AI world, the model is a transient commodity. The asset is your data and how you feed it to that commodity model.

Think like a database

Of course, once you’ve picked a model, the temptation is to immediately build an “agent” because, well, who doesn’t want the kudos for designing an AI agent that can browse the web, query databases, and make decisions? I suggest caution. You likely aren’t ready for agents. Not because the AI isn’t smart enough, and not even because you may not have much AI experience yet.

No, the primary problem is your data isn’t clean enough.

As I noted recently, AI memory is really a database problem. If you strip an agent of its memory, it is nothing more than a very expensive random number generator. Agents operate at machine speed with human data. If that data is messy, unstructured, or ungoverned, your agent will be confidently wrong at scale.

Most enterprises are still trying to figure out where their data lives, let alone how to expose it to a large language model. We tend to treat memory in AI as a magical context window. It isn’t. It’s a database. It needs the same rigor we apply to transaction logs, including schemas, access controls, and firewalls that prevent the AI from hallucinating facts or leaking sensitive info to the wrong user.

If you are designing your first AI system, start with the memory layer. Decide what the AI is allowed to know, where that knowledge lives, and how it is updated. Then, and only then, worry about the prompt. Oh, and what should you think about first? Inference.

Start with inference

We used to obsess over the massive cost of training models. But for the enterprise, that is largely irrelevant. AI is all about inference now, or the application of knowledge to power applications. In other words, AI will become truly useful within the enterprise as we apply models to governed enterprise data. The best place to build up your AI muscle isn’t with some moonshot agentic system. It’s a simple retrieval-augmented generation (RAG) pipeline.

What does this mean in practice? Find a corpus of boring, messy documents, such as HR policies, technical documentation, or customer support logs, and build a system that allows a user to ask a question and get an answer based only on that data. This forces you to solve the hard problems that actually build a moat for your company. Some examples:

• Data ingestion: How do you chunk and index your PDFs so the model understands them?
• Governance: How do you ensure the model doesn’t answer questions the user isn’t authorized to ask?
• Latency: How do you make it fast enough that people actually use it?

You may think this is boring work. But as Andrej Karpathy has pointed out, LLMs are effectively the kernel of a new operating system. You don’t interact with the kernel directly. You build user-space applications on top of it. Your job is to build that user space, which includes the UI, the logic, and the data plumbing.

Create a golden path

If you are in a platform engineering role, your instinct might be to lock this down. You want to pick one model, one API, and force every developer to use it. This is a mistake. Platform teams should not act as the “Department of No.” When you build gates, developers just route around them using their personal credit cards and unmonitored APIs.

Instead, build a “golden path.” Create a set of composable services and guardrails that make the right way to build AI apps also the easiest way. Standardize on an interface, like the OpenAI-compatible API format supported by many providers, including vLLM, so you can swap the back-end model later if the leaderboard changes. For now, pick one that is fast, compliant, and available. Then move on.

The goal is to channel developer velocity, not stifle it. Give them a safe sandbox where the data governance is baked in so they can experiment without doing serious damage.

When you build your first application, design it to keep the human in the loop. Don’t try to automate the entire process. Use the AI to generate the first draft of a report or the first pass at a SQL query, and then force a human to review and execute it. This mitigates the risk of hallucinations and ensures you are augmenting human intelligence rather than replacing it with robot drivel.

Still, if you aren’t watching the public rankings, how do you know if your model is good enough? You don’t guess. You test.

OpenAI and Anthropic both emphasize “eval-driven development,” but you don’t need a complex framework to start. You just need 50 to 100 real examples of what you want the model to do—specific questions with the correct answers—and a script to run them. Whenever some new model drops that promises to take the leaderboard to new heights, just run your 50 examples against it. If it solves your specific problems faster or cheaper than what you have, switch. If not, ignore it. Your own leaderboard is the only one that matters.

Be boring

In short, focus on your data. Focus on your governance. Focus on solving a boring problem for a specific user in your company who is drowning in documentation or repetitive tasks. Ignore the leaderboards. They are vanity metrics for researchers.

As I have said before, the AI era will be won by whoever makes intelligence on top of governed data cheap, easy, and safe. It might not get you a viral thread on X, but it will get you an application that actually survives in the enterprise.

InfoWorld celebrates the year’s best products

From AI-powered coding assistants to real-time analytics engines, the software stack is undergoing its biggest shakeup in decades. Generative AI (genAI) and agentic AI tools are redefining how code is written, tested, and deployed — even as experts debate the true productivity gains they facilitate. Data management is converging around unified lakehouse architectures, the Apache Iceberg table format, and streaming technologies such as Apache Kafka, bridging the gap between raw data and actionable insight. On virtually every front, from application programming interface (API) development to cloud security, new platforms promise automated intelligence and tighter governance, signaling a new era in which innovation and control must evolve in tandem.

Examples of this innovative era are prominent among the 99 finalists and 35 winners of InfoWorld’s 2025 Technology of the Year Awards.

The InfoWorld Technology of the Year Awards recognize the best and most innovative products in AI, APIs, applications, business intelligence (BI), cloud, data management, devops, and software development. Read on to meet our finalists and winners.

Award categories

AI

• AI and machine learning: Applications
• AI and machine learning: Governance
• AI and machine learning: Infrastructure
• AI and machine learning: MLOps
• AI and machine learning: Models
• AI and machine learning: Platforms
• AI and machine learning: Security
• AI and machine learning: Tools

APIs

• API development
• API management
• API security

Applications

• Application management
• Application networking
• Application security

Business intelligence

• Business intelligence and analytics

Cloud

• Cloud backup and disaster recovery
• Cloud compliance and governance
• Cloud cost management
• Cloud security

Data management

• Data management: Databases
• Data management: Governance
• Data management: Integration
• Data management: Pipelines
• Data management: Security
• Data management: Streaming

Devops

• Devops: Analytics
• Devops: Automation
• Devops: CI/CD
• Devops: Code quality
• Devops: Observability
• Devops: Productivity

Software development

• Software development: Platforms
• Software development: Security
• Software development: Testing
• Software development: Tools

AI and machine learning: Applications

Winner

• Mirror, Whatfix

Finalists

• Solve(X), GoExceed
• HP AI Companion, HP
• Fascia PROMIS, PROLIM
• Mirror, Whatfix

From the winner

Mirror is a genAI simulation training platform that empowers teams with hands-on experience in safe, immersive, and hyper-realistic environments. Designed for companies that need to scale training across tools, workflows, and customer-facing interactions, Mirror combines interactive application simulations with AI-driven conversational role play to deliver a complete training experience. Employees can practice real-life scenarios, navigate systems, respond to simulated conversations, and make decisions, all without the risk of live system exposure. Mirror addresses key limitations of traditional simulation training that slow down learning and reduce its real-world impact.

From the judges

“Really interesting use case and tech/AI implementation. What makes Mirror truly innovative is its ability to replicate any web application without the need for costly, fragile sandbox environments.”

AI and machine learning: Governance

Winner

• AI Policy Suite, Pacific AI

Finalists

• AI Policy Suite, Pacific AI
• CTGT Platform, CTGT

From the winner

Pacific AI’s AI Policy Suite is a free, comprehensive, and continuously updated framework designed to simplify AI compliance. It translates complex legal and regulatory requirements — spanning 150+ domestic and international AI-related laws, regulations, and standards, including the EU AI Act, as well as frameworks such as NIST and ISO — into clear, actionable policies. Organizations gain access to a single, centralized policy suite that deduplicates overlapping rules, streamlines governance, and lowers compliance overhead. The suite now includes an AI Incident Reporting Policy to help companies align with more than 100 U.S. laws and industry standards and manage operational and regulatory risk.

From the judges

“Pacific AI’s AI Policy Suite is highly relevant and should have a big impact on small businesses to help them navigate legal challenges.”

AI and machine learning: Infrastructure

Winner

• Cloudera AI Inference, Cloudera

Finalists

• Compute Orchestration, Clarifai
• Cloudera AI Inference, Cloudera
• Inworld Runtime, Inworld AI
• AIStor, MinIO

From the winner

Cloudera AI Inference service, accelerated by NVIDIA, is one of the industry’s first AI inference services to provide embedded NVIDIA NIM [NVIDIA Inference Microservices] microservice capabilities. With the latest update, Cloudera brings its ability to streamline the deployment and management of large-scale AI models to the data center, behind an organization’s firewall, for maximum security. Features like auto-scaling, canary rollouts, and real-time performance tracking ensure resilient, efficient operations. By uniting performance acceleration, security, and governance in a single solution, Cloudera AI Inference enables enterprises to deploy trusted AI solutions quickly and confidently.

From the judges

“Cloudera’s AI Inference service is technically strong, built on NVIDIA GPU acceleration and deployment options that offer great service along with flexibility. What particularly stands out is governance and security, which is critical for enterprise adoption. Overall, it combines solid engineering with practical business impact.”

AI and machine learning: MLOps

Winner

• JFrog ML, JFrog

Finalists

• JFrog ML, JFrog
• Runloop Platform, Runloop

From the winner

JFrog ML is an enterprise-grade MLOps solution integrated into the JFrog Software Supply Chain Platform, designed to streamline the development, deployment, and security of machine learning [ML] models alongside traditional software components. It equips data scientists, ML engineers, and AI developers with an end-to-end system to build, train, secure, deploy, manage, and monitor both classic ML models and genAI/LLM [large language model] workflows — all within a single trusted interface.

With seamless integration across AWS, GCP, and hybrid clouds as well as an out-of-the-box feature store that supports LLMOps [large language model operations], prompt management, batch and real-time deployment, JFrog ML shortens time to production while ensuring compliance and reducing tool chain complexity.

From the judges

“JFrog ML is a strong technical product as it offers a complete platform for managing the ML life cycle with amazing features like model registry, feature store, deployment, and security built in. Overall, this product is technically complete, enterprise-ready, and well positioned to drive adoption at scale.”

AI and machine learning: Models

Winner

• Medical LLMs, John Snow Labs

Finalists

• Medical LLMs, John Snow Labs
• voyage-context-3, Voyage AI by MongoDB

From the winner

John Snow Labs has developed a suite of Medical LLMs purpose-built for clinical, biomedical, and life sciences applications. John Snow Labs’ models are designed to deliver best-in-class performance across a wide range of medical tasks — from clinical reasoning and diagnostics to medical research comprehension and genetic analysis. The software has been validated by peer-reviewed papers to deliver state-of-the-art accuracy on a variety of medical language understanding tasks and is designed to meet the security and compliance needs unique to the healthcare industry. The LLMs’ modular architecture and plug-and-play design allow seamless integration across healthcare systems, providers, payers, and pharmaceutical environments.

From the judges

“John Snow Labs Medical LLMs are advanced domain-specific models with large context windows, multimodal capabilities and benchmark results that show strong performance. They address privacy and compliance requirements, which is critical. The technology seems robust, and the focus on domain specialization is highly innovative.”

AI and machine learning: Platforms

Winner

• Eureka AI Platform, SymphonyAI

Finalists

• Airia Platform, Airia
• Cognite Atlas AI, Cognite
• Generate Enterprise, Iterate.ai
• Eureka AI Platform, SymphonyAI

From the winner

Eureka AI is SymphonyAI’s vertical-first enterprise AI platform, purpose-built for Retail, Financial Services, Industrial, and Enterprise IT. Rather than offering a generic toolkit, Eureka AI comes pretrained with industry-specific models, knowledge graphs, and workflows — drawn from decades of domain expertise — so customers realize measurable ROI from day 1.

The platform powers specialized applications such as CINDE for retail analytics, Sensa AI for financial crime prevention, IRIS Foundry for manufacturing optimization, and APEX for IT operations automation. These applications share a common, secure core, enabling innovations developed in one vertical to rapidly benefit others.

From the judges

“The Eureka AI Platform brings AI to many companies, because it is tailored to different vertical industries. This is a highly practical approach to AI in the enterprise that will deliver significant value by saving implementation time.”

AI and machine learning: Security

Winner

• Vibe Coding Security, Backslash Security

Finalists

• Vibe Coding Security, Backslash Security
• AI Gatekeeper, Operant AI
• Pangea AI Detection and Response, Pangea

From the winner

Vibe coding and AI-assisted software development are being adopted at breakneck speeds, creating significant these risks in the software supply chain and IT environments of many organizations. Backslash provides a comprehensive solution for new risks, addressing three key areas: visibility into the use of AI and vibe coding tools by developers; governance and security of the stack used for vibe coding; and the security of the code created using AI, ensuring prompts given for code generation include the right instructions to avoid creating vulnerabilities and exposures.

Backslash combines its App Graph technology, which maps all connections and dependencies within the application, with purpose-built IDE [integrated development environment] extensions, MCP [Model Context Protocol] server, and gateway to provide comprehensive coverage for the AI coding infrastructure and AI code-generation process.

From the judges

“Vibe Coding Security is differentiated and uniquely placed. Ensuring the focus remains on vulnerability identification and mitigation from the start of development is a great enabler, drastically reducing the pain on the software development life cycle using vibe coding.”

AI and machine learning: Tools

Winner

• Bloomfire Platform, Bloomfire

Finalists

• neuralSPOT, Ambiq Micro
• Bloomfire Platform, Bloomfire

From the winner

Bloomfire is an AI-powered knowledge platform that turns scattered files, chats, and tacit know-how into a governed “truth layer” your teams can trust. Ask AI delivers plain-language answers with clickable citations, so people can verify the source in a second. Our self-healing knowledge base continuously detects redun- dant, outdated, or trivial content and auto-routes refresh or archival, keeping your RAG [retrieval-augmented generation] inputs clean and your answers current. For IT and data leaders, Bloomfire operationalizes trustworthy retrieval, governance, and measurement [with] role-based permissions, audit trails, SOC 2 Type II security, usage analytics to expose gaps, and automated prompts that enlist subject matter experts to close them.

From the judges

“Bloomfire takes a fresh approach to knowledge management and search, combining the power of AI and extensive integrations to inject relevant, up-to-date information, including citations, into enterprise workflows.”

API development

Winner

• Postman API Platform, Postman

Finalist

• Postman API Platform, Postman

From the winner

Postman is a collaborative end-to-end platform for build ing and managing APIs. Its foundation is the collection — a structured container of API requests, test scripts, and documentation that developers can version, chain, and automate. Collections run within workspaces, which enable real-time collaboration across teams and external partners.

Postman’s Agent Mode, an AI assistant embedded in the platform, enables developers to describe what they want in natural language, and then Agent Mode turns that into tests, documentation, monitors, and more. By supporting both developers and autonomous agents, Postman delivers unmatched visibility, governance, and scale.

From the judges

“Postman API platform is a well-designed, very comprehensive solution for API development, testing, operationalization, and governance, with end-to-end functionality that is unrivaled.”

API management

Winner

• Kong Konnect, Kong

Finalists

• Kong Konnect, Kong
• Swagger, SmartBear

From the winner

Kong Konnect is a unified platform that enables organizations to securely build, run, discover, and govern APIs, AI workflows, and event streams. It uses a global control plane with distributed runtimes, such as Kong API Gateway, that can be deployed in any environment.

Users define policies, services, and governance rules in the Konnect platform, which can then be applied globally or selectively across all connected runtimes. Kong Konnect has specialized runtimes for different use cases such as the API Gateway for proxying traditional APIs such as REST and SOAP. With Konnect, customers see [shorter] time-to- market, stronger security, and reduced costs through platform consolidation.

From the judges

“Kong Konnect goes beyond traditional API management to include AI/event scenarios. A single control plane to control APIs, microservices, events, and AI is very valuable.”

API security

Winner

• Harness Cloud Web Application and API Protection, Harness

Finalist

• Harness Cloud Web Application and API Protection, Harness

From the winner

With Harness’s Cloud Web Application and API Protection (WAAP), enterprises get end-to-end API security without slowing development. It eliminates blind spots, stops advanced attacks in real time, and plugs directly into CI/CD [continuous integration and continuous delivery] so security becomes part of delivery.

Cloud WAAP continuously discovers and maps every API (including shadow and third-party); analyzes live traffic and data sensitivity to assess risk; and actively protects against fraud, attacks, abuse, and DDoS [distributed denial of services] threats. One platform unifies discovery, testing, and runtime defense, giving teams a real-time searchable view of their API estate and the controls to act.

From the judges

“Harness Cloud Web Application and API Protection is an innovative solution that offers a unified strategy to secure apps and APIs, dramatically reducing the effort/complexity of tasks including context-aware, behavior-based detection. Very relevant for all types of enterprises.”

Application management

Winner

• Omni, Sidero Labs

Finalists

• Komodor Platform, Komodor
• Omnissa App Volumes, Omnissa
• Omni, Sidero Labs

From the winner

Omni is a Kubernetes operations platform that brings SaaS [software as a service] simplicity to devops and infrastructure teams managing clusters across bare metal, cloud, and edge environments. Built on the hardened, immutable Talos Linux OS, Omni eliminates SSH [Secure Shell], configuration drift, and manual toil by delivering a centralized, declarative control plane that operates anywhere Kubernetes can run. Teams can create, scale, upgrade, and secure clusters with one click while maintaining full control over infrastructure and identity. Omni blends the reliability of a cloud-native Kubernetes stack with the flexibility of “bring your own infrastructure,” creating a radically simplified and portable alternative to legacy managed Kubernetes platforms.

From the judges

“Omni is transforming Kubernetes operations by combining infrastructure-agnostic management with a secure, declarative approach. Designed for modern devops teams, Omni has built-in security and reduces operational burden and manual toil. Proven impact in production and a standout alternative to legacy tools.”

Application networking

Winner

• noBGP, noBGP

Finalists

• noBGP, noBGP
• Ambient Mesh, Solo.io
• Tailscale, Tailscale

From the winner

noBGP is a cloud networking platform that eliminates one of the internet’s biggest sources of complexity and risk: the Border Gateway Protocol (BGP). Built for cloud-native, hybrid, and AI environments, noBGP replaces BGP with private routing that is automated, secure, and simple to deploy. With a noBGP router, enterprises can instantly connect cloud resources across AWS, Azure, GCP, Oracle, and on-prem environments, without public IPs, VPNs [virtual private networks], or manual routing tables.

This means faster deployment, reduced attack surfaces, and dramatically simplified operations. Traffic is encrypted end- to-end and zero trust is enforced by default. Devops teams get seamless cloud connectivity, while security teams gain a hardened infrastructure that removes entire categories of network threats.

From the judges

“An innovative solution to replace legacy services and protocols for hybrid and multi-cloud environments, especially for organizations looking to implement zero-trust architectures.”

Application security

Winner

Application Security Posture Management Platform, Legit Security

Finalists

• Apiiro Agentic Application Security Platform, Apiiro
• Application Security Posture Management Platform, Legit Security
• Oso Cloud, Oso Security

From the winner

The Legit Application Security Posture Management (ASPM) platform offers comprehensive visibility and risk management across the software development life cycle. This includes coverage of everything from source code repositories to runtime environments and cloud infrastructure. The platform integrates with a wide range of tools, including AST solutions, cloud security platforms, version control systems, artifact registries, identity providers, and API security tools.

AI is applied throughout the platform. Code-to-cloud correlation is supported through AI-driven analysis. Legit sits alongside coding assistants to keep code secure while developers write it and gives teams visibility into where AI is generating code.

From the judges

“It is good to see a product that is not just flagging risks but also zeroes in on what to fix first and how to fix it fast. This feature separates the solution from its competition.”

Business intelligence and analytics

Winner

• Plotly Dash Enterprise, Plotly

Finalists

• FICO Platform, FICO
• Plotly Dash Enterprise, Plotly
• Spotter, ThoughtSpot

From the winner

Dash Enterprise (DE) is an enterprise platform for creating customizable, interactive data applications in Python. Domain experts surface insights and take action through AI-powered development that transforms Python workflows into production apps instantly.

Python-native development builds on existing data science stacks while delivering true customization that creates exactly what stakeholders need, not generic dashboards. Enterprise controls provide built-in security, compliance, and governance, while self-service capabilities eliminate IT bottlenecks. Interactive design enables stakeholders to explore data rather than consume static reports. The transformation shifts teams from analytics support to strategic enablement.

From the judges

“Plotly Dash Enterprise stands out by turning Python workflows into secure, governed, interactive read/write data apps while retaining dev control. The platform is also able to provide contextual intelligence with domain-aware suggestions (across finance, healthcare, and telecom sectors).”

Cloud backup and disaster recovery

Winner

• United Private Cloud, UnitedLayer

Finalists

• Cayosoft Guardian Forest Recovery, Cayosoft
• CloudCasa, CloudCasa by Catalogic Software
• United Private Cloud, UnitedLayer

From the winner

United Private Cloud delivers cloud backup and disaster recovery through a layered, intelligent architecture. It integrates business continuity with high-availability architecture, performance, intelligence, hybrid colocation, and compliance for mission-critical workloads.

Workloads and data are continuously protected via four DR [disaster recovery] strategies. Real-time replication ensures that data is always protected in Tier 3+ data centers across 30+ private cloud regions and 175+ edge sites on five continents. Data is encrypted in transit and at rest.

UnitedLayer’s approach ensures rapid recovery, regulatory adherence, and seamless scaling — backed by repeated industry recognition and trusted by global enterprises for business continuity.

From the judges

“United Private Cloud guarantees zero downtime and minimal data loss through 99.999% high availability and real-time replication. This translates to measurable business value. A proactive, autonomous approach redefines disaster recovery by enabling predictive failure detection and instant restoration at scale.”

Cloud compliance & governance

Winner

• Secureframe, Secureframe

Finalists

• Kion Platform, Kion
• Secureframe, Secureframe

From the winner

Secureframe is a comprehensive, AI-powered platform that helps organizations meet security and compliance requirements more efficiently and effectively. With out-of-the-box support for 40+ frameworks, Secureframe helps organizations streamline audits, reduce manual effort, and improve visibility into their security posture.

The Secureframe platform identifies gaps, collects evidence, generates tailored policies, completes risk assessments and access reviews, and monitors compliance progress in real time. Built-in automation handles control testing, validates evidence, recommends remediations, and accelerates questionnaire responses with the help of our proprietary Comply AI engine. Customers report a 26% average reduction in annual compliance costs and complete audits up to 90% faster.

From the judges

“Secureframe applies contextual AI and 300+ integrations to automate evidence validation, remediation, and monitoring across hybrid environments, turning compliance into an intelligent, end-to-end technology solution. Breakthrough capabilities like AI Evidence Validation, Workspaces, and Custom Integrations redefine compliance automation, outpacing competitors with foundational shifts rather than incremental features.”

Cloud cost management

Winner

• Tangoe One Cloud, Tangoe

Finalists

• Stacklet Jun0, Stacklet
• Tangoe One Cloud, Tangoe
• UnityOne AI, UnityOne AI

From the winner

Tangoe One Cloud is an enterprise-grade FinOps [financial operations] platform that unifies expense and asset management across public and private IaaS [infrastructure as a service], SaaS, and UCaaS [unified communications as a service] environments. Designed to align IT, finance, and procurement, Tangoe One Cloud centralizes governance, chargebacks, anomaly detection, and multi-cloud transparency into one scalable platform.

Tangoe’s “Cloud Optimizer” applies machine learning, predictive models, and historical usage data to identify savings opportunities and recommend the most cost-effective cloud infrastructure options. Automated workflows drive cost allocation, charge-backs, and remediation actions, eliminating manual reporting cycles. The platform also delivers real-time anomaly alerts and AI workload governance through a new AI Cost Visibility Dashboard.

From the judges

“This AI-driven, multi-cloud architecture is a highly scalable and technically robust FinOps solution. Tangoe One Cloud’s capabilities set it apart from competitors by enabling real-time governance of AI/ML spending, automated chargebacks, and actionable insights across diverse enterprise infrastructures.”

Cloud security

Winner

• Cortex Cloud, Palo Alto Networks

Finalists

• Aviatrix Cloud Native Security Fabric, Aviatrix
• Cortex Cloud, Palo Alto Networks
• Ivanti Neurons Platform, Ivanti

From the winner

Cortex Cloud rearchitected Palo Alto Networks’ cloud-native application protection platform (CNAPP) on the AI-driven Cortex SecOps platform to deliver a unified user experience with persona-driven dashboards and workflows.

Cortex Cloud identifies and prioritizes issues across the application development pipeline. The platform improves multi-cloud risk management with AI-powered prioritization, guided fixes, and automated remediation. Cortex Cloud natively integrates the unified Cortex XDR agent, enriched with additional cloud data sources, to prevent threats with advanced analytics. Cortex Cloud natively integrates cloud data, context, and workflows within Cortex XSIAM to significantly reduce the mean time to respond (MTTR) to modern threats with a single, unified secops solution.

From the judges

“Cortex Cloud is one of the strongest offerings in cloud security, because it unifies cloud detection and response with CNAPP capabilities on a single AI-driven platform, giving teams real-time, context-rich protection across code, runtime, and cloud environments. By eliminating silos, reducing MTTR, and continuously learning from incidents, Cortex Cloud sets a new standard for enterprise-to-cloud protection.”

Data management: Databases

Winner

• Qdrant, Qdrant

Finalists

• Couchbase Capella, Couchbase
• EDB PostgresAI, EnterpriseDB
• Percona Everest, Percona
• Qdrant, Qdrant

From the winner

Qdrant is an open-source, dedicated vector search engine built for an era where over 90% of enterprise data is unstructured. It enables developers to build and support production-grade AI retrieval and vector search across any scale, modality, or deployment. Purpose-built in Rust for unmatched speed, memory safety, and scale, Qdrant delivers up to 40x faster retrieval and >4x higher throughput.

Qdrant is more than vector search: It gives AI agents grounded retrieval “memory” to plan, use tools, and act in real time. With Cloud Inference, hybrid search, and flexible reranking, teams build agentic workflows that stay relevant, responsive, and cost-efficient.

From the judges

“Qdrant is a powerful, technically advanced product that stands out in the highly competitive vector database space. Its deep support for agentic AI, multimodal search, and enterprise-scale deployments make it a foundational tool for the AI era.”

Data management: Governance

Winner

• Actian Data Intelligence Platform, Actian

Finalists

• Actian Data Intelligence Platform, Actian
• Pentaho Platform, Pentaho
• Transcend, Transcend

From the winner

The Actian Data Intelligence Platform centralizes all enterprise meta-data into a single source of truth, enabling effective discovery and utilization of data assets while ensuring regulatory compliance (GDPR, CCPA) and security controls. The cloud-native platform provides a searchable catalog of all data assets with automated metadata collection to ensure proper data documentation and context. Actian’s “governance by design” approach embeds governance into the DNA of every data interaction.

The platform’s innovative knowledge graph delivers deeper, more relevant search results by understanding complex relationships between concepts and entities, enabling faster data discovery, reduced regulatory compliance risk, and confident AI implementation.

From the judges

“The Actian Data Intelligence Platform addresses some of the most critical and persistent challenges in data governance with a highly modern, forward-looking approach. Actian’s platform is well architected and addresses real organizational pain points, including inconsistent data, a lack of trust in analytics, and growing compliance burdens.”

Data management: Integration

Winner

• SnapLogic Agentic Integration Platform, SnapLogic

Finalists

• Rocket DataEdge, Rocket Software
• SnapLogic Agentic Integration Platform, SnapLogic
• Merge, Merge

From the winner

SnapLogic is an all-in-one platform to create, integrate, and orchestrate data products, apps, APIs, and AI agents. Using a low-code, “click-not-code” interface and built-in genAI, SnapLogic empowers both IT and business users to automate workflows, transform data, and create intelligent agents that streamline operations — no matter where the data resides.

With natural-language prompts, anyone across the enterprise — from HR to Finance to Legal — can build IT-approved automations that eliminate repetitive tasks and deliver real business value. For example, legal teams can create IDP [intelligent document processing] agents to redline contracts, while finance teams can automate fraud detection workflows.

From the judges

“By embedding AI-powered agent creation directly into its integration fabric, SnapLogic transforms how enterprises operationalize genAI. With tools like Prompt Composer and Agent Visualizer, it delivers secure, enterprise-grade innovation well beyond traditional data movement platforms.”

Data management: Pipelines

Winner

• Prophecy, Prophecy

Finalists

• Airbyte Open Source, Airbyte Cloud, Airbyte Enterprise, Airbyte Enterprise Flex, Airbyte
• DataPelago Accelerator for Spark, DataPelago
• Prophecy, Prophecy

From the winner

Prophecy uses AI agents, a visual canvas, and automatic code generation to help analysts and business experts of all skill levels access the data they need, whenever they need it. An LLM AI assistant for data pipeline creation is powered by a knowledge graph of data sets, schemas, models, and pipelines. The Visual Canvas enables anyone who needs data to build and refine pipelines, using drag-and-drop components for extraction, transformation, enrichment, aggregation, and loading.

Prophecy identifies errors and suggests how to fix them. Visual pipelines are automatically compiled into production-ready code with full Git versioning, documentation, CI/CD support, and lineage tracking.

From the judges

“Prophecy delivers a rare combination of technical depth, user-centric design, and enterprise-grade controls. Its intelligent use of AI assistants, visual editing, and code compilation makes it uniquely powerful, particularly in large organizations seeking secure, self-service analytics at scale. It transforms how data engineering is done.”

Data management: Security

Winner

• QuProtect, QuSecure

Finalists

• Bedrock Platform, Bedrock Data
• QuProtect, QuSecure
• Sentra Data Security Platform, Sentra

From the winner

QuSecure’s QuProtect platform is a comprehensive suite of post-quantum cryptographic solutions designed to safeguard data across various platforms and applications. It includes quantum-resistant algorithms, cryptographic agility, key management systems, and secure communication protocols. QuProtect enables visibility into cryptography in use — a new level of insight.

QuProtect provides centralized control of quantum-resilient cryptography, which is ideal for managing and updating cryptographic protocols across the network. Post-quantum algorithms can be implemented and updated centrally, ensuring uniform security policies. QuProtect empowers security leaders with comprehensive visibility, adaptive cryptographic controls, and orchestrated protection to safeguard data against both traditional and emerging threats.

From the judges

“This is one of the most innovative products I have ever seen that offers quantum-resilient protection. It offers security without changing existing systems, which is a great feature to have. I can see this driving a lot of innovation in the cost-effective, post-quantum security of applications for enterprises.”

Data management: Streaming

Winner

Confluent Cloud, Confluent

Finalists

• Confluent Cloud, Confluent
• Hydrolix, Hydrolix
• Lenses, Lenses.io

From the winner

Confluent Cloud offers a fully managed cloud-native data streaming platform, built and operated by the creators of Apache Kafka. This platform empowers teams to easily connect, process, and govern real-time data without the operational burden associated with open source solutions. The result is [shorter] time to insight, lower infrastructure costs, and the ability to build data-driven applications at scale.

On top of trusted features like Confluent Cloud for Apache Flink and Stream Governance, Confluent has introduced capabilities over the past year to unify streaming and batch data processing on a single serverless platform. Confluent Cloud features battle-tested security, compliance, and 99.99% uptime.

From the judges

“Confluent Cloud extends Kafka and Flink into a managed serverless platform that unifies streaming and batch, simplifying real-time data use for AI and analytics. Its innovations — Tableflow, Flink Native Inference, and Flink Search — move streaming closer to enterprise AI workflows, while strong uptime and governance features deliver reliability at scale.”

Devops: Analytics

Winner

• Azul Intelligence Cloud, Azul

Finalist

• Azul Intelligence Cloud, Azul

From the winner

Azul Intelligence Cloud provides actionable intelligence from production Java runtime data that dramatically boosts devops productivity. It supports any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution. It consists of three services: Azul Code Inventory, the only solution that precisely catalogs what code runs in production across all Java workloads to accurately identify unused and dead code for removal; Azul JVM Inventory, which uses actionable intelligence available only at run time to continuously catalog running JVMs to help ensure ongoing Oracle license compliance; and Azul Vulnerability Detection, which uses Java class-level production runtime data to detect known security vulnerabilities.

From the judges

“Azul Intelligence Cloud delivers strong impact for Java-heavy organizations. Its class-level runtime approach is more precise than traditional SCA [software composition analysis] tools and yields measurable productivity gains. Overall, a differentiated and timely solution with high relevance for devops productivity.”

Devops: Automation

Winner

• Chef, Progress

Finalists

• Ciroos AI SRE Teammate, Ciroos
• Nutanix Database Service, Nutanix
• Chef, Progress

From the winner

Progress Chef addresses the full spectrum of devops and devsecops, using a single “as code” framework to configure, deploy, and manage virtually any asset on any cloud to any edge, including support for any infrastructure or application, including cloud-native assets like Kubernetes and public cloud services.

Using this framework, the Chef portfolio can help organizations streamline their continuous compliance posture and secure infrastructure support on-premises or in the cloud. Our Policy as Code approach brings configuration management, application delivery, security policy enforcement, and compliance into a single step, eliminating the security silo and moving everyone into a shared pipeline and framework.

From the judges

“Chef has earned its place at the forefront of the devops and devsecops fields. It brings innovative automation, robust security features, and scalability that address the challenges faced by modern organizations, especially in hybrid and multi-cloud environments.”

Devops: CI/CD

Winner

• Buildkite Platform, Buildkite

Finalists

• Buildkite Platform, Buildkite
• CircleCI, CircleCI
• CloudBees Unify, CloudBees
• Harness CI/CD, Harness

From the winner

As the volume, speed, and unpredictability of code creation accelerate with LLM-assisted development, traditional CI/CD pipelines can no longer keep up. Buildkite’s Model Context Protocol (MCP) Server enables real-time, adaptive automation, reducing build times by allowing models to optimize execution order and parallelism while supporting real-time adaptation, failure recovery, dynamic resource allocation, and context-driven decision-making.

Unlike other MCP implementations that wrap APIs or provide prebuild insights, Buildkite’s MCP Server operates inside the pipeline context, turning scripted workflows into dynamic, self-optimizing systems. It acts as a conversational protocol between LLMs and the Buildkite platform, using more than a decade of operational context.

From the judges

“Buildkite brings cutting-edge technology to CI/CD, drives significant business benefits for organizations, and demonstrates true innovation in the space. It’s a powerful tool that not only addresses current challenges but is well positioned to define the next wave of software delivery as AI becomes an increasingly integral part of development workflows.”

Devops: Code quality

Winner

• SonarQube, Sonar

Finalists

• Graphite, Graphite
• Moderne, Moderne
• SmartBear AI, SmartBear
• SonarQube, Sonar

From the winner

SonarQube is an automated code review platform that helps developers deliver high-quality, secure code. It integrates into the CI/CD pipeline on devops platforms for automated, continuous code inspections. Deployable on-prem or in the cloud, it scans repositories for bugs, vulnerabilities, and code quality issues. Seamless integration into IDEs, via SonarQube for IDE, ensures quality and security at the start of development.

SonarQube’s quality gate alerts in real time when there’s something to fix or review in changed or added code, offering real-time guidance. The AI CodeFix feature takes this a step further, leveraging LLMs to automatically generate AI-driven code fixes for discovered issues.

From the judges

“SonarQube’s developer-first approach integrates seamlessly into CI/CD and IDEs, ensuring issues are caught early — before they become costly. The AI CodeFix feature goes beyond detection, offering intelligent one-click fixes. With industry-wide adoption and proven ROI, SonarQube not only supports but elevates modern software development in the age of AI-assisted coding.”

Devops: Observability

Winner

• Observo AI, Observo AI

Finalists

• DataBahn, DataBahn
• Grafana Cloud, Grafana Labs
• Honeycomb.io, Honeycomb
• Observo AI, Observo AI

From the winner

Observo AI is an AI-powered data pipeline that transforms how enterprises manage security and observability. It analyzes telemetry data from security and devops tools, using machine learning and agentic AI to flag anomalies; detect privacy risks; perform data transformations; and strip irrelevant data from cloud flow, firewall, operating system, CDN [content delivery network], and application logs.

What sets Observo AI apart is its flexible, non-scripted automation. Instead of asking users to manually write and maintain thousands of inflexible rules, Observo’s ML models automatically detect schemas, summarize normal events, and enrich data with contextual intelligence.

From the judges

“Observo AI addresses one of the hardest problems in security by moving beyond brittle rule-based pipelines to adaptive machine learning and agentic automation. It redefines how telemetry pipelines are built and managed, putting it ahead of competitors that are still bound by static rules.”

Devops: Productivity

Winner

• Flow, Appfire

Finalists

• Flow, Appfire
• Cortex Internal Developer Portal, Cortex
• Harness Internal Developer Portal, Harness

From the winner

Appfire Flow is redefining how modern engineering organizations elevate code quality and team performance. As a core component of Appfire’s Software Engineering Intelligence (SEI) platform, Flow helps teams move beyond intuition and manual analysis by delivering real-time insights across the development life cycle. By unifying Git and ticket data from tools like GitHub, GitLab, and Jira, Flow gives teams a clear, objective understanding of where bottlenecks occur, how code review processes are functioning, and how collaboration impacts the quality and veloci- ty of software delivery.

By translating complex engineering data into clear, research-backed insights, Flow makes software delivery understandable and actionable for everyone, from engineers to product leaders to executives.

From the judges

“Flow bridges the gap between engineering work and business outcomes. Its combination of developer empathy, innovation, and actionable insights makes it stand out from legacy tools and rigid DORA [DevOps Research and Assessment]–only dashboards.”

Software development: Platforms

Winner

• Azul Platform Prime, Azul

Finalists

• Azul Platform Prime, Azul
• Uno Platform, Uno Platform
• 1NCE OS, 1NCE

From the winner

Azul Platform Prime is a high-performance Java platform that provides superior speed, startup and warmup, and consistency vs. other OpenJDK distributions to increase responsiveness, reduce cloud compute costs by 20%+, and boost operational efficiency — all without recompiling or changing application code.

With Platform Prime, companies can reduce cloud waste and improve application performance. It works across the most popular Java long-term releases: Java 8, 11, 17, and 21+. It is ideal for demanding, business-critical applications, including those used for massive data sets in distributed data processing.

From the judges

“Runtime-level improvements without application changes are compelling and reduce adoption friction. The cost-savings angle is strong: fewer servers, higher CPU thresholds, and better autoscaling leads directly to opex reduction in cloud spend.”

Software development: Security

Winner

• Chainguard Containers, Chainguard

Finalists

• Chainguard Containers, Chainguard
• SonarQube Advanced Security, Sonar

From the winner

Chainguard Containers is a curated catalog of over 1,800 minimal, vulnerability-free container images that have a reduced attack surface, broad customization capabilities, and improved supply chain integrity for containerized applications. By providing trusted open source software (OSS), built from source and updated continuously, Chainguard helps organizations eliminate threats in their software supply chains.

Chainguard Containers reduces the cost of engineering toil that comes with patching software and strengthens an organization’s security posture by ensuring [that the organization always has] the latest version of the software in production.

From the judges

“Chainguard Containers represents a step-change in how organizations consume open source software by moving from reactive vulnerability scanning to proactively delivering zero-CVE [common vulnerabilities and exposures] images built and maintained continuously. This product is a redefinition of supply chain security, setting a new benchmark for the industry.”

Software development: Testing

Winner

• CloudBees Smart Tests, CloudBees

Finalists

• CloudBees Smart Tests, CloudBees
• Sauce Labs Platform for Test, Sauce Labs
• Harness AI Test Automation, Harness

From the winner

CloudBees Smart Tests is an AI-powered intelligent testing solution built to support enterprise dev-test workloads. It reduces cycle times, improves triage accuracy, and enhances visibility into test behavior across teams.

CloudBees Smart Tests enables faster dev-test iteration with an analytics engine that flags flaky, long-running, and reliable tests, giving both engineers and leaders a shared view of test performance. Predictive Test Selection (PTS) finds failures 40% to 90% faster by running only the most relevant tests. It also offers accelerated test failure resolution through smart classification, pattern detection, and unified session insights, plus automated alerts that keep code owners informed and engaged.

From the judges

“CloudBees Smart Tests reimagines enterprise testing by applying ML to prioritize only the tests that matter, eliminating waste and accelerating feedback loops. Its innovation lies in combining predictive selection with easy integration, turning testing from a bottleneck into a driver of speed, quality, and confidence.”

Software development: Tools

Winner

• Tabnine, Tabnine

Finalists

• Progress Telerik & Progress Kendo UI, Progress Software
• Tabnine, Tabnine
• Warp Agentic Development Environment, Warp

From the winner

Tabnine is the only AI coding assistant purpose-built for enterprise teams with complex codebases, mixed tech stacks, and strict security and compliance requirements. Whether deployed as SaaS, VPC [virtual private cloud], on-prem, or fully air-gapped, Tabnine provides full control over the environment — no outbound connections, no telemetry, no silent updates.

With deep integrations across Git and other SCMs [source code managers], IDEs, and tools like Jira and Confluence, Tabnine understands the entire organizational context, helping teams write, test, document, review, and maintain code faster and more consistently while following teams’ internal standards and compliance rules.

From the judges

“Tabnine is technically strong, enterprise-focused, and full of meaningful differentiators. Its commitment to secure, offline, and customized AI coding assistance gives it an edge in regulated industries. The product clearly aligns with market needs and shows a credible track record of impact.”

About our judges

Ashutosh Datar is a seasoned technology leader specializing in distributed systems, scalable API infrastructure, and intelligent storage. With more than 20 years of experience at companies such as Pure Storage, Hewlett Packard Enterprise, and Nimble Storage, he has led the design of next-generation systems that power large-scale storage and data platforms. At Pure Storage, Datar plays a key role in advancing the Fusion platform — an intelligent, policy-driven infrastructure that unifies storage management across heterogeneous systems.

Anshul Gandhi is an AI and product leader with a track record of building 0→1 systems and scaling 1→N AI platforms across enterprise, consumer, and go-to-market domains. His work bridges cutting-edge research and real-world applications, translating AI innovation into products that deliver exceptional user experiences and measurable business impact. He has led AI strategy and platform initiatives across sectors including healthcare, SaaS, manufacturing, and cybersecurity and holds multiple patents in applied AI.

Sahil Gandhi is a senior data scientist at Amazon and a product-minded AI leader with over a decade of experience in analytics, experimentation, and applied machine learning. He specializes in building and scaling AI-powered data products, including AI agents, RAG-based systems, and enterprise analytics platforms that drive smarter decisions and measurable business growth. He also serves as an Advisory Council Member at Products That Count, contributing to industry leadership and best practices.

Stan Gibson is an award-winning editor, writer, and speaker with 41 years’ experience covering information technology. Formerly executive editor of eWEEK and PC Week and senior editor at Computerworld, he is currently an adjunct analyst at IDC. As principal of Stan Gibson Communications, he writes for many websites, including CIO.com, and is a popular host for online events.

Arun Krishnakumar is a seasoned leader in e-commerce product strategy; digital transformation; and emerging technologies such as AI, machine learning, and blockchain. An author, startup mentor, and master class instructor, Krishnakumar has built and scaled cloud-based web and mobile platforms that serve millions of users. His experience spans customer acquisition and retention, conversion optimization, and sustainable growth, delivering impactful products for multibillion-dollar international brands.

Gaurav Mittal is a software engineer and seasoned IT manager adept at guiding teams in developing and deploying cutting-edge technology solutions. He specializes in implementing innovative automation solutions that unlock substantial cost savings and enhance operational efficiency.

Shipra Mittal is an accomplished IT professional with more than a decade of experience in software engineering, data quality, and analytics. She has advanced from leading client-focused software projects to building and guiding QA and data teams and now focuses on transforming data into actionable insights that enhance business performance. Recognized for her strong technical foundation and commitment to continuous learning, Mittal brings deep expertise in data validation, quality assurance, and analytics innovation to her role as a judge.

Priyank Naik is a principal engineer with more than 20 years of experience in the financial industry, specializing in building complex, real-time distributed, cloud-enabled systems for front-office operations, risk management, and fixed income research. In his current position, he is also involved in integrating genAI for automating financial reporting and forecasting cash flows.

Peter Nichol is a data and analytics leader for North America at Nestlé Health Science. He is a four-time author and an MIT Sloan and Yale School of Management speaker dedicated to helping organizations connect strategy to execution to maximize performance. His career has focused on driving and quantifying business value by championing disruptive technologies such as data analytics, blockchain, data science, and artificial intelligence. He has contributed to CIO.com and has been recognized for digital innovation by CIO 100, MIT Sloan, the BRM Institute, Computerworld, and PMI.

Anton Novikau is a seasoned software development leader with nine years of experience spearheading innovative technology solutions. As head of mobile development at Talaera, an EdTech start-up, Novikau drives the technical vision and execution of transformative learning experiences while pioneering AI integration across the company’s product suite. His expertise spans full-stack development, cloud architecture, and leveraging artificial intelligence to enhance educational outcomes.

Rahul Patil, hailing from the vibrant city of New York, is a seasoned professional in the tech industry with 18 years of extensive experience. Currently working at a hedge fund, he has honed his skills in back-end development with a particular focus on Java. His deep passion for technology drives him to constantly explore and utilize cloud-native services such as AWS and GCP.

Kautilya Prasad is a distinguished expert in software development, specializing in digital experience platforms and artificial intelligence. With more than 18 years of experience driving digital transformation for numerous Fortune 500 clients, Prasad excels at integrating artificial intelligence, digital experience, and data analytics to deliver innovative solutions that elevate customer engagement. He is an active contributor to the technology community, participating in peer reviews and shaping discussions on emerging technologies.

Shafeeq Ur Rahaman is an accomplished leader and researcher in data analytics and digital infrastructure, with over a decade of experience developing transformative, data-driven solutions that drive business performance. As the associate director of analytics and data infrastructure at Monks, he leads global initiatives in data pipeline automation, cloud architecture, and advanced analytics, including the design of mixed media marketing models to optimize campaign effectiveness.

Ramprakash Ramamoorthy leads the AI efforts for Zoho Corporation. He has been instrumental in setting up Zoho’s AI platform from scratch. He comes with a rich 12-plus years of experience in building AI for the enterprises at Zoho. The AI platform currently serves over a billion requests a day and is growing strong. Ramamoorthy is a passionate leader with a level-headed approach to emerging technologies and is a sought-after speaker at tech conferences.

Monika Rathor is a lead application engineer at Level Home, where she is building smart home solutions with smart access, automation, and building intelligence solutions that improve apartment living and management in the most impactful, cost-effective way possible. She is also a performance improvement enthusiast, driven to achieving optimizations like cutting latency from 200ms to just 50ms. Monika also loves mentoring her team, helping them grow and learn.

Isaac Sacolick is a lifelong technologist who has served in CTO and CIO roles and the founder of StarCIO, a digital transformation leadership, learning, and advisory company. He is a writer and keynote speaker and the author of the Amazon bestseller Driving Digital, a playbook for leading digital transformation, and Digital Trailblazer, a career guide for technology and business professionals. Recognized as a top digital influencer, Sacolick is a frequent contributor to InfoWorld and CIO.com.

Scott Schober is the president and CEO of Berkeley Varitronics Systems, a 54-year-old New Jersey–based provider of advanced, world-class wireless test and security solutions. He is the author of three best-selling security books: Hacked Again, Cybersecurity is Everybody’s Business, and Senior Cyber. Schober is a highly sought-after author and expert for live security events, media appearances, and commentary on the topics of ransomware, wireless threats, drone surveillance and hacking, cybersecurity for consumers, and small business.

Kumar Srivastava is a seasoned technology executive and entrepreneur with more than two decades of experience in building and scaling AI-driven platforms across consumer packaged goods (CPG), retail, cybersecurity, supply chain, and digital transformation. Currently serving as chief technology officer at Turing Labs, Inc., he leads the development of the industry’s most advanced AI formulation platform, helping the world’s largest CPG companies accelerate innovation, optimize costs, and bring products to market faster with scientific precision.

Just-released Visual Studio Code 1.107, the latest version of Microsoft’s popular code editor, introduces multi-agent orchestration, a new feature that allows developers to use GitHub Copilot and custom agents together to speed up software development tasks.

Released December 10 and also referred to as the November 2025 release, Visual Studio Code 1.107 can be downloaded for Windows, Mac, and Linux from visualstudio.com.

With multi-agent orchestration, developers can use Agent HQ to manage multiple agents, delegate work across local, background, and cloud agents, and allow GitHub Copilot and custom agents to collaborate across tasks, Microsoft said. Background agents run in isolated workspaces to not interfere with active work and to enable multiple background tasks to run in parallel. An experimental feature allows custom agents to be used as background agents. Once enabled, custom agents defined in the .github/agents folder will appear in the agent list. Additionally, agent sessions have been integrated into the Chat view to give a unified experience when working with agents.

VS Code 1.107 also adds support for the latest specification of the Model Context Protocol (MCP), 2025-11-25, which includes URL mode elicitation, tasks for long-running tool calls and client work, and enhancements to enum choices in elicitation. And the GitHub remote MCP Server now is provided as a built-in MCP server in the GitHub Copilot Chat extension, providing seamless integration with GitHub repositories and services, according to Microsoft.

Other improvements emphasized in VS Code 1.107 include the following:

• Developers can try out the planned TypeScript 7.0 release, featuring a rewrite in native code for better performance, by installing the TypeScript (Native Preview) extension.
• Microsoft Authentication Library (MSAL) support enables users to sign in through a native experience on Intel Macs and Linux x64, along with existing support for Windows x64 and MacOS M-series (ARM). This enables nice single sign-on flows and is the recommended way of acquiring a Microsoft authentication session, according to Microsoft. The MSAL team will enable this for remaining platforms (Windows ARM, Linux ARM, and additional distros) over time.
• Improvements to the editor experience enable developers to more easily identify open projects, swipe to navigate on MacOS, and choose when to hover popups.
• A new model is offered for next edit suggestions, intended to offer significantly better acceptance and dismissal performance.
• For debugging, developers now can attach variables, scopes, and expressions to chat context in VS Code. This can be done by right-clicking on data in the Variables and Watch views, or by using the Add Context button in chat.
• Terminal Suggest now is enabled for stable users, offering inline completions and contextual hints while typing shell commands.

OpenAI has released GPT-5.2, claiming significant gains in the AI model’s ability to complete real-world business tasks to an “expert level” compared to GPT-5.1, released in November.

The new model, available in Instant, Thinking, and Pro performance tiers, offers major improvements across a range of benchmarks, the company said.

Using OpenAI’s GDPval benchmark, which compares the model’s ability to complete 44 different business tasks to the same standards as human experts, GPT-5.2 matched or exceeded human users in 70.9% of tests, compared to GPT-5.1’s 38.8% across the Instant (basic), Thinking (deeper reasoning), and Pro (research-grade) versions.

To illustrate these advances, OpenAI said that GPT-5.2 Thinking could fully format a workforce planning spreadsheet, while on GPT-5.1, the equivalent output assembled the same spreadsheet correctly, but in a more basic state that lacked formatting.

“We designed GPT‑5.2 to unlock even more economic value for people; it’s better at creating spreadsheets, building presentations, writing code, perceiving images, understanding long contexts, using tools, and handling complex, multi-step projects,” said OpenAI.

GPT-5.2 also showed a mixture of gains across other important benchmarks, including ARC-AGI-1/ARC-AGI-2 (general problem solving), and SWE-Bench Pro/SWE-Bench Verified (real-world software tasks).

“For everyday professional use, this translates into a model that can more reliably debug production code, implement feature requests, refactor large codebases, and ship fixes end-to-end with less manual intervention,” the company said.

GPT-5.2 has begun rolling out to ChatGPT users, starting with the paid plans. Subscription pricing is unchanged. For API access, GPT-5.2 is priced at $1.75 per one million input tokens, and $14 per one million output tokens, with a 90% discount on cached inputs. Despite this being more expensive than GPT-5.1, OpenAI claimed the model’s greater efficiency meant that “the cost of attaining a given level of quality ended up less expensive due to GPT‑5.2’s greater token efficiency.”

Code red

For OpenAI, the appearance of the new version so soon after the last one represents an important acceleration in its GPT-5 model development. In early December, CEO Sam Altman sent a ‘code red’ emergency memo to OpenAI employees warning that without rapid development of GPT-5, the company risked falling behind Google’s increasingly capable Gemini 3 model

Since then, things appear to have stabilized, with Altman telling CNBC this week that Gemini’s advances had been less significant than first feared, and that the code red state would end by January. However, a noticeable omission from the web announcement was any comparison between GPT-5.2’s performance and that of Gemini 3. Reportedly, a separate press briefing offered only a limited comparison.

Maria Sukhareva, a principal AI analyst at Siemens, questioned OpenAI’s use of benchmarks more generally. “It [GPT-5.2] claims to beat GDPVal, but this is a benchmark developed by OpenAI for OpenAI. Technically there are no obstacles for OpenAI to fine-tune their model for those 44 tasks, while completely failing on everything else,” she pointed out.

“Essentially, the numbers reported by GPT-5.2 are meaningless where one cannot see what data they trained the model on. GPT-5.2 suffers from all the same problems as previous models,” she argued. Sukhareva’s deeper dive on GPT-5.2 benchmarking can be found on her Substack.

Rachid ‘Rush’ Wehbi, CEO of e-commerce platform Sell The Trend, has tested GPT-5.2 under real-world conditions. “GPT-5.2 is doing a lot better when it comes to keeping its train of thought going for longer periods and not falling apart when you throw some layered context at it. For companies, that’s way more important than making a tiny bit of an improvement on some potentially inconsequential benchmark,” he said.

“Benchmarks are fine for showing you’ve made some sort of progress, but they don’t tell you if your model is going to actually hold up in the real world. GPT-5.2 is a step forward, but enterprise AI is still a work in progress.”

According to Bob Hutchins, founder of AI literacy company Human Voice Media, “most enterprise frustration with AI up until now is from the last 20% — the formatting, the constraints, the handoffs. GPT-5.2 shows progress there.” His advice for enterprises was, “ignore the launch noise and run a disciplined trial. GPT-5.2 is a meaningful step. It does not close the gap between promise and practice, it narrows it.”

For example, benchmarking by agentic AI company Vectara’s Hallucination Evaluation Model, found that, while GPT-5.2 has improved on that front, it still lags some competitors.

“OpenAI still has some way to go in improving hallucination performance,” commented Ofer Mendelevitch, Vectara head of developer relations. “GPT-5.2-low-thinking is best in the GPT family so far, ranking 33rd on our leaderboard with an 8.4% hallucination rate. However, ChatGPT 5.2 notably trails DeepSeek V3.2, which ranks 23rd with a hallucination rate of 6.3%. For comparative purposes, Gemini 3’s grounded hallucination rate in our testing was 13.6%, with Grok 4.1 coming in at 17.8%.”

Cython has been the most viable option for converting Python code to C, but PythoC could change that—with distinct compile-time advantages. We also have a first look at Databot, a new LLM add-on for the Positron IDE; a chance to learn the finer points of debug logging in Python and Java; and a report on Django developers’ use of AI coding tools, which appears to be on the rise. All that and more, in this week’s report.

Top picks for Python readers on InfoWorld

PythoC: A new way to generate C code from Python
Instead of converting Python to C, as per Cython, PythoC uses Python as a code generation tool to create standalone C-style programs with powerful compile-time features. Let’s take a look.

Databot: AI-assisted data analysis in R or Python
A new add-on for the Positron IDE (for developing Python and R data science apps) analyzes imported data, offers suggestions for how to analyze it, and can even generate the needed code for those analyses.

More Django developers turning to AI – report
According to the State of Django 2025 report, more Django developers are using AI tools like GitHub Copilot and Anthropic Claude to write code or expand their understanding of Django.

Advanced debug logging techniques: A technical guide
Get fast pointers for making the best use of debug logging in Python and Java.

More good reads and Python updates elsewhere

PyCharm 2025.3 is out
The latest edition of JetBrains’ flagship Python IDE offers remote Jupyter notebooks, uses uv as the default package and project manager, adds Ruff and Pyright for linting and language services, and much more.

PyAtlas: Explore 10K popular Python packages on an interactive map
Curious about what’s out there in the galaxy of Python packages? PyAtlas is a visual tool that clusters common packages together, letting you explore them by topic (testing, async, static analysis, etc.) and similarity.

Tacopy: Tail-Call optimization for Python
They said it wasn’t possible to make tail-call optimizations for faster recursive operations in Python. Well, this project makes the impossible possible, by way of some fiendishly clever AST transformation hackery.

Slightly off-topic (but very useful): The very unofficial Microsoft Download Center Archive
Can’t find a legacy download for Windows, Office, Visual Studio, or another Microsoft product? This entirely unofficial third-party archive keeps backup copies of hundreds of service packs, redistributable runtimes, and toolkits no longer maintained by the folks in Redmond.

Rust 1.92, the latest version of the Rust programming language, emphasizes deny-by-default never type lints for compilation.

The update was unveiled by the Rust release team on December 11. Developers can upgrade to version 1.92 by running $ rustup update stable. The release team noted that, with this release, the language and compiler teams continued to work on stabilizing the never type, which represents computations that never resolve to any value.

With the 1.92 release, the never_type_fallback_flowing_into_unsafe and dependency_on_unit_never_type_fallback future compatibility lints were made deny-by-default, so they will cause a compilation error when detected. While these future compatibility lints will result in compilation errors, they can still be #[allow]ed. The release team emphasized that the lints detect code that will likely be broken by the never type stabilization, and advised the code should be fixed if reported. The lints only fire when building the affected crates directly, not when they are built as dependencies.

Also in Rust 1.92, The unused_must_use lint no longer warns on Result, UninhabitedType>, or ControlFlow. For instance, it will not warn on Result, avoiding the need to check for an error that will never happen.

Elsewhere in Rust 1.92, the release team reported, unwind tables are now emitted by default even when -Cpanic=abort is specified, allowing for backtraces to work properly. Developers may use -Cforce-unwind-tables=no to explicitly disable unwind tables if necessary. It was also noted that the past few releases brought many changes to the way built-in attributes are processed in the compiler. These updates should improve Rust error messages and warnings for built-in attributes, and will especially make these diagnostics more consistent among all of the more than 100 built-in Rust attributes.

Rust 1.92 also features stabilized APIs such as Location::file_as_c_str, Rc::new_zeroed, and Arc::new_zeroed_slice.

This latest release follows the October 30 release of Rust 1.91, which promoted Windows on Arm64 platform to a Tier 1 supported target. A subsequent point release, Rust 1.91.1, was unveiled November 10, featuring two regression fixes for Rust 1.91. These fixes addressed linker and runtime errors on WebAssembly, as well as Cargo target directory locking.

Nearly a decade ago, a major financial services firm faced an AWS account manager during an aggressive cloud migration. AWS advised to keep it simple, run everything on AWS, and avoid other clouds. This seemed wise, as AWS promised ease of use, top-tier services, and little interoperability trouble.

Over the years, that decision proved costly. While trying to adapt to new markets, evolving compliance standards, and rapidly changing technology, the company found itself cornered, spending far more than necessary, battling vendor lock-in, and missing out on innovations AWS didn’t offer. The dream of simplicity turned into a nightmare of missed opportunities.

Last week, AWS previewed Interconnect-multicloud, a multicloud service that provides direct, high-speed connections to Google Cloud and will soon connect to Microsoft Azure. This dramatic shift in AWS’s multicloud strategy declares that the world’s original cloud innovator has finally recognized what its most forward-thinking customers have known for years: The future is multicloud.

AWS’s decade-long resistance

Since cloud computing became mainstream in IT, AWS has consistently promoted a clear message: Going all-in on AWS is the best choice. The company has emphasized technical simplicity and reduced operational risk. Deeper research reveals AWS white papers, blogs, and field advice all warning about the “risks” of multicloud, such as higher costs, added complexity, and potential security vulnerabilities. Every customer presentation I’ve seen from them highlights the dangers of inconsistency.

But here’s the truth: These warnings rarely reflected reality. The driving logic behind AWS’s stance was market control, not customer value. When you run everything on AWS, the flywheel effect kicks in for their bottom line rather than your innovation. The assertion that multicloud was risky, too expensive, or inherently unmanageable was a narrative driven by self-preservation.

For those of us working with real-world enterprises—those whose architectures refused to fit neatly into a single branded silo—this dogma rang hollow. For years, we watched businesses force square pegs into round holes, all because the wisdom of the world’s largest cloud was: “Stick with us. Don’t worry about the rest.”

The innovation of best-of-breed

A common myth is that multicloud adds overhead without benefits, but this is false. Cloud computing’s promise has always been the ability to provision, experiment, and scale across diverse resources. Modern enterprise architecture utilizes the best available tools: AWS for elastic compute, Google for artificial intelligence and machine learning, and Azure for data analytics. If a CTO ignores two-thirds of market innovation, the lost opportunity costs can be huge.

Best-of-breed philosophies thrive in multicloud environments. Businesses need the flexibility to combine services: storage from one provider, data lakes from another, networking from various sources. This optimizes performance, compliance, cost, and even proximity to partners and users. The practitioners who embrace this model despite vendor pressure build architectures that are more resilient, cost-effective, and better aligned with business goals. These aren’t theoretical musings. The world’s most successful digital-native enterprises are all intentionally multicloud.

Single-cloud tunnel vision

The opening story isn’t unique. Over the years, I’ve encountered countless organizations whose loyalty to AWS’s vision cost them dearly: extra millions spent on suboptimal services, years wasted on migration projects that never delivered the promised ROI, and competitive initiatives lost to those unburdened by single-vendor dogma.

Do-it-yourself multicloud strategies have been intimidating mainly because hyperscalers made cross-cloud networking and management overly complicated. The need for patchwork overlays, third-party SD-WANs, and complex security setups caused real frustration. The irony? Most of that frustration came from cloud providers’ hesitation to build native interoperability. Instead of uniting customers, they built walls high enough to turn climbing them into an enterprise challenge.

The end result? AWS likely left billions on the table. As customers grew more sophisticated, the world shifted inexorably toward the best tool for the job, regardless of the badge. AWS’s insistence on all-in strategies looked less like thought leadership and more like stubbornness.

AWS Interconnect-multicloud recognizes reality

What makes last week’s unveiling of AWS Interconnect-multicloud so significant is its recognition that AWS is now adopting an open, resilient, high-speed private connection model for other cloud service providers, starting with Google Cloud (some poetic justice there) as the launch partner and Microsoft Azure soon to follow.

What’s striking is how AWS Interconnect-multicloud doesn’t just close a connectivity gap; it acknowledges that customers were right all along. This new solution makes it easy to link AWS’s flagship services—VPCs, Transit Gateway, Cloud WAN—to other clouds, reducing what once took weeks or months to a single click in the AWS Management Console. By leveraging dedicated bandwidth, built-in resiliency, and the simplicity of open APIs, AWS is making connections that are physically and philosophically smoother.

Enterprises will keep demanding flexibility, performance, and innovation in their cloud journeys. Multicloud isn’t a trend; it’s a necessary capability. The future can’t be controlled by a single brand but by how effectively cloud services meet business needs. AWS’s sudden change of course is evidence of the wisdom of removing artificial barriers that keep users from true innovation. The message could not be clearer: Use the right tool for the job, wherever it lives, however it needs to connect.

For the company I mentioned at the start—and for many like them—today’s landscape has finally changed for the better. No single provider owns the cloud. The best architectures are multicloud.

And, at long last, even AWS is on board.

JetBrains is discontinuing its Fleet IDE, stating that it could not justify maintaining two general-purpose IDEs. The JetBrains flagship IDE is IntelliJ, and Fleet did not succeed as a standalone product, the company said.

JetBrains revealed on December 8 that beginning December 22, Fleet will no longer be available for download. There will be no further updates and distribution of the IDE will end. Developers can continue using Fleet, but some features relying on server-side services, including AI Assistant, may stop working over time. Elaborating on the decision, JetBrains said rebuilding the full capabilities of IntelliJ-based IDEs inside Fleet did not produce sufficient value. Maintaining two overlapping product lines created confusion and diluted focus, said the company.

Intended to provide a lighter, architecture, a modern UI model, and flexibility, Fleet was a worthwhile experiment from both technical and design perspectives, JetBrains said. Many Fleet components now power JetBrains IDEs and several UX and UI concepts developed for Fleet were adopted throughout the JetBrains product line. But JetBrains found it could neither replace IntelliJ with Fleet nor define a differentiated niche for the Fleet IDE.

First previewed in November 2021, Fleet initially was positioned as a lightweight, multi-language IDE, then later as a an editor with smart coding assistance. JetBrains considered whether Fleet could become a second flagship IDE family alongside IntelliJ-based tools. But user feedback suggested a stronger case was needed for switching to Fleet if users already were working with IntelliJ IDEA, Rider, WebStorm, PyCharm, or other JetBrains IDEs. Initially, JetBrains explored Fleet as an AI-first editor. But after building new workflows and conducting large-scale user research, it seemed another AI editor would not stand out—particularly in a market filled with AI-first Visual Studio Code forks. The company determined the best path forward was to strengthen the AI workflows developed for Fleet in other JetBrains IDEs. This new environment will ship as a new product with a new name, but the product identity and target market may evolve, JetBrains said.

Enterprises don’t often admit it out loud, but a good share of their cloud bills can be traced back to something deceptively mundane: inefficient code.

A research report from software delivery platform provider Harness, which was co-authored with AWS, cited 52% of 700 engineering leaders and developers surveyed in the US and UK saying that the disconnect between finops and developers is leading to wasted spend on cloud infrastructure costs.

“The reality today is that developers often view cost optimization as someone else’s problem. This disconnect leads to over-provisioned resources, idle instances, and inefficient architectures that drain budgets,” the researchers wrote in the report.

Inefficient code is such a big part of that disconnect that it should be considered a CFO-level problem now, said HFS Research CEO Phil Fersht, because AI workloads are increasing power draw, carbon cost, and infrastructure spend.

“Compute waste is enormous. Studies from large cloud providers indicate that 20 to 40% of cloud compute is underutilized or consumed by inefficient code. Enterprises pay for that waste,” he said.

This silent tax on compute has caught the attention of AI coding assistant providers.

Code evolution rather than simple generation

Google, for one, is zeroing in on it by unleashing a new coding agent, AlphaEvolve, that shifts focus from code generation to code evolution.

The Gemini-powered coding agent is available in private preview, Google said in a blog post on Wednesday.

Users must first write a definition of the problem they want to solve, a test to evaluate proposed solutions, and a first draft of the code to solve the problem. AlphaEvolve then iteratively applies Gemini LLMs to generate “mutations” in the code and tests them to see if they are better than existing solutions, until it meets the test criteria.

The ability to evolve code by altering the underlying algorithm underneath it could be a game changer for enterprises, analysts say.

“Code evolution is powerful for enterprises that want to improve performance in areas such as routing, scheduling, forecasting, and optimization. These are the areas where algorithmic gains directly translate to commercial advantage, reduced compute cost, and better time to market,” Fersht said.

Bradley Shimmin, practice leader for data, AI, and infrastructure at The Futurum Group, said Google may be aiming to help enterprises to evolve entire codebases, rather than just help with syntax completion, code generation, and documentation.

Changing a long-standing practice

Fersht sees AlphaEvolve boosting enterprises’ efforts to change a long-standing practice that developers follow: write code first and optimize later.

“For a decade, developer culture prioritised speed and frameworks over optimisation. That worked when compute was cheap. AI flipped the equation. Models are compute hungry,” Fersht said.

“Enterprises now realise that inefficient code slows models, increases cost, and impacts real world performance,” Fersht said, adding that developers are being pushed to optimize sooner rather than later in the development lifecycle.

That pressure is not just because of LLMs’ huge processing power needs: Data centre capacity is now a strategic constraint as AI inference loads are scaling faster than infrastructure, Fersht said, adding that any tool that improves code efficiency also reduces the number of GPUs and the electrical power needed to run applications.

“That is why algorithm discovery is so important: It reduces the need for brute-force compute,” he said.

Other ways to optimize compute for coding

Algorithm discovery for code evolution isn’t the only way that vendors are looking to help enterprises optimize their expenditure on compute resources related to coding.

French LLM vendor Mistral, for one, has introduced a compact new open LLM specifically for coding, Devstral 2, which it claims is as effective as larger models. Smaller models are cheaper to run than larger models, because they require less powerful hardware and perform fewer calculations to generate an answer.

Anthropic, too, is also working to support developers, bringing Claude Code to Slack, where it can help them generate better code and reduce time spent on collaboration. Typically, Slack is where development teams hold conversations about architecture, and Claude Code’s integration there will help the coding agent get better context to generate code that’s more relevant to the team.

Much of modern application development depends on APIs. In the past we may have built massive monolithic applications, but modern cloud-native development depends on collections of microservices, linked by APIs that offer everything from remote procedure calls to database operations.

This approach makes applications easier to run, allowing them to scale with user demand. It also makes them more reliable, handling failover in the event of data center outages. But it makes it harder for developers, as agile software development methods break apart those services across teams while also demanding test-driven approaches to code. An application component may be ready to test, but the services it uses might not be finished. The application might also need a third-party API that has associated costs that may not be acceptable during development.

Simulation and proxies

How does a front-end development move forward without working business logic so that developers are still productive, and product and project managers can ensure that parallel developments continue? One possibility is to build on top of mocks, with dummy APIs that simulate the operation of a specific server. Building new mocks can take as much time as building the service, so what’s needed is a quick, easy-to-use service that can provide the necessary tools between client and server and can be built into familiar development tools.

The answer is an API simulator, a generic tool that’s part of your development tools, intercepting network calls, delivering expected responses, testing out your code’s responses to various classes of error, and simulating the types of API management your code may need to work with. If there’s a specification for an API, a simulator can implement it for you so you don’t have to write mocks or spend development budget on subscriptions to third-party APIs before you need to.

A tool like this can work as a true proxy, sitting between a live API and a development environment. It can also inject errors into API responses and simulate throttling so you can add a little chaos into otherwise predictable operations.

Microsoft recently released an updated version of such a tool: Dev Proxy v2.0 (not to be confused with its similarly named Dev Tunnels). It’s a major release, as there are breaking changes. A big release means significant new features and support for the latest .NET release. If you’ve used earlier releases to test out services like the Microsoft Graph APIs, there were issues as the proxy application didn’t deliver results that were consistent with the live service. Where the Graph APIs used RFC 1123 and ISO 8601 date formats, Dev Proxy used your local PC’s own date formats, so if you were in the UK you’d get different results from someone in the US—and neither would be aligned with the actual service outputs.

Getting started with Dev Proxy

You can install the new Dev Proxy release using Windows’ package manager WinGet. This is easier than the manual option (downloading from GitHub and editing the required environment variables by hand) as the install script sets these up for you. As you’re using the Windows command line to run WinGet, restart it once installed to reload your environment without rebooting your PC. Even with WinGet, the first time you run Dev Proxy you’ll need to trust and install its security certificate before letting it through the Windows firewall.

The default configuration works with the useful (and free) JSONPlaceholder service, trapping requests and applying a simulated throttling with a 50% error rate. Microsoft suggests manually sending a GET request to its API, using either PowerShell or a Windows implementation of curl. If you prefer, you can use API tools like Postman to send requests and view responses. Dev Proxy will show either a pass through or an error on the command line.

The key to getting the most out of Dev Proxy is its configuration. You can have several different files and load the one you want to use at startup; you can run different tests with one service or tests for different services. Building a library of tests and sharing them with colleagues is a good idea as it can speed up building tests and provide a set of templates that can adapt to new projects.

There are three parts to a Dev Proxy configuration. The first is common to all configurations and details the schema used for configuration. This needs to be the version for the Dev Proxy release you’re using and a link to the file on GitHub. Next is a list of the plug-ins being used. Finally, the application configuration data: the APIs being watched, the errors being injected, and the rate limit that’s applied to calls. Plug-ins may have their own configuration data that’s applied when the plug-in is loaded.

One key feature of Dev Proxy is that it’s selective. You can let some API calls pass through, apply errors and rate limits to others, and intercept still more, redirecting calls to Dev Proxy-hosted mocks. This flexibility allows you to pick and choose what is tested and how. Finding the APIs to intercept requires using the proxy as a transparent proxy, discovering and recording all requests from a specific process. (You need to specify this, as otherwise Dev Proxy will record all network requests from every application on your PC.)

Armed with a list of URLs, you can now add the tests you want to apply to your code, intercepting requests for specific addresses and delivering mock responses. You first need to load the MockResponsePlugin and give it a list of API calls and the associated responses.

Using plug-ins

Dev Proxy’s plug-in architecture allows you to add additional features to a proxy so you can use much more complex mocks than simple response lists, for example, implementing a basic API for reading and writing to a database or even using an AI API. Others allow you to simulate using authentication or help ensure that you’re using the minimum permissions needed to access confidential and personally identifiable information.

Plug-ins don’t necessarily implement mocks. They can temporarily add telemetry that isn’t normally available to an application. For example, if you’re using it with Azure OpenAI, you can install a plug-in that helps record interactions with what can be an expensive service to use, providing telemetry and recording usage in CSV files for further analysis outside of your development toolkit. The OpenAI telemetry plug-in now also tracks cached tokens, ensuring you can track exactly how its APIs are being used. This helps predict how much token usage will cost in production.

Dev Proxy is a surprisingly powerful tool with a lot of useful features. It seems simple at first, but the combination of its plug-ins and its ability to inject errors and rate limiting into API calls allows you to simulate a wide selection of different API operating modes. Plus, Microsoft publishes instructions for building your own plug-ins. If you need something that isn’t available in the downloaded set, you can write your own.

Using the Dev Proxy Toolkit

If you’re using Visual Studio Code to build your microservices with whatever language or framework you want, you will want to install the Dev Proxy Toolkit. This provides tools for configuring and managing Dev Proxy, as well as installing it if it’s not currently available on your development PC. You can use the toolkit to edit configuration files and use the Visual Studio Code command palette to start, stop, and control the proxy. You can even watch for URLs that you might want to build proxies and mocks for. Other options include a library of JSON snippets to help add specific function to the proxy via its configuration.

If you want to work with GitHub Copilot Agent, there’s even a Model Context Protocol (MCP) server that can be installed alongside the toolkit and the proxy. This provides help while building configurations and can generate new configurations from natural language prompts.

Tools like Dev Proxy are an important part of the modern development tool chain. Distributed application development requires some thought and is hard to build out at a service level. Dev Proxy can be configured to behave differently as you move through the software development life cycle or as other application components are deployed in tests or in production. Add a set of development tools for Visual Studio Code and an MCP server, and you get tools that simplify development and make Dev Proxy an easy choice.

At Open Source Summit Europe in August, the Linux Foundation announced that DocumentDB—a MongoDB-compatible document database built on PostgreSQL—had joined the foundation as a new open source project. This new project, first announced by Microsoft in early 2025, is designed to support developers in deploying databases with their applications quickly and make querying data easier. But this move does make planning around the selection of the document database even harder. There are now more options open to you, so how do you pick the right approach that will suit you now and in the future?

Why choose a document database?

To start with, we’ll look at why you might choose to use a document database over a more traditional relational database. Document databases store data in a format that can be easier to operate using JavaScript Object Notation (JSON). For developers who are not familiar with the intricacies of relational databases or who don’t yet know what data schema they will need over time, using a document database can be faster and more effective in their workflow.

With rapid prototyping and agile development, interest in document databases grew massively. The poster child for this was MongoDB, which currently boasts more than 59,000 customers. Over the past decade, MongoDB has become one of the most popular options for developers who just wanted to get building. Other companies have launched their own document database projects, while MongoDB API-compatible services are also on the market too. The launch of DocumentDB as a Linux Foundation project will open up other new options too.

What infrastructure approach to take now?

There are two decisions to take around databases today—what you choose to run, and how you choose to run it. The latter choice covers a range of different deployment options, from implementing your own instance of a technology on your own hardware and storage, through to picking a database as a service where all the infrastructure is abstracted away and you only see an API. In between, you can look at hosting your own instances in the cloud, where you manage the software while the cloud service provider runs the infrastructure, or adopt a managed service where you still decide on the design but everything else is done for you.

In these circumstances, look at your team and how much time and resources you have available to manage infrastructure, and estimate how much you value your control over that infrastructure as well. On one side, you have the speed of delivery that managed services can provide. On the other, with more control, you can optimize your database to your application’s needs, achieving better performance.

One of the hidden challenges of using cloud services is how much you can be locked into that provider’s way of doing things. You are also beholden to their costs and pricing. If you are not able to migrate your systems away, then you may have to absorb higher costs when your provider raises prices. This can then affect your development strategies, where you have to change your plans based on matters outside your control.

This is partly why more options for running document databases—and MongoDB-compatible database services in particular—have hit the market. MongoDB’s approach to encouraging companies to move to its Atlas cloud service is popular with some, but other companies either can’t or won’t commit to the cloud. Their choice is to carry on with more expensive licenses or find an alternative approach.

What are your options for running document database instances?

While DocumentDB becoming a Linux Foundation project may encourage more migration, it is not the only option available. For organizations that already use MongoDB, shifting to another option can help them retain control over their technology strategy in the future.

The first option is to look at alternative approaches to running MongoDB itself. Alongside MongoDB-compatible APIs, you can choose to run different versions of MongoDB or alternatives to meet your document database needs. For example, you may not want to move to the cloud to run MongoDB Atlas, and it may be cost-prohibitive to stay with MongoDB Enterprise. One approach here is to use MongoDB Community Edition, as this reduces the cost of the license involved. However, this may not cover all the functionality that you need for enterprise-class workloads.

If this is the case, consider an alternative distribution that uses MongoDB but also adds enterprise-class features like backup and security functionality. One example of this is Percona Server for MongoDB, which adds that necessary support and makes functionality available while still being compatible with the SSPL. Using a different distribution offers the most compatibility with existing MongoDB applications while being a sound option for those who want to get started with MongoDB without being specifically tied to MongoDB Atlas or MongoDB Enterprise.

The second migration option is to use a service that is compatible with MongoDB’s API. For some workloads, being compatible with the API will be enough to move to another service with minimal to no impact. This is how DocumentDB works in practice. Whereas DocumentDB’s API is the same as MongoDB, its back-end infrastructure is based on PostgreSQL. Alongside the Linux Foundation DocumentDB project, there are other cloud services that provide compatibility. For example, AWS has a DocumentDB service with MongoDB support, while Microsoft has CosmosDB for MongoDB. Another option is FerretDB, which is an open-source project that replicates the MongoDB drivers and allows them to work on top of PostgreSQL.

The third option is to use an alternative document database. In the world of open source, Apache CouchDB is another document database that works with JSON and can be used for projects. It is particularly useful where applications might run on mobile devices as well as cloud instances; mobile support is a feature that MongoDB has deprecated. However, migrating to CouchDB can involve some changes to the application design. Naturally, the cost of any potential refactoring or re-design should be included in the list of considerations.

To make your choice here, consider how important compatibility with MongoDB is for your applications. If you need to implement the full MongoDB stack, then your best option is to use MongoDB or a drop-in distribution. If you just need compatibility with the APIs or drivers, then you have more options available. If you want or need to run in private cloud environments, the choice is more limited. Approaches like using databases in container environments managed with Kubernetes operators can deliver the equivalent functionality that cloud services offer, while not locking you into specific cloud service providers. This can also fit into a platform engineering model where you can automate the allocation of resources, deployment, and management for those instances over time, too.

The long-term future for MongoDB and document databases

MongoDB is still the most popular NoSQL document database for developers, sitting at #6 in the overall database ranking in the StackOverflow Survey 2025. That popularity won’t drop anytime soon. But there are more options available to run those workloads than ever before. Rather than relying on one company’s investment in the project, there is a whole community now available and invested in developing their own approaches to document databases.

The evolution of the wider technology landscape will also affect the future for document databases. The demand for AI services has increased the value that company data can provide, and turning data into vector embeddings for generative AI projects has in turn led to more document database deployments to support that data. For developers, using document databases to store their company data as vectors makes it easier to manage this data in parallel.

This rise in options should help to cement MongoDB as a technology approach for the long-term future, just as SQL has been adopted and used as a standard for relational databases for more than 50 years. But there are now more approaches to use this approach than ever before, from compatible distributions through to projects that use the APIs or support the drivers while adopting other infrastructure approaches.

All of this innovation demonstrates the continued love for the document database approach, but developers want more options and choice around how they build. The open source community has stepped in to meet those needs, from adopting new distributions to delivering more choice around how to use this approach.

—

New Tech Forum provides a venue for technology leaders—including vendors and other outside contributors—to explore and discuss emerging enterprise technology in unprecedented depth and breadth. The selection is subjective, based on our pick of the technologies we believe to be important and of greatest interest to InfoWorld readers. InfoWorld does not accept marketing collateral for publication and reserves the right to edit all contributed content. Send all inquiries to doug_dineley@foundryco.com.

It appears Meta has opted to go in a whole new direction in response to this week’s formation by The Linux Foundation of a group called the Agentic AI Foundation (AAIF), designed to help enterprises develop and manage AI agents through a “shared ecosystem of tools, standards and community-driven innovation.”

The group is made up of a who’s-who of the tech industry, ranging from AWS and OpenAI to Google, Microsoft, IBM, and Cisco. The one name missing from the list is Meta, and, according to a Bloomberg article published on Wednesday, there is a reason for that: the firm is working on a new proprietary model, code-named Avocado, that will generate revenue.

Brian Jackson, principal research director at Info-Tech Research Group, said, ”[Meta was] never interested in a truly open source model approach, just an open weights model approach. To really commit to open source, [it] would have to be willing to share its training data and give up control over model governance.”

Weights, he said, “are just the different knobs along the neural pathways that can be tweaked when training a model. Clearly, [Meta] views its training data as a competitive differentiator or sees some other risk in making it public. It also wants to maintain control over the governance of its models in terms of how they can be integrated with other vendors’ platforms.”

Jackson pointed out that, now that it sees that The Linux Foundation is going to better define a standard for truly open source models, Meta realizes it isn’t going to be able to define the space and distribute its model in the way it intended.

Open weights models vs. open source software

Asked whether developing cutting-edge open source models is becoming too expensive for anyone to contemplate doing without some sort of revenue stream, he noted that at AWS re:Invent last week, AWS CEO Matt Garman had some interesting comments about these open weights models in an analyst Q&A session.

Jackson said, “he pointed out that open source software works because the community contributes back to the projects. But with open weights models, only the provider contributes to the release. These business models are too expensive and not a long-term play,” he said, “and providers may eventually have to charge for them.”

Meta, he said, is proving Garman right. “They didn’t really have a clear business model to collect revenue on Meta’s open weights models,” he said. “Perhaps part of their strategy was to commoditize LLMs and undermine the business models of their competitors.”

But the scale of these models, said Jackson, “continues to grow, and competition is pushing AI makers to invest more into training techniques, talent, and infrastructure to support it all. So, Zuckerberg has to pivot and find a way to monetize Meta’s work here. The best way in the industry to do that is to put a gated API on your model and charge a price per token.”

Sanchit Vir Gogia, the chief analyst at Greyhound Research, said Meta’s pivot from open source AI to a closed, monetized model architecture “marks a deliberate departure from the cooperative direction that most of the AI industry is now moving toward. This is not a tactical adjustment. It is a structural shift that signals a different philosophical stance on the future of AI infrastructure.”

Meta positioning itself as ‘self-contained island’

He added that while organizations such as OpenAI, Google, Anthropic, Microsoft, and others are aligning under the Agentic AI Foundation to create open, neutral standards for agent interoperability, Meta is choosing vertical integration and platform control.

This, said Gogia, looks like a shift in how Meta wants to position its AI bets commercially. “The open source chapter, impactful as it was, always had an expiry date once performance demands, infrastructure overheads, and monetization pressure started to close in,” he noted.

Staying competitive at the frontier, he added, “now means keeping optimization in-house, running tighter R&D loops, and owning the entire stack. The move toward a closed model, with Avocado at the centre, tells us Meta no longer sees its AI as fuel for the ecosystem. It sees it as product — something to sell, protect, and scale.”

This shift is not surprising, said Gogia, “but it is consequential. It reshapes how Meta will be perceived by developers, enterprise buyers, and industry partners. Openness earned Meta trust and relevance when it was trying to gain ground. Closing the stack now allows for performance control, monetization levers, and vendor differentiation.”

In addition, he pointed out, “it also isolates Meta from the standards-led coalition building that is defining the next phase of agentic AI. That isolation may serve short-term commercial objectives, but it risks long-term architectural compatibility in a world that is trending toward interoperable intelligence.”

By staying outside of the AAIF framework, the likely result for Meta is architectural fragmentation, he noted. “Enterprises may find that agents developed within Meta’s platforms are functionally incompatible with broader industry patterns. This may benefit Meta’s platform stickiness, but it undermines the broader ecosystem’s push for composability, portability and open orchestration.”

In a world where CIOs are demanding interoperable intelligence, Gogia said, “Meta is positioning itself as a self-contained island. That may serve its own apps and ad systems, but it puts it out of sync with where collaborative infrastructure is heading.”

This article originally appeared on CIO.com.

GitHub has this week implemented the final part of a security upgrade it hopes will make the vast and hugely popular npm Node.js registry more resistant to the growing menace of supply chain compromise.

As it warned it would do two months ago, on December 9, the npm (Node Package Manager) registry finally revoked all ‘classic’ or ‘long-lived’ tokens, which until now could be used to authenticate developer packages without setting an expiration date. Developers must now shift to using either granular access tokens (GATs) with a shorter life and more limited scope, or upgrade to a completely new automated CI/CD publishing pipeline based on OpenID Connect (OIDC) and OAuth 2.0.

The move is a direct response to a recent rise in supply chain attacks, particularly September’s Shai-Hulud worm which successfully backdoored hundreds of packages after compromising developer accounts and tokens.

“Such breaches erode trust in the open source ecosystem and pose a direct threat to the integrity and security of the entire software supply chain,” said GitHub director of security research, Xavier René-Corail, at the time. “They also highlight why raising the bar on authentication and secure publishing practices is essential to strengthening the npm ecosystem against future attacks.”

Developer workload

For developers, the alteration raises two issues: what are the practical effects of the change, and will it boost security as much as claimed?

On the first point, the upgrade is significant: any CI/CD developer hitting npm publish or npm install for a package authenticated using a classic token will from this week on receive a ‘401 Unauthorized’ error. Generating new classic tokens without an expiration date will no longer be possible. Granular tokens with future expiration dates will continue to work until February 3, 2026. After that date, granular tokens will have a maximum lifespan of 90 days, at which point they will have to be rotated.

The amount of extra work all this creates for developers will depend on how many packages are involved and their organization’s size. For larger organizations, assuming they haven’t already done the legwork, this could involve auditing hundreds of packages across multiple teams. Classic tokens in these packages will have to be revoked, and a process will have to be put in place to rotate granular tokens.

Not everyone is convinced that the reform goes far enough, however. Last month, the OpenJS Foundation criticized the maturity of the tokenless OIDC security model that GitHub wants developers to move towards in the long term. Given that attackers often compromise packages after breaking into developer accounts, more emphasis should be put on multi-factor authentication (MFA) security for those accounts, the OpenJS Foundation said.

Currently, npm doesn’t mandate MFA on smaller developer accounts, and OIDC itself imposes no additional MFA stage when publishing packages. In fact, in the case of automated workflows, there is no way to add MFA to the process. And there’s also the issue that some forms of MFA are prone to man-in-the-middle attacks. This means that any authentication method used needs to be able to resist such techniques.

“We’ve seen a clear pattern emerge where threat actors target maintainers of widely used but under-resourced projects,” commented Mitun Zavery, regional vice president for supply chain security company Sonatype.

“The recent compromise of npm packages like Chalk and Debug mirrors what we observed with the XZ Utilities backdoor incident. In both cases, the adversary patiently built trust to gain control, showing that social engineering is now a key stage in supply chain compromise.”

He pointed out that the industry needs to recognize that open-source package management registries such as npm are critical infrastructure and should be resourced accordingly. Additionally, Zavery said, “organizations need to assume compromise is possible and respond by maintaining accurate software bills of materials, monitoring for suspicious dependency changes, and sandboxing builds.”

Python and C share more than it might seem. The reference version of the Python interpreter is written in C, and many of the third-party libraries written for Python wrap C code. It’s also possible to generate C code from Python.

Generating C code with Python has typically involved libraries like Cython, which use type-annotated Python code to generate C extension modules for Python.

A new project, PythoC, takes a different approach. It uses type-hinted Python to programmatically generate C code—but chiefly for standalone use, and with many more compile-time code generation features than Cython has.

PythoC’s makers use the phrase “C level runtime, Python powered compile time” to describe their approach. The project is still in its early phases, but there are enough working features to make it worth a look.

A basic PythoC program

Here’s a simple program adapted from PythoC’s examples:

from pythoc import compile, i32

@compile
def add(x: i32, y: i32) -> i32:
    return x + y

if __name__ == "__main__":
    print(add(10, 20))

To indicate which functions in a module to compile to C, you use PythoC’s @compile decorator, supplying type hints for the result and each parameter. Note that you also need to import PythoC’s own i32 hint, instead of using Python’s native int. This means you’re using machine-native integers and not Python’s arbitrary-size ints.

When you run this program, you’ll get 30 as the output, after a delay. The C code is compiled on the fly each time you execute the program, hence the delay. PythoC doesn’t yet have a mechanism for re-using compiled code when it’s called from Python, the way Cython does.

At first this seems like a pretty big limitation. But it’s actually the point: You can use PythoC as a code generation system for C programs that run independently, rather than C modules imported into Python.

Generating standalone C programs

Here’s a new verson of the same program, with different behaviors.

from pythoc import compile, i32, ptr, i8
from pythoc.libc.stdio import printf

@compile
def add(x: i32, y: i32) -> i32:
    return x + y

@compile
def main(argc: i32, argv: ptr[ptr[i8]]) -> i32:
    printf("%u\n", add(10, 20))

if __name__ == "__main__":
    from pythoc import compile_to_executable
    compile_to_executable()

The first thing you’ll probably notice is the block at the bottom. The compile_to_executable() function is exactly what it sounds like. Call it, and the current module is compiled to an executable of the same name, with all the @compile-decorated functions included.

Another difference is that the main() function now has the same signature as the main() function in a C program. This means the compiled executable will automatically use that as its entry point.

Finally, when you run this program, the generated executable (which shows up in a build subdirectory) doesn’t run automatically; you have to run it yourself. The aim here is to build a standalone C program, indistinguishable from one you wrote by hand in C, but using Python’s syntax.

PythoC’s emulation of C features

With only a few exceptions, PythoC can generate code that fully utilizes C’s feature set and runtime.

You’ve already seen how to use type annotations to indicate primitive data types. You can likewise use the ptr[T] annotation to describe a pointer (also shown above), and use array[T, N] for N-dimensional arrays of type T. You can make structs, unions, and enums by decorating Python classes, and all the usual operators and control-flow operations (except for goto) will work. For switch/case, just use match/case, although fall-through cases aren’t available.

Something else that’s missing is variable-length arrays. In C, this feature is only supported in C11 and beyond, and support for it in compilers is optional, so it’s not surprising PythoC doesn’t support it yet.

Compile-time code generation

It’s possible to use Cython for compile-time code generation, which means you can produce different kinds of C code, or even fall back to Python code, depending on what happens at compile time. But PythoC’s compile-time code generation has abilities Cython lacks.

Here’s an example from PythoC’s documentation:

from pythoc import compile, struct, i32, f64

def make_point(T):
    @struct(suffix=T)
    class Point:
        x: T
        y: T

    @compile(suffix=T)
    def add_points(p1: Point, p2: Point) -> Point:
        result: Point = Point()
        result.x = p1.x + p2.x
        result.y = p1.y + p2.y
        return result

    return Point, add_points

Point_i32, add_i32 = make_point(i32)
Point_f64, add_f64 = make_point(f64)

The make_point(T) function takes in some type annotation (i32, f64), and generates at compile time type-specialized versions of the Point class and add_points functions. The suffix parameter for @compile means “alter the name of the generated object so that the type is used in the name”—so, for example, Point becomes Point_i32 and Point_i64, which in C is one way to distinguish between multiple versions of the same function with a different type signature. It’s also possible to use this in conjunction with runtime dispatch to provide polymorphism.

Memory safety features

The bugs that can spring from C’s manual memory management are gloomily familiar to anyone who uses the language. Cython has memory safety features to address this, but PythoC offers unique type-based features in this vein.

One is a feature called linear types. The linear import lets you generate a “proof,” usually to accompany a memory allocation, that has to be “consumed” when the same memory is deallocated. If you don’t have a matching consume(prf) for each prf=linear(), the PythoC compiler will generate a compile-time error. The documentation for this, linked above, shows how to create simple lmalloc()/lfree() functions to allocate and free memory safely. Nothing says you must us linear types over manually using malloc()/free(), but they can automate much manual checking and centralize it at compile time rather than runtime.

Another type-based safety feature is refinement types. The idea here is that you can define a function to perform a certain kind of check—e.g., for a null pointer—with a boolean result. You can then use the refine() function to pass a value to that function and get back a type specific to that function, refined[func]. This allows the compiler to ensure that type has to be handled in some manner before being returned, and allows common checks (again for things like a non-null pointer) to be handled in a single place in your code. Cython’s type system is mostly for emulating C’s behaviors directly, and so doesn’t include anything like this.

Possible future directions for PythoC

PythoC is still quite new, so its future development is relatively open ended. One possibility is that it could integrate more closely with Python at runtime. For instance, a @cached decorator could compile modules once, ahead of time, and then re-use the compiled modules when they’re called from within Python, instead of being recompiled at each run. Of course, this would also require integration with Python’s existing module build system. While that level of integration might not be part of the project’s aim, it would make PythoC more immediately useful to those integrating C and Python.

If programming were nothing more than taking an idea and turning it into running code, AI-assisted development might fully deliver on its promise. But AI’s ability to transform natural language prompts into runnable software ultimately highlights the importance of non-mechanical aspects of programming.

Rather than reducing or eliminating the human element in software development, AI reveals the human traits that are key to successful projects. One of these is the ability to sense when a piece of software is becoming unmanageable, and to mitigate the damage.

Such discernment differentiates novice and veteran developers. Increasingly, it also differentiates software written by humans from AI-generated code.

What vibe coding is not

By now, most developers know what vibe coding is. Many of us are using it in some part of our everyday workflow. AI-assistance being a part of the software development life cycle went from revolutionary to passé in about a week. It is extraordinary how quickly software developers can absorb shocks to the industry and just keep going.

But some wags keep missing this key factor: Developers are the ones adopting and applying the technology. We can’t be replaced because at the end of the day, we are the ones holding the reins that guide the tools.

The future is AI-empowered development, not AI-replaced developers. The age-old skills that make a good developer valuable become even more important when writing and pushing functioning code gets cheaper. Leave out the developer, and you just get mountains of technical debt.

You think requirements are easy?

The big idea in AI-driven development is that now we can just build applications by describing them in plain English. The funny thing is, describing what an application does is one of the hardest parts of software development; it’s called requirements gathering.

Anyone who has spent time defining requirements knows it’s a real swampland. It’s full of “I’ll know it when I see it,” which really means, “I’ll know that’s not it when I see it.” Bridging between the technical programming and end-user fit is notoriously hard to do. Good developers are the ones who can walk between those two worlds.

But now we are riding a vibe. A vibe, in this case, is an unwritten requirement. It is always changing—and with AI, we can keep manifesting these whims at a good clip. But while we are projecting our intentions into code that we don’t see, we are producing hidden effects that add up to masses of technical debt. Eventually, it will all come back to bite us.

What developers actually do

AI researcher Gary Marcus recently posted an article on Substack, Is vibe coding dying?, where he referenced a comment from a disillusioned AI coder:

I just want to say that I am giving up on creating anything anymore. I was trying to create my little project, but every time there are more and more errors and I am sick of it. I am working on it for about 3 months, I do not have any experience with coding and was doing everything through AI (Cursor, ChatGPT etc.). But everytime I want to change a liiiiitle thing, I kill 4 days debugging other things that go south.

So I do not have any more energy in me to work on this. It is hopeless. AI is still just soooooo stupid and it will fix one thing but destroy 10 other things in your code. I am really sad, because I was enjoying it in the beginnings but now it is just pain and rage. Hat down for those people, who can create something and it is working without coding knowledge.

The reason this quote is so perfect will be clear to most software developers. This is a non-coder who believes their project failed due to their inexperience and use of AI. But developers know the “I changed X, and way over there in Y and X something broke” is a classic pitfall of software development.

Software is a bizarrely interrelated complex of things, like a quantumly entangled system. Managing this madness is a big part of what successful software developers get paid to do.

Vibe coding and technical debt

Don’t get me wrong: I appreciate the unbridled creativity that can be found in just riding a vibe on an AI platform. If you haven’t already tried it, I suggest sitting down with Roo Code and seeing how it feels to blast out working software with just a few keystrokes.

At first, vibe coding is intoxicating. You can rapidly produce all the basic application infrastructure without even thinking about it. It’s like driving a 4×4 that sails over speed bumps. Pretty soon, though, you will find yourself off-roading in the ravines of wack-a-mole fix-and-break, like the above user did. Suddenly, that landscape of magically functional code becomes a yawning chasm of technical debt that you have to figure out. And if you don’t have the coding background to understand what you’re up against, you will drown in it.

Sure, you can try using AI to fix the things that are breaking, but have you tried it? Have you ever been stuck with an AI assistant confidently running you and your code around in circles? Even with something like Gemini CLI and DevTools integration (where the AI has access to the server and client-side outputs) it can so easily descend into a maddening cycle. In the end, you are mocked by your own unwillingness to roll up your sleeves and do some work.

It’s certainly one of the strangest experiences I’ve had with a computer: relying on my own hard-won instincts to ferret out root problems the AI itself obscures.

Be careful how you use it

Some might be tempted to accuse me of being anti-AI, which is not true. I love AI for coding. I’d even say (and have said) it brings back some of the joy and sense of possibility of the early days of the Internet. By dealing with a lot of the formality of coding, AI brings more ambitious ideas and efforts into scope. It lets developers spend more time in the zone of creativity.

If I had to choose one thing that is the most compelling about AI-coding, it would be the ability to quickly scale from nothing. The moment when I get a whole, functioning something based on not much more than an idea I described? That’s a real thrill.

Weirdly, AI also makes me feel less alone at times; like there is another voice in the room.

If in the end that is what we mean by “vibe coding,” I’m all for it. I like to be in the flow just as much as anyone else. The key is to be in the flow without unwittingly amassing junkyards of bad code. At the end of the day, AI will magnify whatever we put into it. It’s like trading a handsaw for a chainsaw: Better be careful how you use it.

The balancing act hasn’t changed

Programming has always been part engineering and part craft. A good software developer brings together these two parts in one mind. Modern AI helps with both the creative and mechanical aspects of software development, but a human is still needed to unite them with understanding.

The balancing act of software development hasn’t changed; it is just operating at a higher order with AI.