Topic · 3 posts

Platform engineering

Every Inline Code post tagged Platform engineering, ordered most recent first.

Securing CI/CD pipelines without slowing engineering down

Pipeline security is the gap between policy and reality. Most regulated firms have written rules about code review and signed releases that the actual pipeline does not enforce — and the audit evidence is whatever the runner happened to print to stdout.

25 March 2026 · 3 min

Platform engineering · Risk

Policy-as-code as the control plane your auditors will actually read

Half the controls in a typical APRA submission are statements about what should happen. The other half could be expressed as policy code that runs in the pipeline and produces the evidence automatically. The gap between the two is most of the audit conversation.

28 February 2026 · 3 min

Information security

Secrets sprawl is the boring breach pattern that keeps working

The interesting attack chains get the conference talks. The pattern that actually wrecks regulated firms is unrotated credentials in code, in CI variables, in vendor portals, and in places nobody owns. The cleanup is unglamorous, and the savings are large.

3 September 2025 · 3 min

Browse other topics

AI Phishing Email security Social engineering AI evals Risk Testing ISO 42001 Cloud security AWS Azure CSPM

Get started

Bring AI risk under board oversight in two weeks.

A thirty-minute discovery call costs nothing. We confirm fit, scope, and timing, then issue a fixed-fee statement of work within two business days.

Book a discovery call Free maturity assessment