Systems | Development | Analytics | API | Testing

dreamfactory

RBAC vs ABAC: API Security Implications

Jul 31, 2025 By Kevin McGahey In DreamFactory
Securing APIs requires managing who can access resources and under what conditions. Two primary models stand out: Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). Here's the key takeaway: RBAC assigns permissions based on predefined roles, making it simple to manage in structured environments. ABAC evaluates multiple real-time attributes for dynamic, granular control, ideal for complex or evolving scenarios.
Read Post
kong

How to Build a Multi-LLM AI Agent with Kong AI Gateway and LangGraph

Jul 31, 2025 By Claudio Acquaviva In Kong
In the last two parts of this series, we discussed How to Strengthen a ReAct AI Agent with Kong AI Gateway and How to Build a Single-LLM AI Agent with Kong AI Gateway and LangGraph. In this third and final part, we're going to evolve the AI Agent with multiple LLMs and Semantic Routing policies across them. In this blog post, we'll also explore new capabilities introduced in Kong AI Gateway 3.11 that support other GenAI infrastructures.
Read Post

What is an AI Gateway?

Jul 31, 2025 By Kong In Kong
Ever wondered what an AI Gateway is? Think of it as an airport for your AI traffic! We break down how an AI Gateway can: Act as a central access point for different AI models. Provide security for your LLM prompts. Route traffic to the best model for the job. Save on AI costs with features like response caching. Learn the basics of this essential tool that helps manage AI and LLM costs, security, and efficiency.
View Video

Kong AI Gateway: Prompt Compression

Jul 31, 2025 By Kong In Kong
High token consumption from long prompts can degrade model performance and lead to expensive, inefficient LLM operations. This video demonstrates how to solve that problem using Kong's AI Gateway. AI Prompt Compressor Plugin: See how this plugin intelligently compresses incoming prompts before they hit the model. It summarizes context, removes redundant information, and trims excess tokens—all while preserving the original meaning.This could lead to significant cost savings and improved performance.
View Video
bitrise

Bitrise maintains SOC 2 Type II compliance with latest successful assessment

Jul 30, 2025 By Gabor Nadai In Bitrise
At Bitrise, we continually invest in security best practices to ensure that our customer’s data stays safe and secure. As a part of an on-going effort, we are excited to announce that we’ve successfully completed our SOC 2 report. The examination was conducted by A-LIGN, a technology-enabled security and compliance firm trusted by more than 4,000 global organizations to help mitigate cybersecurity risks.
Read Post
appsignal

Unit Testing in NestJS for Node Using Suites (Formerly Automock)

Jul 30, 2025 By Antonello Zanini In AppSignal
For years, Automock was a popular framework for defining mocks and stubs in backend test environments. As technology has evolved, new methods and techniques for streamlining the simulation of dependencies in testing have emerged. That's why Automock has been succeeded by Suites, a more modern and robust library. In this article, we'll explore the transition from Automock to Suites, understand what Suites offers, and see it in action in NestJS through a complete example.
Read Post
appsignal

Build Custom ActiveStorage Analyzers for Ruby on Rails

Jul 30, 2025 By Julian Rubisch In AppSignal
In this series, we will take a close look at the architecture of ActiveStorage for Rails. In this first part, we will examine how ActiveStorage treats uploaded data and how to extend this process. The second part will explore how to augment the presentation of uploaded assets. But first, let's quickly define what ActiveStorage does.
Read Post
dreamfactory

Custom API Logic with Server-Side Scripting

Jul 30, 2025 By Terence Bennett In DreamFactory
Server-side scripting allows developers to create APIs that respond dynamically to user input, security needs, and business logic. Unlike static APIs, server-side scripts interact with databases and external systems to deliver personalized, secure, and efficient responses. Key highlights: Enhanced API Security: Scripts run on servers, reducing risks like code injection and securing sensitive data. Dynamic Customization: Adjust responses based on user roles, input, or workflows. Improved Efficiency.
Read Post
perforce

CVE Funding Disruption: How Security Teams Can Prepare

Jul 29, 2025 By Perforce In Perforce
The longstanding Common Vulnerability and Exposure (CVE) database has vitally guided security teams for over 20 years, connecting cybersecurity experts, developers, vendors, and researchers in their shared ability to track unknown vulnerabilities in software. But in April of 2025, the MITRE CVE database program was in jeopardy. U.S. government funding for CVE, managed by MITRE and sponsored by CISA, was set to expire. Only in the 11th hour was funding secured, and the contract extended — for now.
Read Post
perforce

How Database Cloning Eliminates Database Provisioning Bottlenecks for Faster Releases

Jul 29, 2025 By Perforce In Perforce
Dev teams often face delays of days or even weeks waiting for database refreshes. The result? Blocked sprint deadlines and delayed releases. Traditional database provisioning methods often create bottlenecks in DevOps pipelines where speed matters most. But there is a solution to this problem: database cloning. It provides fast, space-efficient copies that speed up development velocity.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.