Tag: SoftwareEngineering

  • Impressions from the TNG BigTechDay 2026

    End of May, I attended the TNG Big Tech Day (https://www.bigtechday.com/). TNG describes it as “a one-day conference on science and technology, with a focus on IT. The speakers often come from the field of information technology, but some also come from other scientific disciplines such as physics, mathematics, or mechanical engineering”.

    It’s a fairly large conference with about 2000 attendees. As usual there were multiple tracks, so it’s always hard to decide. But maybe the will also publish some of the talks later on as recordings.

    I chose most of my talks from the AI track and wanted to share my thoughts. The summaries of the talks can be found online so I won’t repeat them here. 

    AI for Humans

    https://www.bigtechday.com/vortraege#33ST2mGCEKRL00NHjiXfjQ

    Gregor Schmalzried: 
    https://www.bigtechday.com/speaker#4bU5a1LFwLeKPPU4qFJQHB
    https://www.linkedin.com/in/gregorschmalzried/

    Der Ki Podcast: https://www.ardsounds.de/sendung/der-ki-podcast/urn:ard:show:65505255c703e51e/

    The talk was inspiring as expected, if you know Gregor’s Podcast. Gregor showed the differences and advancements from a couple of years ago, how he uses agents and why we find things odd.

    An interesting statistics he showed was that in almost all countries about 20-30% of the people like AI but also 20-30% dislike it (with stronger sentiments in the UK and the US if I remember correctly). – Well given what we see in the press coverage about AI, no one is surprised about the negative feelings.

    But still, Gregor sees a good future if we manage to leverage AI for mor good things. Honestly: I’m not so positive, but I’d be happy to be proven wrong.

    How to OWN the AI – Building a custom AI workmate for Bank Frick

    https://www.bigtechday.com/vortraege#1UieGaHyAPaMR39LGgkGXN

    The team showed how Bank Frick (https://www.bankfrick.li) developed their own chat & agent framework which is now used by more than 120 of their ~300 employees. I liked the approach as they showed how they executed several use cases but always kept track of the business impact and some key metrics to measure the benefit of the solution.

    I asked how long it took to develop the solution so far. If I remember correctly, it was developed by about 3 people for like 5 months. The development is now handed over to an internal team.

    Regarding my rough estimation for the cost of the initial build (excluding infrastructure cost) plus further development internally … I’m wondering, if in 2026, there aren’t already some off-the-shelf solutions that might have lower cost (for the price of some dependency). But I’m sure they do/did that evaluation.

    Lessons from the bleeding edge of AI/ML security

    https://www.bigtechday.com/vortraege#6mEhk9SpfhzKaRIDmlhAZi

    Keith Hoodlet
    https://securing.dev/
    https://www.linkedin.com/in/securingdev/
    @securingdev@infosec.exchange

    Keith Hoodlet from 1Password showed the current state of security requirements when using AI / LLMs. From prompt-injection and the threats when Agents act on behalf of the user and how much AI has reduced the time from “disclosure” to “attack”. Honestly, after the talk, you don’t necessarily feel more secure than before. – Like after any security talk one attends. I liked the proposals he showed to make agents secure. But I wonder how many companies invest so much to make such a secure environment.

    I also like how Keith mentioned that AI in general might be controversial, but we have to accept that it’s there and that attackers do use it. So we have to prepare for it.

    I’m not sure if it was Keith’s talk or another. But I think he also mentioned the issue of vibe coded apps in enterprises (“Vibe coded” here used as a separation to “agentic engineering”, the former is more the quick and dirty, the latter with engineering, security etc in mind): Let’s face it, these vibe coded apps exist and the trend might not vanish. Yet, those applications also MUST obey to some standard company SDLC to not expose risks. The challenge will be, how to enforce that …

    Who reviews the agent? From IDE assistants to OpenClaw

    https://www.bigtechday.com/vortraege#4OsB6zRo4FA3VY6YuqhyGg

    Marius Wichtner
    https://www.wichtner.com/ 
    https://kilo.ai

    Marius showed kilo.ai, an agentic coding platform. How the agents write and test code. What this means for us developers and how agents can/should be leveraged. In fact I found kilo.ai really interesting. I didn’t know it before, maybe I’ll give it a try for some tests. One thing that I find still amazing, is the approach to let several agents implement a feature (maybe if you don’t exactly know how a UI should look like), review and compare the solutions and then decide for one of the solutions. Of course, it comes with token costs, but that’s the price to have a choice.

    Another interesting point he made was, that people who currently lead others (group leads, lead developers) are those who perform best when working with multiple agents as they know how to (communicate &) delegate so that other people know what is expected. What a “surprise”, communication is key – still.

    Btw: Marius said, yes in the end, YOU will review the code.

    Get comfortable being uncomfortable: The Great Pacific Escapade

    https://www.bigtechday.com/vortraege#6KYPOBatZvQU398UUFUhr3

    TNG Big Tech Day wouldn’t be the BigTechDay if there were no inspiring sports-talks! I heard so much about AI that I needed something else for a bit. Attending the talk of Jessica and Miriam was definitely something else. The two women rowed(!) their boat 165 days over 8,213 nautical miles (15.212 km) from Peru, South America to Cairns, Australia – non-stop and unsupported.

    There were quite a couple of “omg” and “wow” moments during the talk. Just thinking about rowing 15h a day – every day, having to filter your water each and every day (and the water filter breaking), cleaning the hull every 4 days from molluscs, rowing in hailstorms, navigating, being alone for half a year and burning over 5,000 calories each day. And all this in such a small boat. And besides surviving and rowing, they also had to household with their electronics and solar-charging to navigate, but also satisfy sponsors by creating some content.

    The whole talk was a testament what we can achieve with an according mindset, the will to continue and to tackle challenges.

    2 Million Dollars worth of code for $20,000: Rewriting large software projects with AI agents

    https://www.bigtechday.com/vortraege#1ckBbBfvwisPk3PzQoQneD

    “Rewriting a behemoth” is a story that every developer has heard in his life. That’s why I wanted to attend that talk, too. Rewriting about 60,000 Lines of code usually would account for 7 digits budgets and quite a time. The two did it in 3 weeks and 20,000 $ token budget.

    BUT it was was quite impressive how much effort they still had to put into it! If you think it’s just firing up Claude Code and say “rewrite” .. you couldn’t be more wrong. Especially as they tried in early 2025 and had to freeze the project and restart in 2026 as the models weren’t good enough a year ago and had become so much better. And still it did sound like so much engineering effort that went into this setup! Pretty wow.

    But – in contrast to the talk to talk “Who reviews the Agent”, the two decided that no human reviews the code any more. They had to trade velocity over safety. That’s quite a statement that needs to settle in the mind. – But still, agentic engineering could indeed be a way out of the problem of big legacy systems where you simply cannot afford multi year rewrites.

    Summary

    As expected, the TechDay was loaded with impressive talks and insights. Also the conversations in the coffee breaks were pretty precious. The AI topic was quite overwhelming (well I only attended the AI track) in all the varieties.

    One thing that I really appreciated, was that AI wasn’t just presented as a silver bullet. From threat modelling that just shows the dark side – to the impressive agentic engineering talks that show how much software engineering is involved to succeed.

    But also the conversations in the coffee breaks were precious that connected back to Gregor Schmalzried’s talk (reproduced from my mind) “About 20–30% are against AI. Well, no wonder! We (ordinary people) hardly see any benefits from it. Instead, we can’t trust any videos anymore, computers are expensive, and nuclear power plants are being built for this. – And this so-called increase in efficiency – where is it? Whome exactly does it help? Not me. It’s just leading to layoffs“.

    But AI is definitely in our (developers’) lives. Whether we like it or not. Especially the “rewriting legacy” problem is a very interesting one that could add benefit. But what it all means for us? I don’t know. The pricing will be a corner stone for the further development. Interesting times are ahead of us, for sure.

    And if you couldn’t attend, watch out for the recordings on https://www.bigtechday.com/rueckblick and the YouTube channel https://www.youtube.com/@tngtech/playlists.

    Fediverse Reactions
  • GenAI coding needs more than just a Licence

    I just found this blog post from Rob Bowley in my RSS feed and one paragraph just so resonated with what I read and hear so much:

    For CEOs and founders hoping to benefit, the answer isn’t as simple as handing out Claude licences […]. It’s investing in the engineering culture and practices. Unglamorous, slow work, but there’s no way around it.

    Rob Bowley

    I’ve been trying and since a while now in my own projects and I can just say: to really leverage it, you must adjust the style of working. And this is a learning curve you must be willing to take.

    Fediverse Reactions
  • Why Settle for One AI Assistant When You Can Have Two?

    Two weeks ago, I discovered that Mistral.ai also provides a coding assitant, similar to GitHub Copilot (GHC), called Mistral Vibe (GitHub page).

    In those two weeks I’ve been using Mistral Vibe in parallel to GHC. Just because I wanted to try and see the difference! And just after a couple of days I noticed that the agents definition in Mistral Vibe are a bit different from GHC (in hindsight: of course!). This, of course, leads to a dual configuration in my project so that both assitants can work properly.

    And just today I noticed that I’m doing commits for dual-Agent-Support … Hardly thinkable just half a year ago:

    - Add documentation references:
      * AGENTS.md: Add reference for AI coding assistants
      * README.md: Add reference in Further Reading section
    
    - Enhance dual AI support:
      * Update AGENTS.md to reference both .github/skills/ (GitHub Copilot) and .vibe/skills/ (Mistral Vibe)
      * Clarify which skill directory each AI assistant should use

    So far I’m quite happy and impressed by the performance of the Coding assitants. However, it still makes sense to review the code every now and then. Even though the tools discover a lot of vulnerabilities themselfes which helpme to create a safer result, I had a couple of findinges myself the last days:

    For example: API Endpoints not being protected by login (well, I hadn’t instructed to do so), constructed URLs lacking Url-encoding, or Test being written but testing for an outcome that I didn’t want (e.g. I wanted a certain function to strip whitespaces, whereas the test assumed whitespaces should be retained).

    Anyways. My own commit about a multi-agent(vendor)-setup really showed me how much things have changed in the last months. And for sure, there’s more to come …

    Fediverse Reactions
  • AI Can Write Code, But It Can’t Debug Without Context

    Large Language Models (LLMs) are often marketed as the ultimate productivity boost for developers: “Write code faster! Debug with AI! No more manual work!” After a recent experience, I can confirm that LLMs are incredibly useful for writing and even structuring code (I’ll write about this probably in a later blog post).

    But when it comes to debugging, one should make really sure that the tool has access to all the relevant context (and don’t disable your brain). But .. let’s see, what happened:

    Since a couple of days (uhm .. nights mostly, after work), I was writing a web application. The copilot-experience was very good and it really helped tremendously. I never really ran into a situation where I had to debug. And I was curious when (if?) I’d run into that – and how things turn out then.

    (more…)
  • I Stopped Manually Committing – Here’s Why

    I don’t code much in my day job anymore, but I still love building things. So last weekend, I finaly took the time to test GitHub Copilot’s Agents feature — specifically, a Commit Agent. I’ve seen agents.md and knew the theory, but I wanted the live experience: Could this actually improve my workflow, or was it just another layer of automation hype?

    Even when working alone, I sometimes need to revert—and that’s when I really appreciate clean, atomic commits. But let’s be honest: I’m not always disciplined enough to enforce that myself. So I figured, why not seek the help of an agent?

    (more…)
    Fediverse Reactions
  • Stop Reinventing the Wheel – go to Community Events!

    I can only advise everyone in tech: Go to events, meetups, and webinars — talk to people, exchange ideas. We all face similar challenges. You don’t have to solve everything alone. And if an event turns out to be a dud? Well, so be it — at least you might have grabbed some free food.

    Recently, after a long time, I went back to a Meetup from Munich Datageeks e.V., and it reminded me: Just being able to discuss a few half-baked ideas or questions with someone can make a huge difference. Chances are, the other person has already tried some of them — and that alone can save you a ton of time!

    On that particular Meetup I got some practical ideas for work that we’re discussing and where we don’t have a clear solution yet. This other company has tried some things already and confirmed some of my (theoretical) concerns.

    Later on the same event I was just talking about AI assisted coding with some others folks. I simply don’t have the time to try out all tools! Speaking to some real developers – not just looking at Youtubes or listeneing to Podcasts – and hearing their in-life experience is just precious.

  • One of the most potentially dangerous failure modes of LLM-based coding assistants …

    I really like having Jason Gorman’s blog posts in my RSS reader. Especially when he’s highlighting some critical issues with AI assisted coding.

    This paragraph for example really made me smile:

    For example, a common strategy they use when they’re not able to fix a problem they created is to delete failing tests, or remove testing from the build completely,

    What Makes AI Agents Particularly Dangerous Is “Silent Failure”

    I just had to smile because I probably would have been quite surprised to see that happening.

    But okay. It’s another thing I put onto my mental list to care about when doing AI assisted coding.

    Check out his post: https://codemanship.wordpress.com/2026/02/27/what-makes-ai-agents-particularly-dangerous-is-silent-failure/

    Fediverse Reactions
  • Agent finops

    The start of this article made me laugh:

    The first time my team shipped an agent into a real SaaS workflow, the product demo looked perfect. The production bill did not.

    FinOps for agents: Loop limits, tool-call caps and the new unit economics of agentic SaaS

    I wasn’t laughing out of malicious joy, but as it’s something that quite a lot of people don’t think about when they start AI / Agentic coding: Whenver you give the program flow the opportunity / ability to make queries on it’s own judgement, think about the case that the thing (I don’t want to call it AI) could run into an infinite loop. And every query to the LLM generates real costs.

    And with “costs” I don’t just mean “a busy CPU” like in traditional infinite loops. More like “costs” in terms of Lambda Horror Stories: Suddenly, every loop querying your LLM provider hit’s your budget.

    And that might get even more interesting in case of vibe coding, where such an infinte loop is burried in thousands of lines of auto-generated code. Oh we have interesting times ahead!

    Check out the article: https://www.infoworld.com/article/4138748/finops-for-agents-loop-limits-tool-call-caps-and-the-new-unit-economics-of-agentic-saas.html

  • AI amplifies DevOps

    DevOps is the backbone of modern software delivery. The latest insights from Developer Tech on Perforce’s AI-driven tools highlight why — again.

    70 percent of the organisations report their DevOps maturity materially affects their success with AI. Rather than replacing established delivery practices, proper foundational workflows serve as the prerequisite for scaling these capabilities.

    Perforce Software: How AI is amplifying DevOps | developer-tech.com

    What’s remarkable out isn’t just the AI integration. It’s how it amplifies DevOps’ core strengths: bridging team gaps, automating repetitive tasks, and ensuring reliability at scale.

    Collaboration, Speed, and Resilience

    DevOps thrives on collaboration, speed, and resilience. AI doesn’t replace these principles — it supercharges them. Perforce’s tools streamline code reviews, predict deployment risks, and optimize workflows. They’re not just upgrades. They’re force multipliers for teams drowning in complexity.

    It’s not an “either or”

    The article also points out that DevOps without AI risks obsolescence. Manual processes become bottlenecks – but AI-driven insights — whether in testing, monitoring, or incident response —turn the huge amount of data into actionable insights.

    That’s not hype. It’s a competitive edge. The future isn’t about choosing between DevOps and AI. It’s about how well you integrate them.

    Check out the article: https://www.developer-tech.com/news/perforce-software-how-ai-is-amplifying-devops/

    Fediverse Reactions
  • Rules don’t always work on AI agents

    A recent Mastodon post from @solomonneas highlights an annoying issue: an AI agent pushed to the main branch 12x, despite clear instructions not to.

    […] My agent pushed to main 12 times despite explicit instructions.

    Fix: git pre-push hooks on 39 repos. Agent can’t push code to main because git rejects it. No willpower needed. […]

    Mechanical enforcement > written instructions.

    @solomonneas@infosec.exchange

    The post really speaks for itself:

    • Agent rules are not 100% reliable
    • KISS: Keep it Simple, Stupid. Don’t make it more complex than necessary. (= don’t start fiddling around with additional AI)