Jonathan Lalou's Blog

Lecturer

Anders Norås is a software engineer and speaker known for exploring unconventional approaches to coding and language design. He frequently presents on topics that challenge traditional programming practices while revealing deeper insights into how languages shape thought processes.

Abstract

The Oulipo literary movement of the 1960s imposed artificial constraints on writing to spark creativity and produce novel works. Anders Norås applies similar principles to programming, reimagining familiar exercises under unusual restrictions. By removing common language features or enforcing mathematical structures, developers gain fresh perspectives on problem-solving. The presentation demonstrates how such constraints reveal hidden capabilities within languages, encourage exploration of alternative paradigms, and foster deeper appreciation for the tools we use daily. Far from mere novelty, this approach yields practical lessons about flexibility, idiom discovery, and creative thinking in software development.

The Oulipo Tradition and Its Relevance to Programming

The Ouvroir de littérature potentielle, or Workshop of Potential Literature, sought to expand creative possibilities through self-imposed rules. Authors produced works without using specific letters, following mathematical patterns, or adhering to other arbitrary constraints. These limitations, rather than stifling expression, forced innovative solutions and surprising results.

Programming shares fundamental similarities with writing. Both involve crafting structures from symbolic systems to convey meaning or achieve outcomes. Both benefit from deliberate practice and exploration of form. Just as Oulipo writers discovered new literary techniques, programmers can uncover language capabilities and problem-solving approaches by temporarily restricting their usual tools and patterns.

This method serves multiple purposes. It combats the complacency that develops from repeatedly solving problems the same way. It encourages examination of features developers might otherwise overlook. Most importantly, it transforms routine tasks into opportunities for discovery and renewed engagement with the craft.

Exploring Familiar Problems Under Novel Constraints

Classic programming exercises provide ideal subjects for constraint-based experimentation. The FizzBuzz problem, for instance, typically relies heavily on conditional statements. Removing the ability to use if statements or ternary operators forces alternative implementations that reveal language-specific idioms and capabilities.

One approach in C# leverages pattern matching within switch expressions to handle the logic. The resulting code, while unconventional, demonstrates how modern language features can replace traditional control structures. Translating the same constraint to Java yields an elegant, albeit unusual, solution using string repetition methods. These variations highlight how different languages encourage distinct thinking patterns even when solving identical problems.

Chessboard traversal problems offer another rich domain. The standard Warnsdorff’s rule provides an efficient algorithmic solution for visiting every square exactly once. However, constraint exercises might require solving the same task through exhaustive backtracking, ant colony optimization simulating natural behavior, genetic algorithms, or Monte Carlo tree search. Each method exposes different aspects of computational thinking and language expressiveness.

The value lies not in replacing established algorithms but in understanding the range of possible approaches. By deliberately limiting options, developers gain appreciation for why certain solutions feel natural in specific languages and discover techniques transferable to everyday work.

Benefits and Practical Applications

Constraint-based programming yields several advantages. It reveals language features that receive little attention in typical development. It encourages deeper engagement with syntax and semantics, moving beyond surface-level usage. It fosters creativity by breaking habitual patterns, often leading to more elegant or insightful solutions even after constraints are lifted.

Teams can apply these ideas in several ways. Code katas or brown-bag sessions focused on constrained implementations build collective knowledge and discussion. Exploring how the same problem manifests across languages strengthens architectural thinking and technology evaluation skills. Individual developers benefit from occasional deliberate practice that prevents skill stagnation.

The approach also serves as an effective teaching tool. Students or new team members gain rapid insight into language philosophy when asked to solve problems while avoiding common constructs. The resulting discussions illuminate design decisions embedded in language evolution.

Broader Implications for Software Development Culture

Modern development increasingly involves instructing AI systems rather than writing every line manually. In this environment, human strengths shift toward system thinking, trade-off analysis, and creative problem framing. Constraint exercises hone precisely these capabilities by forcing reconsideration of fundamental assumptions.

The Oulipo-inspired mindset aligns with broader movements in software craftsmanship that value deliberate practice and reflection. It echoes the Japanese concept of finding meaning in the space between elements—discovering insights that emerge when conventional approaches are temporarily set aside.

Programming communities benefit when members periodically step outside comfort zones. New libraries, paradigms, and techniques often arise from individuals willing to question established norms. By cultivating curiosity through playful constraint, developers contribute to collective advancement while maintaining personal engagement with the craft.

Embracing Constraints as Catalysts for Growth

The central insight from Oulipo applied to code is that limitations can liberate. By temporarily removing familiar tools or imposing unusual rules, programmers discover unexpected pathways and deepen their mastery of available ones. What begins as an exercise in absurdity often yields practical wisdom and renewed appreciation for the languages and techniques we employ daily.

This practice requires no special resources beyond willingness to experiment. A simple problem, a chosen constraint, and honest reflection suffice to begin. Over time, the habit of viewing constraints as invitations rather than obstacles transforms how developers approach challenges both large and small.

In a field where routine can dull creativity, the workshop of potential code offers a refreshing reminder that innovation often hides in the space between what we usually do and what becomes possible when we choose differently.

Links:

• Video: Ouvroir de Code Potentiel by Anders Norås
• Anders Norås on LinkedIn

Lecturer

Danny Leybovich is a Product Lead at Anthropic, dedicated to building the infrastructure and models that empower the next generation of AI developers. With a focus on high-reasoning models and developer experience, Danny has been instrumental in the launch of Claude Code and the evolution of Anthropic’s agentic framework. His work centers on the practical realities of moving AI from “cool demo” to “reliable autonomous system.”

Abstract

2025 marked a pivotal shift in the artificial intelligence landscape: the transition from interactive chatbots to autonomous AI agents. This article synthesizes the key discoveries made by Anthropic during this transformative year, particularly through the development of Claude Code and the deployment of the Opus 4.5 frontier model. It explores the “agentic architecture” required for long-horizon autonomous work, emphasizing the critical roles of context engineering and skill acquisition. The analysis examines the shift toward “agent-first” workflows, where the model is no longer a passive assistant but an active participant with multi-hour reasoning capabilities. By investigating patterns of reliability and the evolution of AI engineering practices, this article provides a roadmap for the next wave of agentic AI.

The Shift to Agent-First Workflows

In the early stages of generative AI, the predominant interaction pattern was the “chat” interface—a stateless exchange where a human provided a prompt and the model provided a response. 2025 saw the obsolescence of this limited model in favor of “agent-first” workflows. In an agentic architecture, the model is granted the autonomy to use tools, manage its own memory, and pursue goals over extended periods—sometimes lasting hours.

This shift changes the fundamental role of the developer. Instead of engineering a single prompt, the developer now engineers an environment in which an agent can succeed. This involves defining clear objectives, providing access to necessary APIs, and implementing “guardrails” that ensure the agent remains on track during autonomous loops. The rise of “Claude Code”—an agent that can autonomously file GitHub issues and build applications—serves as the flagship example of this transition.

Advanced Context Engineering: Beyond the Context Window

While early AI discussions focused heavily on the size of the “context window,” Anthropic’s experience in 2025 highlighted that quality of context is far more important than raw volume. Context engineering is the practice of strategically selecting and formatting the information provided to the model to maximize reasoning accuracy and minimize hallucinations.

Effective context engineering for agents involves:

1. State Management: Keeping track of what the agent has already done and what remains to be accomplished.
2. Relevant Document Retrieval: Using RAG (Retrieval-Augmented Generation) to pull only the most pertinent information into the reasoning loop.
3. Semantic Chunking: Ensuring that the information is presented in a way that the model can easily digest and connect to other data points.

By focusing on context engineering, developers can enable agents to maintain “state” across long horizons, allowing for complex tasks like refactoring an entire codebase or conducting multi-step regulatory research without losing the thread of the original objective.

Tool Construction and Skill Acquisition

A primary differentiator for AI agents is their ability to interact with the world through tools. In 2025, Anthropic refined the methodology for “teaching” agents new skills through tool construction. A “skill” is essentially a well-defined tool—such as a Python interpreter, a SQL query engine, or a web search function—that the model knows how and when to invoke.

The engineering challenge lies in creating “reliable” tools. If a tool’s output is ambiguous or inconsistent, the agent’s reasoning loop will break. Therefore, tool writing has become a core discipline within AI engineering. Developers must create tools that provide “structured feedback” to the model, allowing the agent to self-correct if a tool call fails. This iterative loop of tool use and self-correction is what allows agents to handle “long-horizon” tasks that were previously impossible for LLMs.

Analyzing the Performance of Opus 4.5

The release of the Opus 4.5 frontier model provided the reasoning “horsepower” necessary for the agentic revolution. Unlike smaller models that might prioritize speed, Opus 4.5 is optimized for high-reasoning tasks. Its performance characteristics include a significant reduction in “logic drift”—the tendency of a model to lose focus during long sequences of thought.

In production environments, Opus 4.5 has demonstrated an ability to navigate “deep” decision trees. For example, when tasked with finding a bug in a complex software system, the model can formulate a hypothesis, write a test to prove it, analyze the test results, and then iteratively refine its approach. This capability for “autonomous debugging” is a hallmark of the newest wave of AI, where the model’s intelligence is leveraged not just for text generation, but for problem-solving in dynamic environments.

Code Sample: Defining a Secure Tool for Claude Agentic Workflows

'''
 Conceptual tool definition for an Anthropic Agent
 This tool allows the agent to safely query a database
''' 

def get_tool_definition():
    return {
        "name": "query_database",
        "description": "Allows the agent to execute read-only SQL queries to retrieve customer data.",
        "input_schema": {
            "type": "object",
            "properties": {
                "query": {
                    "type": "string",
                    "description": "The SQL query to execute. Must be read-only."
                },
                "max_rows": {
                    "type": "integer",
                    "default": 10
                }
            },
            "required": ["query"]
        }
    }

'''
This structure enables the model to 'reason' about when it needs 
to fetch data versus when it can rely on its internal knowledge.
'''

Long-Horizon Autonomous Reliability

The final frontier explored in 2025 was the challenge of reliability. For an agent to be truly useful, it must be able to work for hours without human intervention. This requires a robust infrastructure that can handle model timeouts, API failures, and unexpected edge cases.

Anthropic’s research into long-horizon agents suggests that reliability is not a feature of the model alone, but a result of the model-infrastructure synergy. This includes:

• Checkpointing: Periodically saving the agent’s state so it can resume after a failure.
• Human-in-the-Loop (HITL) Triggers: Designing the agent to “ask for help” when it reaches a confidence threshold that is too low.
• Verification Loops: Implementing a secondary model or a deterministic process to verify the agent’s output before it is committed.

These patterns are what define the current state of the art in AI engineering, moving the industry toward a future where agents are trusted partners in the enterprise.

Conclusion

The lessons of 2025 are clear: the future of AI belongs to autonomous agents. By mastering the disciplines of context engineering, tool construction, and long-horizon reliability, developers can leverage models like Claude Opus 4.5 to solve problems of unprecedented complexity. As we look ahead, the trends established this year—particularly the move toward agent-first workflows—will define the next decade of technological innovation. The demo era is over; the production era of agentic AI has begun.

Links:

• Anthropic Official Website
• Claude Model Documentation
• Anthropic on AWS Bedrock

Lecturer

Andreas Dangel is a distinguished software engineer with extensive expertise in Java, Spring, SQL, and agile methodologies. With a professional career spanning several decades, he has significantly contributed to the IoT consumer electronics industry. Andreas has been a pivotal figure in the open-source community, serving as a maintainer of PMD since 2012 and a committer at the Apache Software Foundation for the Maven project. Currently based in Munich, he continues his professional endeavors at MicroDoc.

Abstract

This article explores the comprehensive transformation of PMD, a leading multi-language static code analyzer, through its significant transition to version 7. It examines the fundamental principles of PMD—including its rule-based architecture and copy-paste detection—while detailing the modernization of its core engine to support evolving language features and improved performance. The analysis highlights the challenges faced during this decade-long development cycle, the shift in architectural paradigms to accommodate complex language parsing, and the strategic roadmap for the future of automated code quality assurance.

The Architecture of Static Analysis: Understanding PMD

PMD serves as a sophisticated static code analyzer designed to identify problematic patterns, common mistakes, and stylistic inconsistencies across various programming languages. Originally established in 2002 as the “Project Mistake Detector,” the tool has evolved into a robust, rule-based ecosystem supporting over ten languages. The system’s utility is grounded in its ability to detect issues that often elude standard compilers, categorized into domains such as error-prone constructs, best practices, code style, and performance.

The engine operates on a rule-based methodology where every detectable problem is governed by a specific rule. PMD offers users more than 400 predefined rules, including 270 specifically for Java. These rules can be customized through two primary methods: writing custom Java classes or utilizing XPath expressions to query the source code’s Abstract Syntax Tree (AST). To facilitate the latter, the PMD ecosystem includes a “Rule Designer” application, allowing developers to visualize code structures and test XPath queries in real-time.

Beyond standard rule checking, PMD includes a specialized Copy-Paste Detector (CPD). Unlike the core engine, which requires deep language parsing, CPD utilizes a different technological approach that allows it to support an even broader range of languages for identifying duplicated code blocks.

Implementation and Integration Strategies

PMD’s versatility is reflected in its diverse integration options within the modern software development lifecycle. Written in Java, the tool can be executed via a simple command-line interface (CLI) or integrated into various build and development environments.

Build Tool Integration

For Java-centric projects, integration via build automation tools is the standard approach:

• Maven: Utilizing the maven-pmd-plugin, developers can automate code verification and copy-paste detection as part of the build process.
• Gradle and Ant: Similar plugins exist to ensure code quality is maintained continuously without manual intervention.
• Quality Gates: By configuring the build to fail upon rule violations, PMD serves as a mandatory quality gate, ensuring that no substandard code reaches the repository.

IDE and CI/CD Ecosystems

To provide immediate feedback, PMD supports major Integrated Development Environments (IDEs) including Eclipse, IntelliJ IDEA, and VS Code. Furthermore, it is deeply integrated into Continuous Integration (CI) services. For instance, Jenkins utilizes specialized plugins to visualize results and track the history of violations across builds, providing insights into whether code quality is improving or deteriorating over time. Modern cloud services and GitHub Apps also leverage PMD to perform automatic code reviews during pull requests, providing comments directly on the affected code blocks.

Innovations in PMD 7: Redesigning the Engine

The transition to PMD 7 represents a fundamental shift in how the tool processes source code. The primary driver for this major release was the need to overcome the limitations of the aging architecture that had been in place for nearly two decades.

The internal redesign focuses on several key areas:

1. Parsing Modern Java: As Java’s release cadence accelerated, PMD needed a more flexible way to handle new language features like records, sealed classes, and pattern matching.
2. Performance Optimization: The new version introduces architectural changes that improve the speed of analysis, particularly for large-scale projects with hundreds of rules.
3. Language Support Expansion: While Java remains a core focus, PMD 7 strengthens its multi-language capabilities, including better support for languages like Salesforce’s Apex.

One of the significant challenges in this journey was maintaining backward compatibility while significantly altering the AST structure. The development team had to balance the introduction of more descriptive node types with the risk of breaking existing custom rules written by the community.

Future Directions and Sustainability

Looking ahead, the PMD project aims to enhance its analysis capabilities by incorporating more data-flow and control-flow sensitivity. This would allow the tool to detect more complex logic errors that require understanding the state of variables across different execution paths.

Sustainability remains a focal point for the project. As an open-source initiative maintained by a small core team of three individuals and occasional contributors, the “Journey to PMD 7” also serves as a case study in open-source lifecycle management. The roadmap includes simplifying the process of writing and maintaining rules to encourage more community participation and ensuring the tool remains relevant in an era of increasing automated development.

Links:

• Andreas Dangel on LinkedIn
• PMD Project on GitHub
• Munich Java User Group (JUGM) Website
• Lecture Video: Journey to PMD 7

Lecturer
Josh Long is a Spring Developer Advocate at VMware, widely recognized as one of the most prominent voices in the Spring ecosystem. Known affectionately as “Mr. Spring,” he is the author of numerous books and a prolific speaker who travels the globe sharing insights on modern Java development. Long co-hosts the “Coffee with a Java Champion” YouTube channel and continues to champion practical, production-ready Spring applications.

Abstract
In this engaging session at Devoxx Greece 2026, Josh Long showcases the transformative capabilities of Spring Boot 4 alongside Java 25. Through live coding of a dog adoption service, he demonstrates powerful new features including virtual threads, API versioning, modular architecture with Spring Modulith, resilient patterns, and seamless integration with AI capabilities. The presentation highlights how the Spring ecosystem empowers developers to build scalable, observable, secure, and intelligent applications with remarkable efficiency.

Java 25 and the Evolution of Spring Boot 4

Spring Boot 4 represents a significant generational leap, aligned with Spring Framework 7. Long emphasizes the decomposition of auto-configuration, resulting in leaner classpaths and faster startup times. Java 25 introduces compelling enhancements, most notably the ability to run simple applications with a single void main() method, effectively delivering the first truly elegant Java scripting experience.

These advancements set the stage for building modern, efficient services that leverage the full power of the JVM while maintaining developer productivity.

Building a Modular Dog Adoption Service

Long begins with a practical example: a service to help adopt dogs. Using Spring Initializr, he configures a project with PostgreSQL, Spring Data JDBC, web support, security, observability through OpenTelemetry and Actuator, and development tools.

The application employs a clean, feature-oriented package structure rather than traditional layered architecture. Records simplify domain modeling, while Spring Data repositories provide type-safe data access with compile-time query generation via AOT processing—beneficial for both JVM and native image deployments.

API Versioning and Resilience Features

To handle evolving requirements, Long demonstrates Spring’s new API versioning capabilities. Multiple endpoint versions coexist, with sensible defaults and header-based selection, ensuring backward compatibility.

Resilience4j integration showcases retryable methods and circuit breakers. Long simulates downstream failures to illustrate automatic recovery, highlighting how declarative resilience patterns simplify robust service design.

Modular Architecture with Spring Modulith

A standout demonstration involves refactoring into feature modules—dogs, cats, and veterinary services—using Spring Modulith. This enforces architectural boundaries at compile time while supporting event-driven communication between modules through ApplicationModuleListener and the outbox pattern for reliable, eventually consistent inter-module interactions.

The framework automatically generates documentation, C4 architecture diagrams, and verifies module dependencies, bridging the gap between intended design and runtime reality.

Security and Production Readiness

Security configuration leverages Spring Security 7’s additive customizers, preserving sensible defaults while enabling features like one-time token login and password migration. Passkeys (WebAuthn) integration provides passwordless authentication using biometrics, representing a significant usability and security improvement.

Observability is built-in through Actuator and OpenTelemetry, with production considerations like resource limits addressed from the start.

Integrating AI Capabilities

Long concludes by incorporating Spring AI 2.0, demonstrating how to augment the application with intelligent assistants. Using skills and tool calling, the service can answer domain-specific questions about dogs and cats, showcasing the natural convergence of Spring Boot with modern AI workflows.

The Bright Future of Java and Spring Development

Throughout the session, Long reinforces that the combination of Java’s efficiency, Spring’s comprehensive ecosystem, and new generative AI tools positions developers exceptionally well. Despite industry hype cycles, the fundamentals of solid engineering—modularity, resilience, observability, and security—remain paramount.

Spring Boot 4 and Java 25 deliver the tools necessary to build systems that are faster, more scalable, more maintainable, and more intelligent than ever before.

Links:

• Video: Bootiful Spring Boot 4
• Josh Long on X/Twitter
• Spring Boot

Lecturer

Brian Vermeer is a Staff Developer Advocate at Snyk, where he focuses on developer security, DevSecOps practices, and emerging risks in modern application architectures. A recognized Java Champion and active community leader who co-leads the Netherlands Java User Group (NLJUG), Brian brings extensive experience in application security, secure coding, and helping organizations build more resilient systems. He frequently speaks at international conferences on topics ranging from traditional web vulnerabilities to the novel attack surfaces introduced by artificial intelligence and large language models.

Abstract

As organizations rapidly integrate Large Language Models into production applications, new categories of security and privacy vulnerabilities emerge alongside familiar web application risks. Brian Vermeer provides a compelling, demonstration-heavy exploration of these challenges through a fictional car rental application called “Really Good Rentals.” He demonstrates practical attack vectors such as prompt injection, RAG poisoning, memory manipulation, and tool abuse, while outlining layered mitigation strategies including input/output guardrails, scoped permissions, human-in-the-loop verification, and architectural defenses essential for building trustworthy LLM-powered systems.

The Allure and Inherent Risks of LLMs in Production Applications

Brian begins by drawing a relatable analogy: just as children enthusiastically misuse new toys in unexpected ways, developers often rush to incorporate powerful new technologies like LLMs without fully appreciating the expanded attack surface they create. While LLMs offer remarkable capabilities for natural language processing, code generation, and intelligent automation, they introduce significant risks when granted access to tools, user data, or execution privileges.

He presents a simplified architecture of a typical LLM-powered application, highlighting key components: user prompts, system instructions, conversation memory, retrieval-augmented generation (RAG) pipelines, and tool-calling mechanisms. Because LLMs are fundamentally stateless, the surrounding application bears responsibility for maintaining context, which creates multiple points where malicious actors can influence behavior through carefully crafted inputs.

Context Poisoning Through RAG and Memory Manipulation

A central demonstration revolves around the “Really Good Rentals” application. Brian shows how a seemingly innocuous file upload feature with inadequate path validation allows attackers to perform directory traversal and overwrite critical documents stored in the vector database, such as terms-of-service files. By injecting a modified cancellation policy containing trigger phrases like “vroom vroom,” the attacker can later invoke this policy through normal chat interactions, tricking the LLM into granting unauthorized credits or violating business rules.

This technique, termed RAG poisoning, illustrates how tainted retrieval sources can persistently influence model behavior across conversations. Similar vulnerabilities arise through traditional injection attacks in search functionality, where SQL injection not only extracts data but also poisons the conversation memory fed to the LLM on subsequent interactions. Brian emphasizes that classic web vulnerabilities gain dramatically amplified impact when they shape the context provided to powerful generative models.

Abusing Permissions, Tool Calling, and Advanced Prompt Injection

Brian demonstrates how overly broad tool permissions create dangerous scenarios. In older models like GPT-3.5, carefully crafted prompts could coerce the LLM into executing arbitrary SQL statements with destructive consequences. Even with more recent, safety-aligned models, insufficient scoping of available tools allows privilege escalation and unauthorized actions.

Advanced prompt injection techniques go beyond simple overrides. Multi-turn attacks gradually extract personally identifiable information by leveraging accumulated conversation memory. When combined with tool calling capabilities, especially with locally hosted models, attackers can trigger hallucinations that inadvertently expose sensitive data during operations such as account creation or data processing.

The presentation underscores that granting LLMs access to powerful tools without rigorous permission boundaries and validation is equivalent to giving untrusted code broad system access.

Mitigation Strategies and Architectural Defenses

Brian outlines a comprehensive defense-in-depth approach spanning multiple layers:

• Input and Output Guardrails: Deploying dedicated LLM-as-a-Judge mechanisms that evaluate both incoming prompts and generated outputs for malicious content, policy violations, or harmful instructions. These guardrails act as critical safety nets.

• Limited-Scope and Permission-Aware Tools: Designing tools with granular permissions, explicit user confirmation flows for sensitive operations, and runtime validation of actions against the authenticated user’s privileges.

• Structured Outputs and Schema Enforcement: Using techniques that force models to produce responses conforming to predefined schemas, significantly reducing the potential for unexpected or harmful outputs.

• Model Selection and Routing: Strategically routing sensitive operations to private, self-hosted models while reserving more powerful commercial models for less critical tasks.

• Traditional Security Foundations: Maintaining rigorous input sanitization, dependency updates, secure file handling, and regular security scanning. Brian stresses that foundational web application security remains non-negotiable even in AI-enhanced systems.

Additional considerations include implementing rate limiting to prevent “denial of pocket money” attacks that exhaust token quotas through malicious prompting, as well as comprehensive auditing of all tool invocations and model interactions.

Broader Implications for Secure AI Development

The talk concludes with forward-looking guidance for organizations adopting LLM technologies. Brian encourages treating LLMs as powerful but inherently unpredictable components requiring the same rigorous engineering discipline applied to any critical system. Key principles include careful context management, strict permission boundaries, deterministic fallback mechanisms where possible, and continuous security education for development teams.

By sharing concrete attack demonstrations and corresponding defenses, Brian equips attendees with actionable insights to build more secure, privacy-preserving AI applications while continuing to harness their transformative potential.

Links:

• Video: Breaching LLM-Powered Apps Overcoming Security and Privacy Challenges
• Brian Vermeer Website
• Brian Vermeer at Snyk
• Brian Vermeer on X/Twitter
• Snyk LLM Security Resources

Lecturer

The session is delivered by product managers from Amazon Web Services who oversee the development and roadmap of AWS CloudFormation and the AWS Cloud Development Kit.

Abstract

This article provides an exhaustive and detailed retrospective on the notable progress achieved throughout the past year in AWS infrastructure as code services, with particular emphasis on both AWS CloudFormation and the AWS Cloud Development Kit (CDK). It meticulously examines a range of enhancements, including improved validation mechanisms, clearer error diagnostics, expanded construct libraries, seamless integration with artificial intelligence assistance through Model Context Protocol servers, and advanced troubleshooting utilities. The discussion analyzes how these collective innovations substantially elevate deployment reliability, enhance developer productivity, and introduce greater intelligence into infrastructure management practices for organizations of all scales.

The Critical and Enduring Role of Infrastructure as Code in Modern Cloud Architectures

Infrastructure as code has firmly established itself as an indispensable discipline for enterprises striving to achieve consistency, traceability, and accelerated iteration in their cloud operations. AWS CloudFormation offers a robust declarative approach, allowing practitioners to define resources through structured templates in JSON or YAML formats, thereby guaranteeing identical provisioning outcomes across development, staging, and production environments.

Complementing this, the AWS Cloud Development Kit empowers developers with programmatic flexibility, enabling infrastructure definition in familiar programming languages while automatically generating underlying CloudFormation templates. This duality accommodates diverse team preferences and skill sets.

The advancements introduced over the year have strategically bridged these paradigms, delivering unified capabilities that address contemporary challenges related to scale, complexity, and the evolving demands of developer experience in dynamic cloud ecosystems.

Significant Refinements Enhancing AWS CloudFormation Reliability and Practitioner Usability

AWS CloudFormation has benefited from meaningful improvements in change set validation processes, enhanced clarity in error messaging, and more intuitive management of deployment workflows. These refinements work collectively to substantially reduce the frequency of failed deployments by surfacing potential conflicts, resource constraints, or configuration incompatibilities earlier in the provisioning lifecycle.

Furthermore, the introduction of server-side APIs now enables programmatic pre-validation of proposed changes, allowing integration into continuous integration pipelines for automated safeguards that prevent runtime disruptions and promote greater confidence in infrastructure updates.

Substantial Growth and Maturation Within the AWS Cloud Development Kit Ecosystem

The AWS Cloud Development Kit has experienced considerable expansion in supported programming languages and the availability of high-level constructs. Numerous libraries, both community-contributed and AWS-maintained, have progressed from experimental developer preview stages to full general availability, covering an extensive array of common architectural patterns across networking, security, serverless computing, and data processing domains.

This maturation process provides developers with higher-level abstractions that encapsulate established best practices, thereby significantly reducing the amount of boilerplate code required and promoting greater architectural consistency across distributed teams.

Transformative Integration of Artificial Intelligence Assistance Through Model Context Protocol Servers

One of the most pivotal innovations involves the creation of specialized Model Context Protocol servers tailored specifically for CDK and CloudFormation contexts. These servers curate and expose AWS-specific expertise—including recommended practices, construct libraries at various maturity levels, and detailed cloud context information—directly to artificial intelligence-powered coding assistants.

As a result, developers receive highly contextually relevant suggestions that align precisely with AWS service conventions and idioms, dramatically accelerating the creation of secure, efficient, and idiomatic implementations while substantially lowering the cognitive burden associated with recalling intricate service details.

Strengthening Troubleshooting and Validation Tooling for Proactive Issue Resolution

New diagnostic capabilities encompass server-side APIs designed for interrogating deployment states and identifying root causes of issues, complemented by local static analysis utilities that perform early detection of syntax errors within CDK source code.

These tools operate across both programmatic CDK definitions and the generated CloudFormation templates, enabling practitioners to identify and resolve configuration problems well before they manifest during actual deployments.

Community-Driven Construct Libraries and Enhanced Cloud Context Integration

The ecosystem continues to benefit from active contributions spanning AWS internal teams and external community participants, with constructs systematically progressing through alpha evaluation and eventual general availability phases.

Additional cloud context features further enrich artificial intelligence interactions by providing service-specific insights and recommendations.

Practitioners are strongly encouraged to explore dedicated workshops that offer guided paths for understanding and implementing MCP server integration in real-world scenarios.

Measurable Organizational Benefits and Strategic Adoption Considerations

These multifaceted improvements collectively lower entry barriers for effective infrastructure management while delivering tangible advantages. Development teams realize enhanced confidence in deployment outcomes, accelerated onboarding for new members, and improved adherence to evolving architectural standards across projects.

The incorporation of artificial intelligence guidance represents a fundamental paradigm shift toward more intelligent, assisted development experiences that amplify human expertise rather than seeking to replace it.

Looking Toward the Future of Intelligent Infrastructure Orchestration

Continued investment in these areas clearly signals an ongoing commitment to deepening the convergence between programmatic expressiveness and declarative safety, increasingly augmented by artificial intelligence capabilities that guide practitioners toward optimal architectural outcomes.

Organizations that fully leverage these evolving tools position themselves advantageously for sustained operational excellence amid the accelerating complexity of modern cloud environments.

Links:

• Lecture Video

Lecturer

Dario Tranchitella serves as the Chief Technology Officer at Clastix, a startup he co-founded in 2020 during the global pandemic. With a background as a site reliability engineer and software developer, Dario specializes in Kubernetes engineering and multi-tenancy solutions. He has extensive experience managing large-scale Kubernetes fleets and contributes to open-source projects, drawing from his prior roles in the tech industry. Relevant links include his LinkedIn profile (https://it.linkedin.com/in/dariotranchitella) and Clastix’s website (https://clastix.io/).

Abstract

This article explores Dario Tranchitella’s insights into scaling Kubernetes through Kamaji, an open-source initiative transforming Kubernetes into a control-plane-as-a-service platform. Originating from real operational challenges, the discussion dissects Kubernetes architecture, the hosted control plane model, community-driven evolution, and adoption by major entities. It analyzes methodologies for multi-tenancy, resource optimization, and resilience, while considering implications for large-scale deployments in cloud-native environments.

Origins and Challenges in Kubernetes Management

Dario’s journey with Kamaji began amid personal and professional turmoil, exemplified by an outage during his father’s wedding that required restoring a Kubernetes cluster. This incident underscored the operational and financial hurdles of scaling Kubernetes beyond a few clusters. As a former site reliability engineer managing a fleet for a U.S. company, Dario encountered the complexities of multi-tenancy, where infrastructure or applications are shared among tenants—be they customers or internal teams—while ensuring fair resource allocation and preventing privilege escalation.

Kubernetes, donated to the Cloud Native Computing Foundation (CNCF), orchestrates containers in a distributed system comprising a control plane and worker nodes. The control plane acts as the “brain,” maintaining application states, while worker nodes provide computational power. Dario likens this to a reconciliation loop: users specify desired states, and Kubernetes aligns current states accordingly, handling tasks like load balancing without manual intervention. It runs ubiquitously—on laptops, clouds, bare metal, or edge devices—abstracting deployment details.

However, scaling introduces bottlenecks. The control plane includes the API server for information handling, the controller manager for reconciliation loops, the scheduler for pod placement to avoid single points of failure, and etcd for state storage using the Raft consensus algorithm. Etcd requires at least three instances for fault tolerance (n/2 + 1), making it resource-intensive and a primary challenge in multi-tenant setups.

In multi-tenancy, Dario emphasizes dividing resources imperatively, akin to apartments in a building: tenants occupy their spaces without infringing on others. Kubernetes excels here, but traditional setups demand separate clusters per tenant to isolate workloads, leading to overhead. Dario’s prior experience revealed inefficiencies, prompting Kamaji’s creation to address these pain points.

The Kamaji Architecture and Hosted Control Plane Model

Kamaji redefines Kubernetes by running control planes as regular pods within a management cluster, adopting a hosted control plane architecture. This separates control planes from worker nodes, allowing a single management cluster to host multiple tenant control planes efficiently. Worker nodes join via the management cluster’s API endpoint, optimizing resources and reducing costs.

Dario contrasts this with traditional setups: instead of dedicating machines per control plane, Kamaji leverages Kubernetes’ scheduling for etcd and other components as pods. This “Kubernetes-in-Kubernetes” approach, inspired by Google’s 2017 Kubernetes Engine, avoids vendor lock-in by supporting tools like kubeadm for certificate management and cluster bootstrapping.

Key innovations include multi-tenant datastores: Kamaji supports etcd, PostgreSQL, or MySQL, allowing collision of databases into single instances for optimization, though Dario advises multiple clusters to minimize blast radius. Scalability tests show a single management cluster handling up to a thousand control planes, but he recommends diversification for resilience.

Methodologically, Kamaji integrates with community projects like Cluster API for node provisioning across providers (Azure, AWS, Google). It avoids reinventing orchestration, focusing solely on control planes while enabling seamless worker node integration. Code samples illustrate simplicity:

apiVersion: kamaji.clastix.io/v1alpha1
kind: TenantControlPlane
metadata:
  name: example
spec:
  kubernetes:
    version: v1.25.0
  dataStore:
    name: default

This YAML defines a tenant control plane, specifying Kubernetes version and datastore, demonstrating declarative management.

Implications include cost savings—reducing dedicated machines—and operational ease, as upgrades affect only the management cluster without tenant disruption.

Community Collaboration and Evolution of Kamaji

Kamaji’s growth stems from open-source collaboration since its 2022 launch at KubeCon Valencia. Dario highlights cross-pollination with organizations like NVIDIA, Rackspace, OVH, Ionos, and the CNCF community. Early adopters provided feedback, debunking scalability myths and proving PostgreSQL viability as an etcd alternative.

Dario’s philosophy: “Do what you love,” drove pursuits like running Kubernetes on PostgreSQL, challenging skeptics. Community tools like Kine (etcd shim) enabled alternative datastores, enhancing flexibility.

Evangelism involved panels at conferences, demystifying hosted control planes alongside Red Hat’s Hypershift and Mirantis’ K0s. Despite similarities, Kamaji’s vanilla Kubernetes focus and multi-datastore support differentiate it.

Code integration with kubeadm ensures portability:

kamaji create --kubeadm-config /path/to/config.yaml

This command bootstraps clusters, allowing imports from existing setups without lock-in.

Consequences: Kamaji fosters a collaborative ecosystem, reducing proprietary dependencies and promoting standards. Adoption by giants validates its scalability, though Dario cautions against over-reliance on single clusters.

Implications for Cloud-Native Scalability and Future Directions

Kamaji addresses Kubernetes’ scaling pains by commoditizing control planes, lowering barriers for multi-tenant platforms. It optimizes resources, crucial in cloud environments where costs accumulate. By hosting control planes as pods, it leverages Kubernetes’ strengths for self-management, a meta-approach enhancing resilience.

Broader implications include democratizing large-scale deployments: smaller teams manage vast fleets without proportional infrastructure. However, Dario stresses evaluating trade-offs—colliding datastores risks contention, necessitating careful architecture.

Future directions involve deeper community integration, potentially expanding to more datastores or advanced scheduling. Kamaji’s open-source ethos ensures evolution through contributions, avoiding silos.

In conclusion, Dario’s work with Kamaji exemplifies pragmatic innovation in cloud-native computing, balancing efficiency, resilience, and community-driven progress.

Links:

• Lecture Video
• Dario Tranchitella on LinkedIn
• Clastix Website

Lecturer

Jordan Miller is a Staff Software Engineer at Nubank, where she is a core member of the Datomic team, specifically focusing on developer success and the evolution of the database product. Jordan is a prominent figure in the Clojure community, serving as the co-founder of Clojure Camp, a co-author of Clojure Brain Teasers, and the producer/host of the Lost In Lambduhhs podcast. Her professional background is marked by a deep passion for functional programming and a commitment to making complex technical systems accessible to a wider audience.

Abstract

Since its acquisition by Nubank in 2020, Datomic has transitioned from a specialized tool for discerning architects to the foundational storage layer of one of the world’s largest independent banks. This article explores the symbiotic relationship between Nubank’s mission to simplify banking and Datomic’s philosophy of data-driven simplicity. We analyze the technical challenges of scaling Datomic to serve over 114 million customers, focusing on innovations such as “implicit partitions” and the architectural shifts required to maintain a global-scale financial system. Furthermore, we examine how the “Datomic-as-a-Service” model within Nubank empowers thousands of developers to build resilient, high-performance microservices while maintaining the lowest cost-to-serve in the banking industry.

Simplicity as a Mission: The Nubank and Datomic Alignment

The acquisition of Cognitect (the creators of Clojure and Datomic) by Nubank was more than a corporate transaction; it was a meeting of shared values. Nubank was founded with the explicit goal of reducing the extreme complexity and high costs of the Brazilian banking sector. At the time, millions of Brazilians were unbanked, and interest rates for personal loans often exceeded 100% per year. Nubank sought to disrupt this by building a bank that was digital-first, customer-centric, and architecturally simple.
Datomic, with its focus on immutability, “database-as-a-value,” and the separation of reads from writes, provided the perfect technical backbone for this mission. Jordan highlights that the alignment on “simplicity” allowed the partnership to flourish. Today, Nubank serves 114.3 million users with an 83% activity rate, largely fueled by word-of-mouth referrals. The bank’s ability to scale rapidly while maintaining the lowest cost-to-serve globally is a direct consequence of an architecture that prioritizes developer productivity and system reliability through Datomic.

Architectural Innovation: Scaling the Immutable Store

Scaling a database to handle the needs of over 100 million customers requires rethinking traditional storage patterns. Within Nubank, Datomic is not just a database; it is a managed service provided to over 3,000 developers working across 1,000 microservices. This “Datomic-as-a-Service” (DaaS) model ensures that individual product teams do not need to worry about provisioning or maintaining their own database clusters.
A key innovation discussed by Jordan is the concept of implicit partitions. In standard Datomic, partitions are a way to group related data for better locality and performance. However, as the number of services and the volume of data grew at Nubank, manual partition management became a bottleneck. The Datomic team developed implicit partitions to automate this process, allowing the system to handle massive growth without manual intervention. This technical advancement is part of a broader effort to make Datomic “invisible” to the developer, allowing them to focus on business logic rather than storage mechanics.

The Power of “Database-as-a-Value”

The fundamental innovation of Datomic—treating the database as an immutable value—is what enables Nubank’s high-scale operations. In a traditional SQL database, “the” database is a moving target that changes with every update. In Datomic, a process can take a “snapshot” of the database at a specific point in time and perform complex queries against that static value. This eliminates many of the concurrency issues found in traditional systems and makes it trivial to implement features like “time-travel” auditing, which is critical for financial compliance.

Developer Success and the Future of Datomic

Jordan’s role at Nubank emphasizes that the success of a technology is as much about the people using it as it is about the code itself. The Datomic team at Nubank is committed to “Developer Success,” which involves building tools, documentation, and a culture that helps engineers leverage the database effectively. This includes the creation of a “Datomic Workshop” and active engagement with the Clojure community to ensure that Datomic continues to evolve as a world-class product.
The results of this focus are evident in Nubank’s operational efficiency. By providing a unified, simple, and powerful storage abstraction, Nubank has managed to grow by an average of 13 million customers per year since 2015 while keeping its infrastructure costs significantly lower than traditional banks. This demonstrates that functional programming and immutable databases are not just academic curiosities but are viable, high-performance solutions for the world’s most demanding financial environments.

Links:

• Jordan Miller on LinkedIn
• Nubank Official Website
• Datomic Official Website
• Watch the Lecture: Datomic at Nubank

Lecturer

Alex Soto is the Director of Developer Experience at Red Hat, a Java Champion, and an advocate for open-source software. With over 17 years in the tech industry, he specializes in Java development, software automation, and AI integration. Soto is a prolific author, having co-authored books like “Applied AI for Enterprise Java Developers” and “Quarkus Cookbook,” and he frequently speaks on testing, cloud-native applications, and AI challenges.

• Alex Soto on LinkedIn
• Alex Soto on GitHub
• Red Hat Developer Profile

Abstract

This article examines the complexities of testing AI-integrated applications, addressing challenges like non-deterministic outputs, hallucinations, and bias. It discusses strategies for ensuring reliability, including synthetic data generation, evaluation metrics, and model-assisted testing. Drawing on practical examples, it highlights methodologies for validating both deterministic and probabilistic components, emphasizing the role of data scientists and robust testing frameworks in building trustworthy AI systems.

Challenges in Testing AI-Integrated Applications

Integrating large language models (LLMs) into applications introduces unique testing hurdles, primarily due to their non-deterministic nature. Responses from models like GPT or Grok vary even for identical inputs, complicating assertions. For instance, querying an image might yield “cat” one time and “kitten” another, rendering strict equality checks ineffective. This unpredictability stems from the probabilistic architecture of LLMs, which prioritize generating plausible answers over consistency.

Hallucinations exacerbate this: models may produce inconsistent outputs (e.g., “Alex is tall and short”), input-output mismatches (e.g., rude responses despite politeness prompts), or factually incorrect information (e.g., “the Earth is flat”). Such behaviors, akin to journalists offering opinions on unfamiliar topics, necessitate specialized testing to detect and mitigate risks.

Traditional testing paradigms falter here, as AI components act as “black boxes.” Developers must treat models as external services, focusing on integration points while acknowledging limited control over internal mechanics.

Strategies for Handling Non-Determinism and Hallucinations

To address non-determinism, employ evaluation metrics over binary pass/fail. Tools like Ragas compute faithfulness (alignment with context), answer relevance, and contextual precision. For example, in retrieval-augmented generation (RAG), Ragas assesses if responses accurately reflect retrieved documents, using scores from 0 to 1.

Synthetic data generation enhances testing realism. LLMs can create diverse datasets, simulating user inputs without privacy concerns. In a pet clinic demo, a model populates forms with realistic personas, verifying outputs against expectations.

For hallucinations, chain-of-thought prompting guides models toward reasoned responses, reducing errors. Assertions check for inconsistencies, such as ensuring polite outputs or factual accuracy via external verifiers.

Code for Ragas evaluation in Java:

import dev.langchain4j.rag.query.Query;
import io.ragas.RagasEvaluator;

RagasEvaluator evaluator = new RagasEvaluator();
Query query = new Query("What is Spring Boot?");
String response = model.generate(query);
double faithfulness = evaluator.evaluateFaithfulness(response, context);
assert faithfulness > 0.8;

This quantifies response quality, enabling threshold-based assertions.

Model-Assisted Testing and Integration Approaches

Leverage AI for test creation and execution. Tools like MCPlaywright use models to script browser interactions, generating tests dynamically. In the pet clinic example, prompts instruct models to navigate, fill forms with synthetic data, and verify tables, outputting pass/fail.

Involve data scientists early for model-specific insights, ensuring tests cover bias and drift. Test deterministic parts (e.g., API routing) separately from AI components, using mocks for isolation.

Be resource-conscious: unnecessary politeness in prompts wastes compute (e.g., “thank you” equates to energy for three water bottles). Focus on rude, direct interactions for efficiency.

Implications for Reliable AI Development

Testing AI apps demands a paradigm shift toward probabilistic validation, blending traditional unit tests with advanced evaluators. Synthetic data and model-assisted tools democratize realistic testing, but require strong testing fundamentals. As AI permeates critical systems, these strategies ensure fairness, safety, and robustness, mitigating risks like hallucinations in production.

Future directions include AI-driven test optimization, reducing human effort while enhancing coverage. Developers must balance innovation with rigor, treating AI as an enhancement rather than a core dependency.

Links:

• Lecture Video
• Slides
• Alex Soto on LinkedIn
• Alex Soto on GitHub

Lecturer

Joshua Smith is a Senior Solutions Architect at Amazon Web Services (AWS), specializing in financial services. He collaborates closely with major institutions to design scalable, secure cloud architectures.
Vara Maharivan serves as Director of Machine Learning and Artificial Intelligence at Coinbase, leading the company’s efforts to integrate advanced AI and machine learning capabilities across its cryptocurrency platform.

Abstract

This session examines how Coinbase, a leading cryptocurrency exchange, has deployed a unified generative AI platform built on Amazon Bedrock to transform three critical operational domains: customer support, regulatory compliance, and internal developer productivity. The presentation details the architectural approach, key AWS services leveraged, real-world performance metrics, and the strategic roadmap ahead. By combining retrieval-augmented generation (RAG), tool execution, and domain-specific agents, Coinbase has achieved substantial automation, cost efficiencies, and enhanced user experiences while maintaining rigorous security and compliance standards.

The Evolution of Generative AI in Financial Services

Joshua Smith opened the discussion by contextualizing the rapid maturation of generative AI within financial services. In 2023, early adoption centered on foundational concerns such as data trust and secure retrieval mechanisms. By 2024, the introduction of Amazon Bedrock enabled broader experimentation in areas like customer support, with focus shifting toward scalability, granular access controls, and integration with existing enterprise tools. Entering 2025, the landscape has progressed toward fully agentic, multi-agent systems capable of autonomously orchestrating complex workflows.

Smith emphasized that the primary challenge is no longer prototyping conversational interfaces but rather re-engineering entire business processes to deliver measurable impact on key performance indicators. This shift demands robust infrastructure, advanced security primitives, and operational frameworks tailored for agentic workloads.

AWS Services Enabling Production-Grade Agentic AI

Central to the discussion was Amazon Bedrock, a fully managed service providing access to leading foundation models through a unified API. Bedrock supports private model customization, guardrails for safety, cost-latency optimization, and, notably, Agent Core—a suite of capabilities designed to operationalize agents at scale.

Agent Core addresses critical production gaps: a serverless runtime supporting long-running multimodal agents (up to eight hours), checkpointing and recovery, identity management compatible with existing providers, secure token vaults, shared and private memory, tool discovery with fine-grained controls, and centralized observability combining logs, traces, and metrics. These components collectively mitigate risks highlighted in industry reports, such as escalating costs, unclear value, and insufficient security, which threaten the viability of agentic initiatives.

Coinbase’s Strategic Vision for AI Integration

Vara Maharivan outlined Coinbase’s mission to increase economic freedom through a trusted global cryptocurrency platform. The company rests on three pillars: building trust via top-tier security, enhancing accessibility through intuitive experiences, and scaling operations efficiently across more than 100 countries.

AI and machine learning have long underpinned fraud detection, risk assessment, personalization, and infrastructure scaling at Coinbase. Recent innovations include graph neural network-based risk scoring for blockchain addresses, ERC-20 scam token detection combining smart contract auditing with ML, and predictive scaling models to handle market volatility.

With the advent of large language models, Coinbase identified three high-impact generative AI domains: customer support automation, compliance process acceleration, and developer productivity enhancement.

Transforming Customer Support with Agentic Workflows

Crypto markets exhibit extreme volatility, driving unpredictable spikes in user inquiries that challenge traditional human-staffed support models. Coinbase addressed this through a unified generative AI platform granting fluid access to models and internal data via standardized interfaces.

The architecture features a virtual assistant handling routine interactions autonomously and an agent-assist tool empowering human representatives. The virtual assistant resolves straightforward cases end-to-end, while the assistive tool synthesizes real-time information from knowledge bases and tools, providing agents with contextual summaries, suggested responses, and multilingual capabilities.

Results demonstrate significant impact: approximately 65% of customer contacts are now automated, yielding nearly five million annualized employee-hour savings. Automated cases resolve in under ten minutes—contrasting sharply with up to forty minutes for human-handled escalations—dramatically improving customer satisfaction and operational efficiency.

Streamlining Compliance through AI-Augmented Investigations

Regulatory compliance in financial services demands rigorous processes such as KYC, KYB, and transaction monitoring. These workflows are labor-intensive, require exhaustive explainability, and must adapt to diverse jurisdictional requirements.

Coinbase augmented traditional ML-based risk detection models (deployed via Anyscale on AWS EKS) with generative AI. A compliance-assist tool aggregates data from internal systems and open-source intelligence, producing narrative summaries and risk signals for human reviewers.

At the core lies an autoresolution engine orchestrating holistic reviews. Upon a high-risk alert, the engine coordinates data synthesis, automated actions, human-in-the-loop feedback, and customer information requests. Final decisions—such as filing Suspicious Activity Reports—remain with human compliance officers, preserving accountability while accelerating throughput and consistency.

Boosting Developer Productivity across the SDLC

Developer efficiency emerged as another strategic priority. Coinbase provides multiple best-in-class coding assistants (e.g., Claude Code, Cursor) powered by Anthropic models via Bedrock, allowing engineers to select preferred tools.

A custom GitHub Action automates pull-request reviews: summarizing changes, generating natural-language comments, enforcing conventions, identifying testing gaps, and offering debugging guidance for CI failures. This shifts human review toward higher-value architectural concerns.

For quality assurance, an in-house UI testing tool translates natural-language test descriptions into autonomous browser actions across form factors, achieving parity with human accuracy, triple the bug-detection rate, and 86% cost reduction versus manual testing.

Quantifiable outcomes include nearly 40% of daily code being AI-generated or influenced (targeting 50%), 75,000 annual hours saved via automated PR reviews, and dramatically faster test introduction.

Future Directions and Platform Modernization

Coinbase aims to democratize agentic AI across the organization, enabling every employee to experiment and innovate. Ongoing efforts focus on modernizing existing tools and scaling enterprise-wide impact.

Agent Core features—secure deployment, robust identity management, advanced memory, and interoperability—are viewed as pivotal for the next phase of expansion.

Conclusion

The Coinbase case illustrates a mature approach to generative AI deployment: leveraging a unified platform on Amazon Bedrock to address volatility-driven operational challenges while upholding security and regulatory standards. By combining autonomous agents, human augmentation, and rigorous evaluation, the company has realized substantial automation, cost savings, and quality improvements across support, compliance, and engineering functions. As agentic systems evolve, such integrated architectures offer a blueprint for financial institutions seeking transformative efficiency without compromising trust.

Links:

• Lecture video