Newslurp

<< Stories

State of Cloud Security ๐Ÿฅท, Impact of Coding Agents โœจ, Googleโ€™s Antigravity ๐Ÿ”ฎ

TLDR DevOps <dan@tldrnewsletter.com>

November 19, 12:11 pm

TLDR DevOps
A large study of tens of thousands of Cursor users found that after agents became the default, organizations merged 39% more PRs โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ  โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ โ€Œ 

TLDR

Together With Dynatrace

TLDR DevOps 2025-11-19

๐Ÿ“‹ Reducing the cloud-native attack surface: a checklist for Platform engineers and SREs (Sponsor)

Every dynamic workload and AI model deployment expands the attack surface in ways traditional security tools weren't built to handle.

Ephemeral containers, multi-cloud sprawl, autonomous AI decisions โ€” all of these create risks that aren't detected by static scanners and legacy tools.

Dynatriace developed this checklist to give platform engineers and SREs an automation-ready framework to manage modern risks:

โ˜‘๏ธ Vulnerability and risk management for cloud-native stacks

โ˜‘๏ธ Observability-driven security posture management

โ˜‘๏ธ Incident response for container environments

โ˜‘๏ธ Asset inventory across multi-cloud deploymens

Get the Attack Surface Reduction Checklist โ†—๏ธ

๐Ÿ“ฑ

News & Trends

Key learnings from Datadog's 2025 State of Cloud Security study (12 minute read)

Datadog's 2025 State of Cloud Security study revealed persistent weaknesses across AWS, Azure, and Google Cloud, including widespread use of long-lived credentials, lagging adoption of IMDSv2, and insufficient guardrails against public storage access. Datadog Cloud Security helps organizations strengthen their posture by enforcing organizational guardrails, identifying risky workloads, securing data perimeters, and detecting misconfigurations across multi-cloud environments.
Replicate is joining Cloudflare (6 minute read)

Replicate, a platform for running AI models, has been acquired by Cloudflare to integrate Replicate's platform directly into Cloudflare and expand the model catalog. As part of the acquisition, Replicate's 50,000+ open-source models and fine-tunes will be brought to Workers AI. Cloudflare plans to introduce fine-tuning capabilities and custom model support to Workers AI, leveraging Replicate's Cog tool. Current users of Replicate and Workers AI can expect uninterrupted service and enhanced performance due to Cloudflare's global network.
Kgateway v2.1 is released! (5 minute read)

Kgateway v2.1 features agentgateway integration for AI connectivity, Kubernetes Gateway API v1.3.0 conformance, and global namespace policies.
๐Ÿš€

Opinions & Tutorials

Azure Developer CLI: Azure Container Apps Dev-to-Prod Deployment with Layered Infrastructure (8 minute read)

This guide explains how to use Azure Developer CLI v1.20.0 with Azure Container Apps to implement a โ€œbuild once, deploy everywhereโ€ workflow through separate container operations and layered infrastructure. It demonstrates how to deploy a Flask application across development and production environments using shared resources, CI/CD pipelines, and GitHub Actions for consistent container management.
The productivity impact of coding agents (3 minute read)

A large study of tens of thousands of Cursor users found that after agents became the default, organizations merged 39% more PRs with no increase in revert or bug-fix rates. Senior developers accepted agent-written code more often, planned more before coding, and generally used agents more effectively, while most user requests (61%) were for code implementation
How when AWS was down, we were not (30 minute read)

Authress stayed up during the major us-east-1 AWS outage by engineering for 5-nines reliability: eliminating unreliable dependencies, using multi-region and edge failover, running custom health checks, doing incremental rollouts, and applying anomaly detection, rate-limits, and customer-driven incident signals. Their architecture assumes โ€œeverything fails,โ€ so they continuously validate data, automatically fail over regions, block abusive traffic, and treat customer support as part of their reliability system.
๐Ÿง‘โ€๐Ÿ’ป

Resources & Tools

Plan Your IT and Security Convergence (Sponsor)

Need a roadmap for uniting ITOps and SecOps? Download the IT & Security Operations Convergence Project Template by N-able. Use this template to track actionable steps and apply a strategic approach to identify, prioritize, and manage initiatives - as well as align people, process, and technology for stronger security and streamlined operations. Get the template now.
Atuin Desktop (GitHub Repo)

Atuin Desktop, a local-first runbook editor currently in open beta, aims to bridge the gap between documentation and automation for terminal workflows. The editor allows users to create executable runbooks that can be used to solve common infrastructure problems.
Google Antigravity (Resource)

Google Antigravity is an agent-first development platform that pairs an AI-powered IDE with autonomous agents capable of planning and executing complex software tasks across multiple surfaces. It adds task-level transparency, async agent management, easy feedback, and built-in learning to support higher-autonomy coding with models like Gemini 3.
๐ŸŽ

Miscellaneous

How Dash uses context engineering for smarter AI (7 minute read)

Dropbox Dash has evolved from a search system into an agentic AI to better interpret, summarize, and act on information, requiring a shift towards context engineering. Dash curates context through retrieval consolidation, relevant context filtering, and specialized task agents to improve the AI's decision-making, addressing issues like "analysis paralysis" and "context rot" that arise with too many tools and excessive data.
Cloudflare outage on November 18, 2025 (12 minute read)

Cloudflare's global outage yesterday was caused by a ClickHouse permissions change that accidentally doubled the size of a Bot Management โ€œfeature file,โ€ exceeding a hard-coded limit and causing the core proxy (FL/FL2) to crash and return widespread 5xx errors. After initially suspecting a DDoS attack, Cloudflare stopped propagation of the bad file, restored a known-good version, and fully recovered services by 17:06 UTC.
โšก

Quick Links

5 ways to secure a PDF (Sponsor)

PDFs can be a security blindspot. Learn the best ways to protect your PDFs - from watermarking the doc to redacting sensitive data. Read more on the Datalogics blog
5 most overlooked but critical considerations in container platform selection (5 minute read)

Selecting a future-ready container platform requires attention to often-overlooked factors such as rapid access to new Kubernetes releases, long standard support lifecycles, and the ability to run multiple Kubernetes versions on shared hosts for efficiency.
GKE: From containers to agents, the unified platform for every modern workload (5 minute read)

Google Kubernetes Engine marked its 10th anniversary with major innovations to support AI and agentic workloads.

Love TLDR? Tell your friends and get rewards!

Share your referral link below with friends to get free TLDR swag!
https://refer.tldr.tech/fc7198a6/10
Track your referrals here.

Want to advertise in TLDR? ๐Ÿ“ฐ

If your company is interested in reaching an audience of devops professionals and decision makers, you may want to advertise with us.

Want to work at TLDR? ๐Ÿ’ผ

Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!

If you have any comments or feedback, just respond to this email!

Thanks for reading,
Kunal Desai & Martin Hauskrecht


Manage your subscriptions to our other newsletters on tech, startups, and programming. Or if TLDR DevOps isn't for you, please unsubscribe.