Mila's sixth birthday. Cake from De Drie Graefjes Zuid.
MCP Security Guide
My pal Adib Saikali wrote up an MCP security guide covering how to think about securing MCP servers in the enterprise (no lead-generation required, just a straight-up PDF download). It gets into access tiers (open, group, and user-level servers), authentication with OAuth 2.1, identity propagation models (when to use service accounts vs. forwarding user identity), and how an MCP gateway gives you a governed chokepoint for auth, observability, and capability filtering.
KubeCon EU 2026, bottlenecks, Corporate Bullshit Receptivity, and the End of the Meat-Mouse - Related to your interests, Wednesday
Also: sovereign AI, Claude Code auto mode, FCC bans foreign routers, Walmart digital price tags
KubeCon EU 2026 KubeCon is crazy big. James says something like 13,500+ people. They’re going for another infrastructure grab: all the stuff used to run AI. It’s worth asking who they’re competing with there. I have no idea how OpenAI and Claude run the AI PaaSes they’v built - the ones that everyone is bonkers for.
Kubernetes is the bottleneck, and you can get through it with a platform
Photo by Daniel Bryant. Another great KubeCon talk from Abby Bangser imploring the Kubernetes people to remember how important platforms are: they make all of his stuff usable for developers and valuable to the organizations that run it all. Without a platform, you’re just put another bottleneck in place.
Also, see the go she started, along with others, at codifying what makes a good platform, at a technical level, here.
VMware/Broadcom at KubeCon EU 2026
Here’s Claude’s take on VMware’s stuff at KubeCon - just some light editing for me.
KubeCon + CloudNativeCon Europe 2026 ran March 23-26 in Amsterdam. Here’s what VMware by Broadcom announced.
VKS 3.6 Ships The VKS stack as seen at VMUG Connect Amsterdam 2026. VMware vSphere Kubernetes Service 3.6 shipped with Kubernetes 1.35 support, RHEL 9 compatibility, declarative performance tuning, and improved upgrade safety targeting enterprise platform teams. The day-two operations framing is the key story - VKS 3.
The end of the meat-mouse
The agency in agentic AI feels a lot more like giving the users - the humans - agency they didn’t have. That’s what’s making it useful for me, from sorting out dumb-shit home-networking incompatibilities, figuring out taxes, and otherwise sorting my shit out. When you unleash something like Claude code on all the messy and neglected rooms in your life, you start to clean-up and pay attention more.
There’s a very bottoms-up thing here.
The Mythical Agent-Month, Retirement Cartoons, and Coffee Brains - Related to your interests, Monday
Spotted in the Tenerife South Airport, February, 2026.Related to your interestsBroadcom Empowers Platform Engineers to Accelerate AI and Modern Application Innovation on Kubernetes - Round-up of VMware Kubernetes releases and announcements at KubeConEU 2026.
Strengthening the Cloud-Native Ecosystem Through Upstream Collaboration - VMware’s open source work in the kubernetes community.
Broadcom expands Kubernetes support with VKS upgrades, open-source contributions and new partnerships - analysis thereof.
The Mythical Agent-Month - “Put another way, agents are so good at attacking accidental complexity that they generate new accidental complexity that can get in the way of the essential structure that you are trying to build.
Using AI to help with SRE, ops, etc.:
The problem, he said, is that Claude “will get wrong correlation versus causation.” It’s like a new joiner on the team, they will think “oh, it’s a capacity problem, when actually you lost your cache.” “This is why we can’t trust LLMs for incident response,” said Palcuie. The problem is its inability to “step back and start discerning between causation and correlation… For us humans, it is hard as well.”
And:
The Jevons Paradox, said Palcuie, is “the favorite paradox in the AI industry. It’s when technological improvements increase the efficiency of our resources used, but the resulting lower cost causes consumption to rise rather than fall.”
In the case of software, “it’s easier to write software, so we write much more of it, so the complexity goes up and not down, which means things break in more interesting ways, which means more incidents, more on call… all the improvements in the tooling will be cancelled by this ever-growing complexity.”
From: Fixing Claude with Claude: Anthropic reports on AI site reliability engineering
Using AI for security log analysis and how to fix it suggestions:
Building on that foundation, leading the list of announcements is a strategy described as an “agentic security operations center” powered by its latest Gemini AI models. Google is introducing adaptive AI agents that can investigate alerts, synthesize intelligence and assist in remediation workflows in real time, which replace the need to rely on static playbooks.
The new Triage and Investigation agent is designed to autonomously analyze alerts, gather supporting evidence and deliver reasoned verdicts to help security teams reduce response times and cut through growing volumes of false positives. The new agent is now available in preview within Google Security Operations.
Google is also extending its agentic approach by allowing customers to build their own enterprise-ready security agents through support for Model Context Protocol servers. The capability removes the need for organizations to host their own MCP client infrastructure to deliver unified governance and control over custom agents, with general availability expected in early April.
Enterprise ROI: Banking edition
Maybe no new banking businesses from AI yet:
“It is a long, expensive and risk-constrained transformation,” Wells Fargo analyst Mike Mayo wrote in a note to investors last week. “Indeed, we can’t find one extremely noteworthy new product or service from AI in these very early days (it’s been a little boring from a product standpoint).”
But, when it comes to running the bank:
Jamie Dimon, the CEO of JPMorgan, the biggest U.