Crazy! Eager to see how this foundational model space goes.
Readit Newsselinkocalar commented on Anthropic in Talks to Raise Up to $10B in New Funding bloomberg.com/news/articl... · Posted by u/htrp
selinkocalar commented on Copilot broke audit logs, but Microsoft won't tell customers pistachioapp.com/blog/cop... · Posted by u/Sayrus
This is terrifying from a compliance perspective. Audit logs are literally the foundation of every security framework - SOC 2, HIPAA, ISO 27001, you name it.
If your audit logs are broken and you don't know it, you're not just non-compliant - you have no idea what's happening in your environment. The fact that Microsoft isn't proactively notifying customers makes this 10x worse. How many companies are going into audits with incomplete logs and don't even know it?
selinkocalar commented on PyPI Preventing Domain Resurrection Attacks blog.pypi.org/posts/2025-... · Posted by u/pabs3
This is exactly the kind of proactive security thinking we need more of. Supply chain attacks are getting more sophisticated, and preventing domain resurrection attacks is smart defensive strategy. Too many security incidents happen because someone thought "that'll never happen to us." PyPI is thinking ahead about attack vectors before they become widespread problems.
This is why I'm skeptical of "AI-powered everything" approaches. Sometimes the simplest solution is the right one. Microsoft has infinite resources and somehow made a calculator unreliable. Meanwhile, the built-in calculator on every OS just works. There's a lesson here about complexity for complexity's sake. Not everything needs machine learning. Sometimes you just need basic math to work correctly 100% of the time.
selinkocalar commented on AWS in 2025: Stuff you think you know that's now wrong lastweekinaws.com/blog/aw... · Posted by u/keithly
Every AWS update can potentially affect your SOC 2 or HIPAA compliance posture. I've seen companies fail audits because they assumed their security configurations were still current.
The cloud moves fast. Compliance processes need to keep up. Manual annual reviews aren't enough when your infrastructure is changing constantly.
This is also why we built automated compliance monitoring - because what worked last quarter might not work today.
This is exactly why data sovereignty matters. Big tech companies will always prioritize their home country's laws. That's fine, but businesses need to understand what they're signing up for. For healthcare and financial services especially, knowing exactly where your data is processed and under which jurisdiction isn't optional - it's a basic requirement.
selinkocalar commented on Wired Got Rolled by an AI Freelancer wired.com/story/how-wired... · Posted by u/healsdata
This is why transparency about AI usage matters so much. It's not about whether AI was used - it's about being honest about it. Eg at Delve, we're upfront that AI powers our compliance automation. But we're also clear about what it can and can't do. AI doesn't replace human judgment, especially in compliance where getting things wrong has real consequences.
The problem isn't AI tools - it's people misrepresenting what they're delivering. Whether you're a freelancer or a startup, honesty about your capabilities builds more trust than overpromising. Quality work is quality work, regardless of the tools used to create it.
selinkocalar commented on Zedless: Zed fork focused on privacy and being local-first github.com/zedless-editor... · Posted by u/homebrewer
Love seeing privacy-first approaches to dev tools. This is the same philosophy we apply to compliance tooling.
Your code, your compliance data, your business processes - these shouldn't have to live in someone else's cloud by default. Sometimes local processing isn't just about privacy, it's about performance and reliability. The big platforms want you dependent on their infrastructure. Tools that work offline and keep your data local give you actual control.
Props to the Zedless team for prioritizing user agency over SaaS revenue models.
This is exactly why I believe in building companies that actually create value, not just extract it. We could easily charge enterprise prices and hire armies of consultants to inflate our costs. Instead, we focus on making compliance genuinely affordable for the companies that need it most.
The best businesses solve real problems efficiently. When you're spending millions on CEO compensation while your workers can't afford basic necessities, you're not solving problems - you're creating them.
It's also a reminder that even sophisticated nation-state actors make operational security mistakes. No one is invulnerable if you're persistent and careful enough.