From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

IT Brew

Amanda Florian

itbrew.com

AI is being used to help developers avoid DDOS attacks, other red flags

Developers can access and use p0 for free on the cloud or with a local setup.

Billy Hurley

How to deploy gen AI as privacy laws evolve

Be transparent, be sensitive, be “really careful,” experts say.

Eoin Higgins

Microsoft AI engineer raises concerns over image generation tech

“There were not very many limits on what that model was capable of,” one engineer tells CNBC.

An arrow pointing down inside of a box denoting IT software

Software

Brianna Monsanto

Curiosity may have killed the cat…but for Microsoft veteran Stefan Weitz, it opened a lot of doors.

Curiosity is what led Weitz, who described his younger self as the “prototypical ’80s nerd kid” who loved his computer and 

, to his first gig outside of college with Andersen Consulting, a premier consulting firm.

“I did that because I like the idea of trying different things,” Weitz told IT Brew. “Part of my problem, honestly, is I love to learn different things, which is great, but also from a career perspective, it can be kind of sketchy, because you kind of bounce around.”

His knack for trying new things is what attracted him to Microsoft after Andersen embedded him in the tech giant as a consultant.

“When I was there, I was sitting in RedWest, which was a new building at the time…I looked around as I was having lunch with these people and said, ‘These are all people like me. They’re all just nerds who really just loved the work and loved the puzzles and loved the challenges,’” Weitz recalled.

After six months, a Microsoft recruiter approached Weitz to make his stay permanent with one line: “You can either stay with the Navy or join the pirates” (Microsoft being the pirates in this analogy).

“That was the pitch that got me over,” Weitz said.

Weitz’s time at Microsoft spanned almost two decades, during which he juggled several titles and opportunities.

“I would basically ingratiate myself with different organizations and then they’d say, ‘Well, okay, just come run it then,’” Weitz said.

One of Weitz’s most notable projects as a Microsoftie: helping launch Microsoft’s Bing search engine, which was designed to compete against Google. Part of the challenge of launching a brand-new search engine was not only the need to build something different from the competition, but also persuade people to try it, he said.

“That was literally building a product that nobody said they wanted and then convincing people they actually wanted it,” Weitz said.

The team ended up producing a “decision engine” designed to help users quickly move past “basic” search to find and utilize the information they needed. “So, if you looked at flights to Boston from Seattle, we would give you all the stuff you’d usually see, but we then have a prediction as to whether or not you should buy it now or wait,” Weitz said.

While Bing’s market share was never able to surpass Google’s, the work that Weitz’s team did had a lasting impact.

“It’s helped a lot with the AI efforts because a lot of the work we did in Bing early days…kind of laid the groundwork for a lot of the work in how AI operates today,” Weitz said.

In 2016, Weitz closed his chapter at Microsoft to focus on his love of building. Since then, he has been up to just about everything under the sun, including running the e-commerce fulfillment solution provider Radial for a few years, co-founding a PTSD treatment company, and starting up a music superfans platform.

“I love to go from zero to one,” Weitz said. “I love to have the idea and then get the thing running, and get it all stood up, and then hand it off to somebody to actually really run it. That’s my throughline there, for sure.”

Weitz’s journey after Microsoft hasn’t followed the traditional playbook of ex-Microsofties, but isn’t out of character for Weitz, according to Matt Wallaert, chief experience officer at outsourcing company Oceans and former Microsoft colleague of Weitz, who said Microsoft employees tend to stay with the company long-term or leave the tech giant to chase roles at similar companies.

“You just don't see that many people who go and do something entrepreneurial and do it really well and dive into that with discipline,” Wallaert said. “Stefan is a really shining example of what it looks like to find a second act that is meaningful and thoughtful.”

 These days, Weitz is known for his event-planning skills. Earlier this year, he tried his hand in the conference industry, co-founding the HumanX conference, an AI-centric conference. Inspiration for the conference came after he noticed some industry leaders’ AI investments remained stagnant, as well as a lack of general-purpose AI gatherings.

“I said, ‘Well, shoot, if we’re relying on enterprises to figure their way through this cacophony of innovation that’s happening every single day, we are going to, at best, under-deliver on the promise of what AI can do,” Weitz said.

The conference’s inaugural year went better than Weitz expected, who said the conference industry is not for the “faint of heart.” Even so, he sees room for improvement for year two, including the type of content the conference will focus on.

“It’s very much more focused on the role of the person, not the industry in which they find themselves,” Weitz said. “We’ll have some that are more geared towards that, but the majority is going to be focusing on the people and the job they have to do.”

As a co-founder of one of the largest AI conferences, he advised young AI talent to remain curious and open to challenges, two of the skills that worked in his favor in his own career.

“That curiosity and that lack of determinism is what’s missing in a lot of young people today, but also is the opportunity for those who identify that to thrive.”

A portrait of co-founder and CEO of Human X, an AI conference, Stefan Weitz.

Why this Microsoft veteran’s next act is AI conferences

The Microsoft veteran recalls what it was like to launch the Bing search engine.

A browser powered by agentic AI could take care of buying plane tickets, setting appointments—and open the door to threat actors.

New research from browser detection and response company SquareX shows how agents in the AI browser Comet can be used by attackers to access account information and email inboxes. Agents are given commands and allowed permissions that can result in malicious actors finding ways to get at your private information.

Audrey Adeline, a member of the SquareX Founder’s Office, told IT Brew that while AI browsers come with a lot of promise, the researchers’ discoveries should serve as a caution. Adeline isn’t saying not to use agentic AI in browsers, especially with internet service providers like 

 integrating the technology into their products, but she did sound a note of caution.

“Because it’s still a new technology, there are still a lot of architectural vulnerabilities that are not fixed yet,” Adeline said. “Among them are the fact that these AI agents are not security-aware. They’re trained to complete tasks to make people more productive, but it’s very easy for attackers to trick these AI agents to make them think that certain malicious tasks are required to complete whatever prompt the user is telling them to do.”

In a demo video Adeline shared with IT Brew, SquareX researchers showed how an agent could give attackers access to their accounts. In the scenario, the Comet agent is asked to research and compile data for a project. In doing so, it encounters a file-sharing app that asks for permissions to read and access the user’s Google account and email. The agent allows access because it is following other instructions; threat actors could use this tactic and others to infiltrate systems.

Adeline said Comet has already come a long way in dealing with security in its browser. But those protections aren’t enough given the scope of potential attacks.

“There are so many ways to essentially exploit them, so it is still not comprehensive at all,” Adeline said. “The fact that we could find these four attacks within just a couple of weeks—the only real guardrail that you can provide is essentially to limit these agentic identities on what they can do.”

AI browser developers like Browserbase are aware of the security threat. The company is partnering with password manager 1Password on a secure authentication process for AI agents that will be incorporated into the Browserbase browser. For CEO Paul Klein, working with 1Password is making things easier when it comes to secure access, and keeping the human element in play helps.

“In the old world, people were giving agents a list of their passwords and saying, ‘Hey, this is the one to log in,’” Klein said. “But now, with this 1Password iteration into a browser agent, we have those best-in-class things where the password is never shared—they can list the sites that you can log into and request access to a certain site, but then the human is approving that.”

Ultimately, browsers using agentic AI will become more or less ubiquitous, Klein said, but as with cloud infrastructure, getting there will require trial and error.

“More and more, the infrastructure needs to catch up to AI, and that’s a lot of the work that we’re doing,” Klein said.

Part of that process is making sure things are locked down. 1Password SVP and Head of Engineering Nancy Wang told IT Brew that encryption is an important part of the security process for browsers because they are the new endpoints. She analogized the protections to holding a safety deposit box in a bank vault.

“Even if you get into the bank, you have the bank key—we’re not actually able to see the contents of your safety deposit box, because you need your own account key,” Wang said, adding, “That’s the same principle that we apply for when we give agents the right access to sensitive things.”

AI browsers are here, and so are attackers

“Because it’s still a new technology, there are still a lot of architectural vulnerabilities that are not fixed yet,” researcher says.

Are you keeping an eye on your protocols?

If not, you may have missed the importance of the model context protocol (MCP), a tool that assists large language models to integrate and communicate with external data sources. As Alex Salazar, co-founder and CEO of 

 firm Arcade.dev, told IT Brew, the speed with which AI has taken over the tech industry—ChatGPT exploded onto the scene just three years ago, in November 2022—has led to a proliferation of tooling-like protocols, many of which never see adoption.

An open-source framework developed by software company Anthropic, MCP quickly became one of the dominant protocols in a field where companies like IBM and Google are also major players. Google’s agent-to-agent (A2A) and IBM’s agent communication protocol (ACP) have seen less adoption, though, as research firm Everest Group 

, that’s not set in stone, given how A2A and ACP are picking up steam: “Enterprises should align protocol use with their architecture—centralized (MCP), collaborative (A2A), or local-first (ACP).”

To Salazar, the interconnectedness protocol war is largely over. Once MCP was adopted by Anysphere’s popular AI-coding platform Cursor, developer interest exploded and MCP was propelled into the mainstream.

“It’s just just connectivity, period, and that war wasn’t terribly long because MCP ended up being one of the fastest, most buzzy protocols I’ve ever seen in my career in tech,” Salazar said.

The protocol came into the conversation at a time when different companies and organizations were looking for tooling solutions that would allow AI systems to integrate and connect with each other and external systems without suffering security and efficiency lapses. What MCP offered, Salazar said, was standardization—an essential building block for the agentic AI technological revolution we are in the midst of.

“How do we get more value out of our AI investments? By connecting our AI to other systems so that we can get workflow automation,” Salazar said. “Because at the end of the day, having a chatbot give you advice is not terribly valuable—having an AI agent automate workflows, that’s huge. That’s ROI.”

, RSAC VP of research, cautioned that the protocols are all in early development, and there are some kinks still to be ironed out.

“MCP is relatively simple,” Efstathopoulos said. “A2A is slightly more complex in the sense that it can be extended to have some context and pass more additional information to the next stage—sometimes it provides too much information, if you ask me, but all of this is in early stages.”

Workers in an office space with surrounded AI patterns.

MCP, A2A, ACP—AI protocol initialisms explained

“At the end of the day, having a chatbot give you advice is not terribly valuable—having an AI agent automate workflows, that’s huge,” AI developer says.

The foundations that support public open-source infrastructure say the times are a-changin’—and organizations need to pick up the slack.

 published to the Open Source Security Foundation’s website on Sept. 23, several stewards of public open-source infrastructure were candid about the massive financial constraints they’re facing due to increased expectations and demands from organizations who rely heavily on their public package registries (like Maven Central, PyPI, and OpenVSX) for software development.

While the stewards claim to serve billions of downloads per month, they said their services are only funded by a small number of commercial vendors and nonprofits. The majority of “large-scale users” consuming their services do so in an unsustainable manner, they added.

“Most of these systems operate under a dangerously fragile premise: They are often maintained, operated, and funded in ways that rely on goodwill rather than mechanisms that align responsibility with usage,” the stewards wrote.

The letter was signed by a total of eight organizations, including the OpenJS Foundation, Python Software Foundation, and Sonatype.

In their letter, these stewards called attention to the “enormous strain” that continuous integration systems and large-scale scanners place on open-source infrastructure. They said GenAI and agentic AI are also to blame as the emerging technology continues to drive an “explosion of machine-driven, often wasteful automated usage.”

Mike Milinkovich, executive director of the Eclipse Foundation, told IT Brew that the stewards are unable to increase funding at the pace of these increased demands, adding that the business model powering their community is “broken.” He said demand for OpenVSX, for example, has seen a fourfold increase in demand (i.e., number of downloads) in the past year, with no increase in funding during that time.

“We don’t have a business model that links demand to revenue,” Milinkovich said. “And basically this letter is telling the world we have got to get there.”

Increased demand is not all that stewards are juggling. Milinkovich said some also grapple with the increased expectation of making sure repositories are protected from 

“There’s this steady little incremental, drip, drip, drip of, ‘You need to do more. You need to do more. You need to do more,’” Milinkovich said. “And I think we’re here to say that the camel’s back is broken and we collectively need help.”

In their letter, the eight organizations provided a short list of things organizations and individuals can do to alleviate the current operational burden. This includes staying educated on the funding models and needs of the different foundations, supporting foundations financially through memberships and sponsorships, and more conscious usage.

The stewards asserted individual players in the open source ecosystem will “adopt the approaches that make the most sense in its own context.” However, they suggested several moves in the letter that could help address the current problem within their industry, such as establishing partnerships with commercial and institutional entities and enforcing tiered access models that provide larger consumers with “scaled performance.”

“These are not radical ideas,” the stewards wrote. “They are practical, commonsense measures already used in other shared systems, such as internet bandwidth and cloud computing.”

Stewards of public open-source infrastructure say it’s time to change how it is funded

Most of these systems operate under a dangerously fragile premise: They are often maintained, operated, and funded in ways that rely on goodwill,” write stewards of public open-source infrastructure.

Stewards of public open-source infrastructure say a better funding model is needed

“Vibe coding” refers to a software-development approach that requires no coding expertise—just an idea for an end product, an AI-powered chat platform, and some natural-language prompts. In theory, the code produced from those prompts results in an application, even if it’s an app that has the occasional 

While that sounds like a quick and easy way for virtually anyone to spin up an app or service, there’s one big reason not to try vibe coding in the enterprise, thinks Simon Ritter, deputy CTO at Azul Systems.

It can be embodied by the following phrase:

Is the aforementioned bird hungry, or is it ready to be eaten? To Ritter, the ambiguity demonstrates how well-meaning prompts can be misunderstood and lead to unsatisfactory LLM outputs.

The verb “to run” alone, he adds, has 

. That’s a problem when you want to prompt a model to run something exact.

“If you’re trying to describe in a precise way what you want the application to do, it can be very, very difficult,” Ritter told IT Brew. “And that’s the whole reason that we have programming languages, because we’ve tried to raise the level of abstraction away from the machine into something which is more human-readable but still unambiguous.”

Even if Ritter is out on vibe coding, many are in. While Ritter said vibe coding hasn’t reached production platforms, pros like Steve Bennett, director of cloud-native applications at Soliant Consulting, have used the method regularly. He and Ritter shared strategies, such as familiar code-review processes, to limit the bad vibes for IT pros trying to use AI to code.

Bennett and his team have been employing StackBlitz’s Bolt.new tool—a browser-based utility that uses natural-language prompts to build web apps.

A Bolt-developed application, as is, does not go right to a production environment, Bennett said.

The Soliant director employs the vibe-based output as a prototype for customer-portal and back-end business applications, which his team can then code-review and sample.

An example prompt, he said, might be, “I’m looking to build an inventory application”; he’ll specify three or four features, the desired language (maybe React TypeScript), and core libraries. Bennett said he adds functionality through multiple, concise prompts, once the app is up and running.

“It really reduces that feedback life cycle to be able to get something back in front of our clients faces quickly,” Bennett told us.

Ritter sees AI coding as a spectrum; there are prompt-to-full app capabilities (via tools like Bolt.new and Lovable), and there are “lower end of the spectrum” functions like code-autocomplete capabilities, which can make educated guesses at entire lines of code via the programmer’s integrated developer environment (IDE). In the middle of the spectrum, he sees prompt-based tools helpfully creating specific components rather than entire apps.

“It’s almost along the same lines as [how] we always use libraries, because we don’t want to reinvent the wheel,” Ritter said.

Recent reports revealed vibe coding has led to 

” failure, and perhaps an emerging profession: 

When Bennett builds an app, he looks for:

If an app is 400 lines long, perhaps he’ll prompt to optimize the code and make components into sub-components.

Popular npm packages totaling “more than 2 billion downloads per week”, for example, had malicious code, 

 If using a third-party API, make sure the key isn’t placed in the code, Bennett recommended.

 Ensure there are validators—Bennett uses Zod—for any form inputs.

 Bennett said he has had to nudge the LLM with an additional prompt to change formats like tables into phone-ready “cards.”

 A human team member inspects any code before it’s merged.

, released in July and based on data from more than 49,000 respondents, revealed that just 12% are vibe coding—72% said “no,” and 5% said, “no, emphatically.” Almost half (46%) of software developers distrust AI-tool accuracy either somewhat or highly, more than the one-third who trust it.

Bennett sees linguistic ambiguity as a minor hurdle; if the code doesn’t look right to him, he reiterates his original prompt. (“It’s much easier to send a correction to a vibe-coding agent than it is to a design team and wait on that feedback life cycle,” he said.)

Ritter sees Bennett’s approach working, as long as each iteration is done quickly, “But how many iterations you have to go through before you actually get the result that you want?”

Let’s hope the number’s not something like 645.

A coder at a desk overlayed on a background of binary code. (Credit: Illustration: Anna Kim, Photo: Adobe Stock)

What to check when someone’s vibe coding

 AI might advance rapidly, but code reviews never go out of style.

Advocates promise the new generation of autonomous software can make decisions and learn processes without the need for constant human oversight. That sounds great, but there are reasons for companies to hesitate before going all-in on this shiny new toy, no matter how much they think 

AI agent protocols—how agents communicate with each other—are one concern that has Dr. Petros Efstathopoulos, RSAC VP of research, on the alert.

In an interview with IT Brew, Efstathopoulos explained the limitations of protocols, what users should look for as the technology continues to evolve, and why human oversight is needed.

This interview has been edited for length and clarity.

What can you tell us about protocols? What are some misconceptions?

This is an area that’s moving very fast, and it’s very early, so [researchers have] done as best they can. I’m sure that [the protocols] will improve with time. We’ve given these folks very little time to architect and help build these things, and I'm sure that with time, they will mature.

Now, these protocols have been designed in order to connect the agents. They're essentially communication protocols at a very high level. The expectation that some people have is that these protocols would also help transform or help check the data that’s being transferred from one agent into another, as if the protocol is also responsible for the integrity and the correctness of the information that's being relayed from one agent to another.

Wait, the protocol doesn’t need to ensure that the information is accurate? Why not?

It’s not the protocol's job to do that. The protocol is there just to create the connection. But having said that, when we have multiple agents that are connected back-to-back, it is often the case that when one of the agents makes a mistake, and that’s passed on to the next agent, the errors and the inaccuracies kind of pile up. And sometimes they get amplified. That’s not an inherent protocol problem, it’s just an inherent problem of connecting multiple agents together.

The fact that sometimes this doesn’t work very well in terms of the accuracy of the results is not the fault of the protocols. It’s just that stacking many agents together can exacerbate mistakes that the elements are making. The protocol itself is just the messenger, so to speak, between the agents.

So it's kind of like a game of telephone, except there's obviously no human involved in the middle—you could put something in, and if it’s slightly off, maybe the result you get on the other end might be even further off. Is that what you mean?

Without these protocols, we cannot connect the agents and stack them together. We would only rely on a single agent, because you wouldn’t have a way to connect them. The protocols enable this stacking of the agents. It’s an enabling mechanism; the fact that now the agents are stuck and connected to one another leads to this game of telephone.

Imagine we were talking on the phone. I relate some information to you, you know, ‘the price of the Amazon stock today is XYZ. And I was incorrect in what I was doing. You wouldn’t expect that the phone company would know how to fix my mistake and change my words, right? So that’s the equivalent, you can’t expect the protocols themselves to to fix the information that’s relayed if that information is not correct. The protocol is there just as a communication medium.

But because the protocol is the enabling factor for stacking these agents, when bad things happen, it gets a little bit of the blame as well.

Man on computer in James Bond-style crosshairs

How protocols turn agentic AI into a game of telephone 

“The protocol is there just to create the connection,” RSAC’s Petros Efstathopoulos tells IT Brew. But that can lead to issues. 

Caroline Nihill

While it can seem as if artificial intelligence (AI) has all the answers, especially when given the right prompt, many providers are finding it difficult to find the right pricing models for their AI products in a rapidly evolving landscape.

Guy Marion, the chief marketing officer at Chargebee, a commerce platform for subscription and recurring revenue businesses, told IT Brew that companies building and iterating the latest AI products are experiencing market changes as much as every six months.

“The industry is moving at a faster pace than we’ve ever seen before, and the markets are bigger than they used to be,” Marion added.

In response, Marion said that some companies are choosing to charge customers on a subscription basis for using AI tools and services. While it could seem as if such fast industry development promotes competition and choice within the market, some see it as burdensome for consumers.

, reported that companies that combine subscription, usage, and outcome models (or the issuance of a flat fee) doubled their probability for increased profit margins in comparison to those with just a usage-based model.

Given how much people are talking about AI, it’s sometimes easy to forget the newness of the technology and how rapidly it’s evolving. Even the big AI providers are trying to figure out…well, virtually everything about how to build and market AI products.

Michael Friedman, the SVP of customer experience AI-provider ASAPP, said that the easiest part of setting the price for an AI solution is talking to customers about the value of the model. But thanks to the AI industry’s constant change, it’s much harder to measure your product’s value against market competitors.

“There are so many new players of different sizes and different approaches and different technologies who are coming at you from all over the world,” Friedman said. “So benchmarking against competition for pricing in generative AI is certainly very hard to do because the themes are changing so rapidly and the players are changing so rapidly.”

Tomás Hernando Kofman, co-founder and CEO of Not Diamond, a startup that builds infrastructure that allows companies to utilize multiple AI models, agreed. He said that companies that want to provide AI products and services can struggle with figuring out pricing because the unit economics for AI are different from software.

Deploying AI comes with inference costs, which is what a company spends to run a pre-trained AI model, including hardware and cloud expenses. Depending on the size of the model, the length and complexity of the AI’s output, and other factors, inference costs can quickly skyrocket, wrecking even the most carefully planned budgets.

“The inference cost is so high relative to the execution of traditional software programs and that means that people often end up in these very risky pricing models, where it’s like a subscription, flat fee, but you might end up underwater on that,” Kofman said.

Since Not Diamond uses traditional machine learning techniques in its products instead of AI models, the company’s unit economics aren’t feeling the pressure. Kofman said, however, that within the AI market, many companies are still in the investment stage, meaning they could be more focused on performance and quality than cost optimization; at least for the time being, they might be more willing to burn incredible amounts of cash to deliver a result.

“I do see a lot of enterprises, in particular, more comfortable running with poor, even negative, economics just to get their AI products to market,” Kofman said. “I think you’ll see more pricing changes in the space as well, both for AI-powered product prices to go up and for more and more companies to be looking for various cost optimization techniques to avoid ending upside down on the economics.”

Many providers are also experimenting with subscription pricing for AI models that stagger access and capabilities of a model rather than offering products at a flat fee.

Kofman said that the subscription model is “economically prohibitive for a lot of customers to have these subscriptions, which can get up into the hundreds of dollars per month” and offer less choice to customers who want to access different AI abilities for different projects.

 on ChatGPT Pro’s cost per month sitting at $200, with OpenAI’s CEO Sam Altman 

 to share that he chose the price and believed the company would profit from it. Similarly, 

 expanded usage plans with varying flexibility sit in the $100-200 range and 

The Not Diamond founder isn’t the only one who is recognizing the market’s move to subscription models, especially as customers look to have multiple subscriptions across different platforms because they want access to these models. Marion pointed out that many pricing models across the larger market have been one-dimensional, offering a service at a standard fee per every payment cycle.

“Right now, we’re starting to move into fourth dimensions, where you’re looking at your plans, you’re looking at your price, you’re looking at your usage, and you’re looking at the value of that usage,” Marion said. “So that usage can get split into basic amounts and then higher value amounts, for example, AI-delivered solutions.”

Marion continued that he views the top performers in the AI space as currently “enhancing their pricing strategies in response to building and launching AI” through experimenting with pricing models.

Companies with the agility Marion described are trying to get profit margins up and become a player comparable to big box AI providers, like OpenAI, “and they’re losing an enormous amount of money because they’re consuming so much computer costs.”