# LLMs.txt instructions for schematical.com # Reference: https://llmstxt.org/ version: 1 # Data to load - load: https://schematical.com/api/posts.md?page=1 - load: https://schematical.com/api/events.md?page=1 - Community: https://schematical.com/api/md-pages/community2 - ChatGPT: Instant Checkout and the Agentic Commerce Protocol: https://schematical.com/api/md-pages/agent-payment - Schematical - Helping CTOs running on AWS sleep at night: https://schematical.com/api/md-pages/home # Main navigation - Home: https://schematical.com/ - Consulting: https://schematical.com/consulting - Coaching: https://schematical.com/community - Events: https://schematical.com/events - Speaking: https://schematical.com/speaking - Free Resources: https://schematical.com/free # Social links - Twitter: https://twitter.com/schematical - LinkedIn: https://www.linkedin.com/in/schematical - AngelList: https://angel.co/company/schematical - Discord: https://discord.gg/zUEacFT - YouTube: https://www.youtube.com/schematical - Buy Me a Coffee: https://www.buymeacoffee.com/schematical/membership - Email newsletter: https://schematical.ck.page/c03195f573 - Product Hunt: https://www.producthunt.com/@schematical - Reddit: https://www.reddit.com/user/schematical - Mastodon: https://mastodon.social/@schematical # Recent Posts: ## [Hermes Agent - The good, the bad, and the ugly](https://schematical.com/posts/686-hermes_20260510) I spent last Friday jumping on the latest AI Agent bandwagon. Allow me to introduce you to the latest hyped up tech in an already crowded world of AI agent software: [Hermes Agent](https://hermes-agent.nousresearch.com/docs/). It's touted as a self-learning agent. I think a more accurate term is self-documenting. I did have some serious issues with it. Even if you [turn on manual approval](https://hermes-agent.nousresearch.com/docs/user-guide/security#approval-modes) for commands, it still only asks for approval for a [select few commands](https://hermes-agent.nousresearch.com/docs/user-guide/security#hardline-blocklist-always-on-floor), which led to it running a wide variety of Python scripts the model coded on the fly that I had no idea what they did. Obviously, this is a massive security flaw, and before you ask, yes, I was running this in a container to prevent it from blowing up my desktop. It also seemed to rewrite [skills](https://hermes-agent.nousresearch.com/docs/reference/skills-catalog) at random; skills I had not yet asked it to use in any way. Randomly altering documentation for tasks it had not been instructed to work on isn’t what I would consider “Self-improving”. I was able to get it to connect to Unity using the [Unity MCP server](https://github.com/CoplayDev/unity-mcp) to see if I could get it to do anything at all with [Tech Debt](https://store.steampowered.com/app/4567430/Tech_Debt/), like perhaps QA it so I can get the next round of playtest out of the door. Sadly, it wasn’t able to do much. I asked it to make a copy of a button… It failed pretty hard, so I am not optimistic for significant contributions any time soon. I wish I could tell you what the AI hype bros are screaming from the rooftop, that “This new software will change your life”, but I cannot. What I can tell you for certain is that if you play with any of these AI tools, DO NOT GIVE THEM ACCESS TO YOUR COMPUTER; keep them in a container or on a remote virtual server with safeguards. While there is a small chance these things could give you some productivity boosts, there is an infinitely larger possibility that they will brick your OS or publish your sensitive documents to a publicly accessible website for malicious parties to abuse. The agent actually did push text files that could have been sensitive to a public site only a few hours after I started working with it, but again, since I was in a container, it was nothing sensitive. With all that said, I am going to play with it a bit more and see what I can get it to do. I’ll let you know how it goes. What AI productivity tools are you using? --- ## [Amazon GameLift Servers](https://schematical.com/posts/gametech-rapid_20260507) Have you checked out AWS’s Video Game hosting service GameLift? As I continue with development of [Tech Debt](https://schematical.com/techdebt), I decided to take a look at one of AWS’s services that normally doesn’t catch my eye. Allow me to introduce Amazon GameLift Servers. GameLift Servers(Not to be confused with GameLift Stream) helps game developers host their online co-op games at scale. They offer SDKs for both Unity and Unreal Engine(Sorry if you are a [Gadot](https://godotengine.org/) developer). They have a fairly impressive list of customers using it, including [Apex Legends](https://aws.amazon.com/blogs/gametech/apex-legends-migrates-to-amazon-gamelift-servers-in-just-10-days/). Will I be using this for [Tech Debt](https://schematical.com/techdebt)? No, multiplayer isn’t in the cards for Tech Debt, but I do have ideas for other games I might make in the future. There is a genre of game that is popular right now called “Friend Slop”, which means a game you can play with your friends but typically has sloppy physics resulting in difficult but comical shenanigans. A good example of this would be [Overcooked](https://www.nintendo.com/us/store/products/overcooked-2-switch/?srsltid=AfmBOoqr7P29aPsCn-Xb2kAXx4CgxuOhfEG6z-NYGe_uuZHV9VhxOcYF). A “friend slop” game would be a perfect use case for something like GameLift. Random question: What is your favorite video game? --- ## [EBS Volume Clones greatly decrease the time to replicate data on AWS](https://schematical.com/posts/amazon-ebs-volume_20260506) Do you have massive amounts of data on EBS that frequently need to get backed up or replicated for use in another env? Sick of creating EBS Snapshots then using that to create your dev/test env volumes? EBS now lets you skip that whole thing and just clone an existing EBS volume in a small fraction of the time. AWS boasts a staggering [93% reduction](https://aws.amazon.com/blogs/storage/accelerate-development-workflows-with-amazon-ebs-volume-clones/#:~:text=54%20minutes%2C%20a-,93%25%20reduction,-with%20no%20impact/) in time to replicate an EBS volume using cloning over the former approach. There are plenty of other use cases for cloning including, disaster recovery or decreasing your CI/CD build time. My question for you: How would you use EBS Volume Clones to enhance your infrastructure? --- ## [Free Course: Agent Memory: Building Memory-Aware Agents](https://schematical.com/posts/agent-memory_20260505) In a world full of “prompt engineers” and vibe coders, it is refreshing when a real expert drops a knowledge bomb, and it's even better when they do it for free. I first discovered the work of [Richmond Alake](https://www.linkedin.com/in/richmondalake/) in his presentation on [Architecting Agent Memory: Principles, Patterns, and Best Practices](https://www.youtube.com/watch?v=W2HVdB4Jbjs&ab_channel=AIEngineer), which I thought was brilliant. Now I just got word that Richmond has a free course called [Agent Memory: Building Memory-Aware Agents](https://www.deeplearning.ai/short-courses/agent-memory-building-memory-aware-agents). This couldn’t have come at a better time for me as I am deep in the research phase for designing an agentic system but that is all I can say about that for now… Either way, I just signed up for the class and so far it has lived up to my expectations. If you are doing any agentic work or even considering it, I would strongly recommend following Richmond’s work. --- ## [AWS Backup](https://schematical.com/posts/aws-backup_20260504) Are you vulnerable to ransomware attacks on AWS? Or perhaps you are [using the latest Agentic AI tool to manage your infrastructure, and it goes rogue, deleting your production DB?](https://schematical.com/posts/592-maybe-my-job-is-safe_20260312) Before everything goes sideways, you should check out [AWS Backup](https://aws.amazon.com/backup/), which allows you to organize “Vaults” to backup S3, EFS,RDS,DynamoDB, and [many more services](https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html). Whatever your plan is to prevent catastrophic data loss, make sure you are on it before “it” hits the fan. Good luck. If you need help getting a plan in place, shoot me a message and let's talk before the worst should happen. --- ## [Are your Commercial AI Agents accessing websites they shouldn't?](https://schematical.com/posts/machine-learning-control_20260503) You might be tempted to [slap a chatbot](https://schematical.com/posts/comic-just-slap-a-chat-agent_20251210) on your website. Then, to further its capabilities, you give it access to [AgentCore Browser Tools](https://aws.amazon.com/blogs/machine-learning/introducing-amazon-bedrock-agentcore-browser-tool/). I’m not sure I would recommend that for a public-facing tool that does NOT require authentication, but I am not here to judge. How do you ensure that Agent doesn’t go rogue and DDoS some random site or worse, drop user-specific information on some malicious site? Even [AI Agents can fall victim to Phishing attacks](https://schematical.com/posts/llm-cyber-security_20260108). If you do give an agent access to Browser Tools, you should 100% lock it down with [AWS Network Firewall](https://aws.amazon.com/network-firewall/). Luckily, [Agent Core accesses your VPC just like any other AWS service, so it's easy to lock down](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/agentcore-vpc.html). If you need help locking it down, feel free to reach out to me, and [let’s set up a time to chat](https://calendly.com/schematical/aws-consultation-clone). For more information on AWS security checkout my On-Demand Video Course on O'Reilly [Zero to Hero on AWS Security: An Animated Guide to Security in the Cloud](https://www.oreilly.com/videos/zero-to-hero/0642572107789/) --- ## [Tech Debt - The Video Game’s Steam page is live!](https://schematical.com/posts/75-tech-debt-update_20260430) You can now [wishlist Tech Debt on Steam](https://store.steampowered.com/app/4567430/Tech_Debt/). If you have any questions or feedback please send them my way. I would love to hear what you think. I am still working on the trailer but that should be live soon. Once that is done we will start expanding the play tests to get more player feedback. If you are interested, sign up at https://schematical.com/techdebt and I will keep you posted as we iterate through several rounds of playtesting. After that, we are getting pretty close to launching a `1.0`... I hope. Being as this is my first game on Steam, I am trying to keep it small in scope but as with many projects the last 10% of the project is 90% of the work. Because of this I am not going to plant a flag in the sand as to when it will 100% be complete. I will know a lot more after a few rounds of playtesting. With all that said, I still have a lot of work to do. In the meantime I have a small favor to ask; If you know anyone that might find Tech Debt interesting and want to play it please spread the word. Any help is greatly appreciated! ~Matt --- ## [AWS CloudFront Flat Rate Pricing](https://schematical.com/posts/cloudfront-flatrate_20260429) Tired of volatile CloudFront charges in your AWS bill? Before this new [CloudFront Flat Rate Pricing](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/flat-rate-pricing-plan.html) tier, you could spin up CloudFront to act as a CDN serving up your binary assets fast and efficiently, but you might have overlooked WAF(Web Application Firewall), an essential tool for fending off bot attacks. Then you start seeing spikes in your CDN bill from DDoS attacks or even legitimate bot traffic. At that point, you could spend months going down the deep rabbit hole of WAF or… You could just let AWS handle all of that for you by electing for their flat rate pricing. By taking several complex services and giving them a set of optimized presets, then packaging them into a single product, AWS takes a lot of the complexity out of getting started. Take that a step further by removing risk from the customer’s plate and charging a premium for absorbing the volatility. Should you use CloudFront Flat Rate Pricing? It depends. If you have an internal team with the skills and time to set up and manage these products independently, then you might want to opt out of the flat pricing. But if engineering hours are better spent building new features, or you lack the depth of skill required to finely tune these services, then the flat tier might just be for you. If you need help making this decision [lets set up a time to chat](https://calendly.com/schematical/consultation). --- ## [Amazon S3 Files](https://schematical.com/posts/awsamazoncom-s3_20260428) Ever wish you could mount an S3 bucket directly to an ECS/EKS task to enhance performance? Oddly enough, just recently, I had a client project where we were weighing the merits of using S3 or the [EFS](https://aws.amazon.com/efs/). My initial question was “How are they going to keep all the different versions of this data flying around the network in sync?” and they actually [documented that pretty well](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-files-synchronization.html). The short answer is `S3 bucket is the source of truth in case of conflicts`. If they do detect a conflict, they will document it in a new “lost and found” directory, so at least you have an audit trail. There are [additional charges](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-files-metering.html) for both storage and I/O, which you should be aware of so they don’t sneak up on you. As for setting it up, they have a weird UI where you click through S3 and select your task definition to mount it to, but I was relieved to find you can [skip all that and mount the S3 filesystem just like any other volume you would mount to an ECS task](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specify-s3files-config.html). Honestly, I am skeptical about how much performance I can squeeze out of directly mounting the S3 filesystem, but I am eager to give it a try and find out. I will let you know once I do. Side Note: I actually put a lot of links in posts like these but I am told social platforms don’t like me linking to places off platform so those links are stripped out from posts on social platforms. For the full post with links checkout my website, or better yet, sign up for my mailing lists. --- ## [CTO Coffee Hour: 20% of all retail sales in the 2025 holiday season were made by AI](https://schematical.com/posts/cto-coffee042826_20260428) In today's episode, Matt talks more about about a report that breaks down how 20% of all retail sales in the 2025 holiday season were made by AI. --- ## [20% of all retail sales in the 2025 holiday season were made by AI, report says](https://schematical.com/posts/salesforcecom-news_20260426) Recently, I was doing some research, and I found some interesting stats about the 2025 holiday season, claiming [AI and agents account for $262 billion of 2025 holiday spend](https://www.salesforce.com/news/stories/2025-holiday-shopping-data/). Wow, that is “ 20% of all retail sales”. They further went on to claim companies that deployed their own AI agents saw a 59% higher growth rate — averaging a 6.2% YoY sales increase versus 3.9%. I do wish they had a better breakdown of the exact functionality that each of the AI Agents had that drove growth. They also didn’t do a great job of separating out people who brought their own Agentic AI, like people using ChatGPT, Gemini, Claud, etc which I have a feeling will have their own distinct trends. What does this mean? Let's break it down. If you are a long-time reader, you know I am not a fan of just [“slapping an AI chatbot on it and calling it AI”](https://schematical.com/posts/comic-just-slap-a-chat-agent_20251210). But it seems that an actual integration with tool calls and the ability to take some actions on behalf of the user (not issue refunds) has some positive effect on sales if you are an e-commerce company. They did mention that in some cases, the companies they observed tied their chatbot to their customer service flow, and it had a positive impact. If you do this, just be sure to have a human in the loop to approve the bot’s recommendations. The ‘59% higher growth rate’ they boasted sounds great, as long as the costs of the tokens you are spending on your chatbots don’t exceed your profit growth, and none of those numbers are being published at this point in time. We live in interesting times. Will you be able to survive as a company if you are not “AI first”? As I said before, I think it will be possible to survive, but it will be like having a website in the early 2010s that is NOT mobile-friendly. Some people will seek out sites and services that fit the way they are choosing to browse. If you are interested in getting your business ready to grab this new wave of AI traffic that evidently is driving 20% of retail spending, then I would be happy to help you with that. [Let's set up a time to chat.](https://calendly.com/schematical/aws-consultation-clone) --- ## [Amazon Bio Discovery](https://schematical.com/posts/aws-bio-discovery_20260423) We live in wild times. AWS now has a service that helps scientists develop antibodies using AI. Allow me to introduce you to [Amazon Bio Discovery](https://aws.amazon.com/biodiscovery/). It allows scientists to collaborate at scale, and they boast 40+ AI Drug Discovery Models, so they're not just developing antibodies but new designer drugs as well. There is a lot more going on in there, and I am not going to lie, most of it is over my head, but it is fascinating to check out. It makes me wonder what kind of safeguards they have in place to ensure some mad scientist doesn't go rogue and try to design a killer virus or a drug that hypnotizes you… Or perhaps I have been reading too many comic books. Let me know what you think about AWS Bio Discovery. Is it a tool you or your organization could use? --- ## [AWS Lambda Managed Instances](https://schematical.com/posts/aws-lamba-managed-instances_20260422) Need more memory/CPU for your AWS Lambda Invocations? Then you might want to check out [AWS Lambda Managed Instances](https://aws.amazon.com/lambda/lambda-managed-instances/). If you want to have more customization options for the underlying hardware your lambdas run on, then this is what you are looking for. It also unlocks the ability to use Reserved Instances and Savings Plans, which can lead to long-term savings. As of the time of this writing, I have NOT found [any instances that have GPUs](https://aws.amazon.com/lambda/pricing/#:~:text=EPU%20pricing%20applies.-,Management%20Fees,-Pricing%20Example%3A%20High). It seems a little odd that they don’t allow that. I wonder if AWS is trying to funnel you to one of its other managed services to keep you on the platform. Though using AWS Lambdas to manage your workload is a form of platform lock-in. I also find it interesting that they let you run ECS tasks on Fargate so you don’t need to provision instances, while at the same time taking Lambdas, previously considered the definition of “serverless”, and letting you provision servers to run those on. Odd design choices. With all that said, are you considering running your lambdas on a managed instance? If so, I would love to hear your use case. --- ## [AWS Elemental Inference - Convert live streaming video from vertical to horizontal in seconds](https://schematical.com/posts/aws-elemental-inference_20260421) Are you streaming live video horizontally like a dinosaur while your new Gen Z audience is consuming content vertically through the smart phone? If so you may want to check out [AWS Elemental Inference](https://us-east-1.console.aws.amazon.com/elemental-inference/home?region=us-east-1). They boast not only smart clipping, which pretty much every video editing software does(not well), but also converting traditional horizontally formatted video to the vertical format you see in the short form content that exploded over the last decade. Now that is interesting as the vertical format normally reserved for clips around 60 seconds is being utilized for live streams of sporting events lasting hours. I guess people can’t be bothered to hold their phone sideways while watching live events. I am curious what sports they trained the model that converts it from horizontal to vertical. Would it work with cricket? That is another ball sport so perhaps that would work? What about Gymnastics or BJJ? I have no idea but I might test it some time. AWS seems to be expanding outside of just selling compute into building out their own B2B services aimed at the non-super geeks like myself. Another example of this is the [Quick Suite Interface](https://schematical.com/posts/quick-suite-mcp_20260318), which while I see value in this as a stock holder I am not sure I like them watering down a model that already works so well. But at the same time if you can save developers on your platform time and effort by having a ready to go interface for non technical users it makes sense. This is not a technology I think will change the world but having worked on a handful of video streaming products I could see there being value in this. I’m always the one bringing you new AWS services. Today my question for you is what new or obscure AWS services should be on my radar? --- ## [CTO Coffee Hour: Claude Mythos Preview](https://schematical.com/posts/ctocoffee-0421_20260421) On today's episode, Matt & Dom dive into Claude Mythos Preview offered by Amazon Bedrock. --- ## [Amazon Bedrock now offers Claude Mythos Preview (Kinda…)](https://schematical.com/posts/amazon-bedrock-now-offers-claude_20260419) The world's most advanced cybersecurity AI model is now on AWS…if you are a giant tech company. AWS [recently announced that AWS Bedrock will offer the now infamous Cloud Mythos model](https://aws.amazon.com/about-aws/whats-new/2026/04/amazon-bedrock-claude-mythos/). Of course, as soon as I found out, I wanted to get my hands on it, so I went to Bedrock to spin up the malicious hacking tool only to find it wasn’t there. That is when I read the fine print: “Anthropic and AWS are taking a deliberately cautious approach to release, prioritizing **internet-critical companies**”. Disappointing, but again I am torn. I understand this could be weaponized to cause havoc, but at the same time, I am skeptical of how they chose who gets the proverbial “bomb” and who doesn’t. I’m sure I will get my hands on it eventually, assuming it doesn't take down the entire internet before I get a chance to play with it. For my info sec friends out there, I am curious what you think about Claude Mythos. Hype or the cyber version of the atomic bomb? --- ## [Beware of AWS Bedrock’s Legacy and End-Of-Life Models](https://schematical.com/posts/aws-bedrock-eol-legacy_20260416) Right now, technology is advancing at an incredible pace, never before seen. Unfortunately, that comes with some drawbacks as well. As quickly as AWS Bedrock is adding new models, they are depreciating models, models you might be depending on. One of the things I love about AWS Bedrock is that they simplify hosting models, but only the models in their catalog. So if you use their incredibly convenient service to spin up a model in their catalog, just be aware that that same model could soon become “Legacy” or even worse, “EOL”(end of life). Here is a quote directly from [their docs](https://docs.aws.amazon.com/bedrock/latest/userguide/model-lifecycle.html). ``` On, or soon after the EOL date, the model is no longer available for use in all AWS Regions and requests made to this version will **fail**, unless there is a private arrangement between you and the provider for continued access. You will need to migrate to the latest model by updating your application code before the EOL date. Migration will not happen automatically. ``` Just keep this in mind when choosing how you design your infrastructure. If you need help designing great cloud infrastructure, [let’s set up a time to chat](https://calendly.com/schematical/consultation). --- ## [There are a lot of weird models out there that are doing increasingly obscure yet interesting tasks](https://schematical.com/posts/netflix-void-model_20260415) Today, I want to introduce you to [Netflix’s Void Model](https://huggingface.co/netflix/void-model), which removes not only objects from videos but everything that the object has an effect on. Imagine you had a video of dominoes falling down, then you just removed a few of the dominoes in the middle. Once this model runs through the video, the first domino falls flat, and the dominoes after the missing dominoes just stand there. In their examples, they have another example of 2 cards plowing into each other in the source video, then the video the model pushed out which removed the second car, and the first car just kept cruising along. You can tell the model what you want removed by passing in a `quadmask`, which is basically where you paint over what you want removed frame by frame, and the model uses that to determine what needs to be removed. I know I am skeptical about AI uses, but this one is a fairly mind-blowing application. AI has gone from barely generating Will Smith eating pasta to being able to have such an in-depth understanding of world objects that you can just tell it to remove an object from a scene, and it can infer enough about the physics and the interaction that object would have on that scene that it can render something halfway decent. It’s not teleportation or time travel, but impressive nonetheless. While impressive, it is equally scary, as I am sure this could be used to rewrite history for nefarious purposes. As they say, “Believe nothing you hear, only one half that you see, and nothing that was run through this model”(jk). I want to thank my Discord mods for sharing this and a lot of other interesting stuff with me. If you want to get in on conversations like this and all the other stuff I talk about, you should jump on [my Discord](https://discord.com/invite/zUEacFT). --- ## [GitHub Copilot is coming for your data](https://schematical.com/posts/github-training_20260414) GitHub, which used to be the knight in shining armor leading the open source movement, now wants to use all your code to train their AI agents to someday take your job. [It all starts on April 24th, 2026](https://github.blog/news-insights/company-news/updates-to-github-copilot-interaction-data-usage-policy/). In their own words: ``` From April 24 onward, interaction data—specifically inputs, outputs, code snippets, and associated context—from Copilot Free, Pro, and Pro+ users will be used to train and improve our AI models unless they opt out. ``` I feel like I wouldn’t be as disgusted with this if the user had to opt in instead of just having them opt in by default. I suppose this is part of a bigger trend that has been happening for a while. Part of me wants to move everything from the cloud to hardware I self-host out in a cabin in the woods while forging my own food and growing a big beard like Ron Swanson, but that doesn’t seem practical either. How do you feel about these big companies using your hard work to train their models? --- ## [CTO Coffee Hour: AWS Agent Registry is now in preview](https://schematical.com/posts/ctocoffee-0414_20260414) If you didn't catch our post yesterday, you're in luck. On today's CTO Coffee Hour episode, Matt & Dom dive into AWS Agent Registry that is now in preview. You can read more about it here: [AWS Agent Registry is now in preview](https://schematical.com/posts/aws-agent-registery_20260412) --- ## [AWS Agent Registry is now in preview](https://schematical.com/posts/aws-agent-registery_20260412) Is your organization jumping on the Agentic AI bandwagon? If so, chances are your various teams could be creating redundant or overlapping tools. AWS wants to solve that with [AWS Agent Registry](https://aws.amazon.com/blogs/machine-learning/the-future-of-managing-agents-at-scale-aws-agent-registry-now-in-preview/). Agent Registry stores metadata on every MPC Server, Tool Call, Skills, and even Agents. This way, your various agents can query the registry and see what tools to call via MCP or what agents to collaborate with via A2A. This all sounds like a great way to burn cash on tokens or the start of [Skynet](https://screenrant.com/terminator-logic-memes-funny/). But seriously, while I am getting a bit of “Agentic” fatigue from people sticking chatbots into everything, I do think the tech is here to stay. The question is, what is the appropriate use case for it? It’s no different than how in the late 2000s everyone was creating mobile apps for every use case when a simple website would do just fine. --- ## [How do you determine legitimate bot traffic from malicious bot traffic?](https://schematical.com/posts/bot-best-practices_20260409) After analysing literally billions of requests at this point via various tools like Cloud Watch Insights, I have found a convenient way to determine good traffic from bad. Legitimate crawlers like Meta’s link checkers put the link to their documentation right in the User agent: ``` meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) ``` Google, OpenAI, and Amazon all do the same thing: ``` Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot) Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 ``` Heck, Anthropic even gives you an email address you can contact: ``` Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) ``` Is it computationally effective to spam out the same link over and over again in your user agent? Probably not, but it makes it convenient for someone like me to figure out where the traffic is coming from and better decide if it is legitimate or not. If you are getting spammed, try a thorough inspection of the User Agent to see if you can get a link straight to the source. If you have a crawling service, consider putting a link to your docs in your user agent to better communicate to the websites you are crawling a reason not to block you. I will point out that spoofing user agents is not rocket science, so don’t just trust the user agent. Ideally, these docs would give you a way to verify the user agent is legitimate. For example, [Google gives you a really simple way to verify their bot via DNS](https://developers.google.com/crawling/docs/crawlers-fetchers/verify-google-requests). Question for you: How are you determining what traffic is malicious or useless bot traffic vs legitimate traffic? By the way, if you need help fending off malicious bot traffic, that is what we do at Schematical, so feel free to set up a time to chat with us here: https://schematical.com/consulting --- ## [S3 Express One Zone](https://schematical.com/posts/s3-express-one-zone_20260408) Want to speed up access to AWS S3 up to 10x faster while saving up to 80% compared to standard S3? Then you need to check out [S3 Express One Zone](https://aws.amazon.com/s3/storage-classes/express-one-zone/). You might be wondering, “10x faster? 80% cheaper? Surely there must be a catch, right?” Of course there is. When you set up your bucket, you need to select a specific Availability Zone where the bucket will live. No replication, or any of the multi-AZ/Region replication you see in normal S3 buckets. This means a massive reduction in redundancy, but for the right use case, that might be a small price to pay. The best use cases I have seen for this are high-throughput background tasks like training a model. You can colocate the hardware you train on and the S3 bucket in the same AZ to decrease latency. If the AZ falls over, no, it can’t fail over to another AZ, but it's a background worker, not your production API server. You will lose some training time, but your end customers will never see the site flicker. The “up to” 80% savings is huge, too. From what I can tell, this is because AWS doesn’t need to replicate your data out to other AZs and Regions. They save compute time and disk space by replicating your data, and you save big $$$. I love that S3 is offering up such a variety of storage options on all sides of the spectrum. On one side, you have [AWS S3 Glacier](https://aws.amazon.com/s3/storage-classes/glacier/) for infrequently accessed data, but highly redundant, and on the other side, you have S3 Express One zone being accessed super frequently with no latency but no redundancy. People complain about cloud storage costs a lot, but those costs can be avoided if you choose the right tools for the job. If you need help choosing the right tools for the job, feel free to reach out. --- ## [AWS just dropped ECS Daemons](https://schematical.com/posts/docsawsamazoncom_20260407) The concept of [Daemons](https://en.wikipedia.org/wiki/Daemon_(computing)) has been in computing for a long time. AWS just brought it to the world of cloud computing in the form of [ECS Daemons]( https://docs.aws.amazon.com/AmazonECS/latest/developerguide/managed-daemons.html). This feature appears to be specific to Amazon ECS Managed Instances, not Fargate which makes sense once you hear what it does. One of each of the daemon tasks would get booted up per managed ECS Managed Instance before any of the other tasks get booted up. From there, the Daemon task can do advanced orchestration and/or specialty monitoring of the other tasks that spin up on that instance. This new functionality should open up some interesting use cases/infrastructure designs. ## Question for you: What use case do you have for ECS Daemons? --- ## [CTO Coffee Hour - Axios: JavaScript’s most popular library ](https://schematical.com/posts/ctocoffee-040726_20260406) On today's episode, Matt is mostly riding solo and runs through Axios, JavaScript’s most popular library. Check out this detailed post on it: [One of JavaScript’s most popular modules has been compromised ](https://schematical.com/posts/630-axios_20260401) --- ## [AWS finally rolls out account/region-specific namespaces for S3 buckets](https://schematical.com/posts/account-regional_20260405) I am amazed [this feature](https://aws.amazon.com/blogs/aws/introducing-account-regional-namespaces-for-amazon-s3-general-purpose-buckets/) wasn’t rolled out years ago. I can’t imagine how many S3 buckets were misconfigured and crawled because of their global namespaces. Not only was it kind of annoying needing to find an S3 namespace that wasn’t taken for some S3 bucket you never planned to make public, but there were a ton of security implications there. I have heard of popular projects shutting down their S3 bucket and other people grabbing the bucket's newly released global namespace. This can be done for malicious purposes, like hoping the users of the old popular project will try to grab some files from the original S3 bucket, only to end up pulling a new malicious payload. On the other side of that, I have heard of new non-malicious parties grabbing the global namespace, not knowing about the namespace being used for the now-defunct popular product, and then getting spammed into oblivion by people still running the software pointed at that namespace. Basically, there are a lot of things that can go wrong if the bucket isn’t configured perfectly. So I am glad they are allowing you to create buckets that are unique to your account. It only took them [20 years](https://aws.amazon.com/blogs/storage/20-years-of-amazon-s3-a-storage-professionals-journey-to-aws-hero/)! If you want to know more about how to secure your entire AWS account, much less your S3 buckets, you should check out my On-Demand Video Course on O'Reilly [Zero to Hero on AWS Security: An Animated Guide to Security in the Cloud](https://www.oreilly.com/videos/zero-to-hero/0642572107789/) --- ## [TechDebt is coming to Steam!](https://schematical.com/posts/tech-debt-steam_20260402) For those of you who play games on PC at all, you will likely be familiar with [Steam](https://store.steampowered.com/), which is the biggest marketplace for PC games. After years of dabbling with publishing a real game on something like ItchIO I decided to take a swing at the big leagues. Now I aim to keep the scope down. From what I hear, spending 5 years building the game of your dreams is a sure way to shoot yourself in the foot. Small games iterated on quickly are the smart move. I still have plenty of content planned for Tech Debt, but this should keep me focused on content related to the core mechanics that already exist and prevent me from expanding the core mechanics into a full-out colony sim. We just got the Steam page cover art back from the artist I commissioned for the project, and I love it, they did a great job. The next step is to get a trailer cut so we can launch our Steam page. This is really exciting for me to publish a game on Steam, and hopefully not the last. With all this said, I had a client pop up with an interesting and urgent project that needed me to go hands-on with, so you won’t hear as much about Tech Debt in April. The good news is that I will give the video editor I am working with time to get the trailer up and edited. So that is it. Let me know what you think of the cover art. Any feedback is appreciated! --- ## [The US Government seems to think AI won’t replace software engineers. Are they right?](https://schematical.com/posts/to-think-ai-wont-replace_20260401) Digging deeper into the [BLS Data](https://www.bls.gov/ooh/computer-and-information-technology/software-developers.htm), it seems like the “Job Outlook” for 2024–34 will be 15%, which is “Much faster than average”. While I am quite certain that commercially available LLMs that exist in the market today are in no way capable of replacing a solid senior-level engineer, I am less confident in these job growth numbers. For starters, as I write this in March of 2026, those numbers seem to be based on 2024. Second, I found [a conflicting or possibly revised report on the same website from Aug 2025 that puts the 10 year growth projection numbers closer to 6.5% to 7.5%](https://www.bls.gov/news.release/ecopro.htm), but that groups SWE jobs in with a few other areas. And if that wasn’t enough, I found I could easily [trigger a 500 error on the BLS website simply by omitting a query string var](https://data.bls.gov/projections/nationalMatrix). Not that the error reflects on the quality of data, but you would think with the amount of tax dollars that go into the BLS, they would know how to return a [400 status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/400) when appropriate. What do I think? I think software engineering will look very different in 10 years. New jobs will emerge that we couldn’t have imagined. It will be like what a “Mobile App Developer” would look like to someone in the 80s/90s. Where do you think the Software Engineering field will be in 10 years? --- ## [One of JavaScript’s most popular modules has been compromised](https://schematical.com/posts/630-axios_20260331) Popular JS packages `axios@1.14.1` and `axios@0.30.4` are [compromised](https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan). This is pretty wild. Axios is pretty much the standard for making requests from any JavaScript application. It’s literally everywhere, executing trillions of times a day across millions of servers and in browsers everywhere… and it has been compromised. And to make things worse, there isn't even a malicious line of code checked into the [Axios](https://github.com/axios/axios) repository. It was a malicious dependency that was never actually imported anywhere, called [plain-crypto-js@4.2.1](https://www.npmjs.com/package/plain-crypto-js), which has since been taken down. I really wanted to see that source code. Evidently, there was an NPM [post-install](https://docs.npmjs.com/cli/v8/using-npm/scripts) script that ran and installed a cross-platform remote access trojan. This is crazier because it's bad on production, but if you ran an NPM install locally, not in a container, then it could do a lot of damage as well. Luckily, it seems [it was found pretty quickly](https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan), but [the dev community still went wild over it](https://github.com/axios/axios/issues/10604). This could have been and possibly still is really bad. It's always an odd feeling to have such disdain for the malicious parties that pull this crap while at the same time admiring the creativity and craftsmanship it takes to pull something like this off. Bottom line: If you are using Axios, double-check your dependencies pronto. If you have any machines that this ran on, you will likely need to wipe them and cycle all credentials those machines had access to. You don’t want this stuff running on your servers. As per usual, Fireship did a great video on this that [you should all check out](https://www.youtube.com/watch?v=o7NYXvYohYk). --- ## [CTO Coffee Hour - RAG (Retrieval-Augmented Generation)](https://schematical.com/posts/ctocoffee-033126_20260330) On today's episode, Matt & Dom talk about RAG (Retrieval-Augmented Generation) and also a little bit about how Matt's been using Gemini on all our graphics lately (got to give it to him, he's doing a great job with it). Read more about RAG here, [You have heard of RAG (Retrieval-Augmented Generation), but have you heard of V-RAG?](https://schematical.com/posts/production-w-v-rag_20260329) --- ## [You have heard of RAG (Retrieval-Augmented Generation), but have you heard of V-RAG?](https://schematical.com/posts/production-w-v-rag_20260329) V-RAG, or [Video Retrieval-Augmented Generation](https://aws.amazon.com/blogs/machine-learning/introducing-v-rag-revolutionizing-ai-powered-video-production-with-retrieval-augmented-generation/), is a technique for grounding video generation models using static images it queries from a vector DB/Index of static images. I know it sounds complicated and, if you asked me a few years ago, before I went deep down the rabbit hole of RAG and Vector DBs, I would have agreed, but in reality, it's relatively simple. Just feeding in text to a text-to-video model and hoping it will output what you want leaves plenty of room for error. With this technique, you send your input text to an embedding model that will convert it to a vector. That vector will be used to grab a handful of binary images relating to your query from a vector DB[A great use case for S3 Vector Indexes](https://schematical.com/posts/s3-vectorDB_20250817). You then send those images to the video generation model along with the prompt to help improve the final result. I suppose you could improve your outcome by adding a step after you have retrieved the images, but before you send them off to the model, where a human could cross-check the images and perhaps add some additional context to the images to make sure they showed up in order and were being used… or you could just send them. Your call. So there you have V-RAG. ## Question for you: What other adaptations of RAG (Retrieval-Augmented Generation) have you seen? PS: Had some fun with the image for this one. As always, I do the writing and my EA proofs it, but the image is AI. Let me know what you think. --- ## [AWS Data Exchange](https://schematical.com/posts/aws-data-exchange_20260326) Looking to keep your ML training data up to date so you can keep your AI models cutting-edge? Then you will want [AWS Data Exchange](https://docs.aws.amazon.com/data-exchange/latest/userguide/what-is.html) on your radar. It creates a streamlined way for dataset curators to manage and share their datasets with interested third parties looking to [train on that data](https://aws.amazon.com/marketplace/pp/prodview-zxtb4t54iqjmy?sr=0-3&ref_=beagle&applicationId=AWSMPContessa). While you can use it to get the latest [AWS Open Data datasets](https://schematical.com/posts/aws-open-data_20260325), there are fewer than a thousand datasets in there. Contrast that with the almost 5,000 datasets on AWS data exchange, some free but plenty commercial. For example, Equifax is selling plenty of user data in various listings, such as [Auto Loan datasets](https://aws.amazon.com/marketplace/pp/prodview-u4nm2lrkrhxpu?sr=0-18&ref_=beagle&applicationId=AWSMPContessa). I am curious if that could help predict the turmoil in the [private credit markets](https://www.youtube.com/watch?v=V0Hqtxmb61A) we are seeing right now. Either way, if you are looking to sell or give your datasets for others to train on, or you are looking to license datasets to train your own models, you will want to check out AWS Data Exchange. If you need help getting your ML/AI project off the ground, feel free to [set up an initial consultation with us](https://schematical.com/consulting). --- ## [Looking for free data to train …. Well, basically anything?](https://schematical.com/posts/aws-open-data_20260325) Let me introduce you to [AWS OpenData](https://aws.amazon.com/opendata/). AWS generously [hosts hundreds of free / open source data sets for you to train your models with ](https://registry.opendata.aws/). Data sets ranging from [Genes](https://registry.opendata.aws/czi-cellxgene-census/) to [Satellite Data for farmers](https://aws.amazon.com/blogs/publicsector/bringing-world-class-satellite-imagery-smallholder-farmers-open-data/?did=psr_card&trk=psr_card). Even data as obscure as [mapping the brains of fruit flies](https://registry.opendata.aws/janelia-flylight/) can be found in Open Data. Seems rather philosophical, right? Absolutely, but I am sure that it occurred to them that people would have to train models with this data and run inferences, and what better place to do that than on hardware rented from AWS. If you are looking for some datasets to help create a force multiplier for your AI/ML project, then you should check out AWS Open Data. And if you are looking for some help to bring your AI/ML project to life, feel free to reach out to [my team and me](https://schematical.com/consulting). That is what we do! --- ## [AI Agents can not make payments on your behalf using “Stablecoins.”](https://schematical.com/posts/x402_20260324) …What could go wrong? The 402 Payment Required status code has been around for a long time, and I am glad someone finally put it to use. What better way to use it than to fend off armies of AI agents stealing your precious content and regurgitating it as if it were their own ideas by charging them a small fee? This theoretically can be done with the use of the [x402 protocol](https://www.x402.org/). A protocol that [AWS Agent Core seems to have gone all in on](https://github.com/aws-samples/sample-agentcore-cloudfront-x402-payment). I know I throw a lot of shade at AI Agents/LLMs being overused, but I am bullish on the technology on a long enough time line, as long as it is being used strategically and not shoehorned into every aspect of every product. I haven’t really spoken out on crypto, but as a technology, I love it; as an investment device, I am a lot more skeptical. Maybe it’s just me, but giving AI Agents, which don’t have a great track record of decision making, the ability to spend a currency that is so volatile they need to slap the word “stable” to the front of it to get people to think it’s not a ponzi scheme seems a little risky… Don’t get me wrong, if I had a website with content interesting enough that agents wanted to pay me to access the content, I would take the payment in whatever form they are willing to pay me in. With that said, I would be curious what your thoughts are on this? What could possibly go wrong? --- ## [CTO Coffee Hour: Where is the Tech Sector job market heading?](https://schematical.com/posts/ctocofee-240326_20260323) On today's episode, Matt & Dom take a look at where the Tech sector job market heading in this new year. --- ## [AWS’s new hidden `ExtendedSupportYr1_Yr2` charge for older versions of RDS and Elasticache](https://schematical.com/posts/aws-elasticache-extended_20260322) AWS’s new hidden `ExtendedSupportYr1_Yr2` charge for older versions of RDS and Elasticache AWS just snuck in a new hidden charge that adds up quickly. In the case I found recently, the costs were over a hundred dollars PER DAY (Not per month) As of February 1st, 2026, you might see a line item that includes the text `ExtendedSupportYr1_Yr2` something like `USW1-ExtendedSupportYr1_Yr2-NodeUsage:cache.r6g.4xlarge` snuck in there. From what I observed, that new additional cost was over 50% of what the hourly cost for the instance was, effectively jacking up the price of the instance. Now it sounds like I am hating, but I kind of understand why they did this. Let's examine their other options: ## Shut down your instance. Obviously, this would disrupt your service, so not an ideal option. ## Auto update your cluster: This could cause some version issues that introduce breaking changes, so again not ideal. ## Charge more until you fix it: Not ideal, but if you're not checking your notifications and/or not taking action to fix it, what else are they to do? Maintaining software that is out of date with the SLAs/uptimes AWS boats is not easy, and it sure is not cheap. **Recommended Action:** Double-check your AWS bill to make sure you're not paying this extra tax on older RDS/Elasticache versions. If you need help doing this or migrating to the latest, feel free to set up a time to chat with me. It's what I do for a living. --- ## [Alternative data points to measure the volatile state of the tech industry](https://schematical.com/posts/swd-job-numbers_20260319) In [a recent post I did on the volatile state of the software development industry](https://schematical.com/posts/590-swe-job-rising_20260311), I had an excellent series of comments by [Mitchell Mason](https://www.linkedin.com/in/mitch-mason/), so I figured I would share them with you all. ``` It’s an interesting data point that I’ll see referenced from time-to-time. I’ll point out what others do: that measuring the volume of roles posted to Indeed is probably not a super-accurate reflection of the state of hiring (although certainly not a useless one). It can be influenced by jobs posted for reasons other than hiring (ghost jobs that make the company look better), and doesn’t consider other hiring platforms or direct referral hires. It’s very much a quick-reference pulse-check. I think the bigger gap is that it only measures the volume of software development jobs, but it can’t say anything about what level of experience is being asked. The biggest demographic that’s been struggling since the highs of 2022 is junior developers (especially new grads). ``` I went on to ask them what data points they recommend, to which they responded with the following: ``` I mostly reference BLS data, although that’s pretty rosy by comparison. All the same, there are a lot of different angles you can look at, as opposed to just this one trend line. ``` For those of you who had to Google “ BLS data” because your morning caffeine had not quite kicked in yet, as I did, it’s the [US Bureau Of Labor Statistics](https://www.bls.gov/). I’m actually familiar with it, and it's my understanding that, as he pointed out, the data in the BLS is “rosy” and often is published high, then a few months later revised down. They do have pages [dedicated to Software Engineering](https://www.bls.gov/ooh/computer-and-information-technology/software-developers.htm) that indeed paint a “rosy” picture that I am not sure is currently reflected in the market, but is still worth a look. With that all said, let me ask you, where do you go looking for data on the industry? Are there any data points you think are worth diving deeper into? --- ## [AWS QuickSuite’s MCP server integration is actually… pretty decent](https://schematical.com/posts/quick-suite-mcp_20260318) Last week, I got the chance to wire in an MCP server to QuickSuite and aside from needing to jump through a handful of hoops for SSE authentication it went pretty well. You basically need to set up an OAuth application to get it to connect, but once you are past that, the connection was pretty seamless. Another nice thing that they don’t have yet, but I am sure they could easily add, would be the ability to limit the scope of what tools the agents get access to. By default, they had access to all the tool calls, but since it is primarily a reporting software, at least for my current use case, it would be nice for me to be able to specify what tool calls it can access. As of yet, I have not seen anything that would indicate I could control that. Is this groundbreaking or just AI showmanship? With all things, the real value comes with how we use them to extract data and improve our workflows. I have been given access to a team to play with this tech. I will let you know if this actually yields any real gains in productivity. ## Question for you: If you are using QuickSuite, what are you using it for? What integrations and data sources are you using, and how are they working out for you? --- ## [You can now run OpenClaw on Amazon Lightsail… but should you?](https://schematical.com/posts/openclaw-on-amazon_20260317) You can now run [OpenClaw](https://openclaw.ai/) on [Amazon Lightsail](https://aws.amazon.com/lightsail/)... but should you? [Amazon just announced you can run OpenClaw on AWS Lightsail](https://aws.amazon.com/blogs/aws/introducing-openclaw-on-amazon-lightsail-to-run-your-autonomous-private-ai-agents/). I will say that if you are going to run OpenClaw, running it in a containerized fashion (even better on a fresh hardware instance) is 100% better than installing it on your local computer with full access to your hard drive, tax documents, saucy pics, etc. As a business move, it is kind of genius on AWS’s part, mainly because the version of OpenClaw they allow users to boot up is preconfigured to point at [AWS Bedrock](https://aws.amazon.com/bedrock) as its model provider. So not only are you paying them hourly for the Lightsail instance, but also for every single token OpenClaw uses with reckless abandon. Is this good for you, the consumer? As with anything, it's how you use it. Some of the more entrepreneurial of us will likely find a use case that turns an ROI. Since it appears that the LLM hosting business is a race to the bottom, and certain "cutting edge” businesses will likely find their business model as viable as many of the late 90s .com business models, then perhaps running on AWS, which has a bit more stability, would be prudent. What are your thoughts? Would you run OpenClaw? If so, what hosting provider would you choose and why? --- ## [CTO Coffee Hour: Tech Debt The Video Game new updates gameplay ](https://schematical.com/posts/ctocoffee-031726_20260316) Watch the updated and really improved Tech Debt The Video Game gameplay. Packed with all the new updates. If you haven't already checked it out, here it is: https://schematical.itch.io/techdebt --- ## [Tech Debt The Video Game is really starting to come together](https://schematical.com/posts/tech-debt-update_20260315) [Tech Debt The Video Game](https://schematical.itch.io/techdebt) is really starting to come together. It is far more playable and less glitchy than ever before, and it actually feels like a game. The Meta Challenges are working and allow you to unlock new tech with each run. I added the concept of “Latency,” so, like in the real world, the more overloaded your servers are, the slower your network packets get processed. To keep you on your toes, the further into the game you get, the more stringent the latency requirements become. There are now 4 different Sprints (AKA Levels) you can play through: - Launch Week - Just getting started. - User Signup/Login - Gets you started handling your users’ Personally Identifiable Information(PPI), which, if it gets into the wrong hands, will cost you dearly. - Email Server - In this sprint, you will need to research and set up an email server to increase your profit margins. - Mobile Notifications - Pretty much the same, but with mobile notifications (Don’t worry, more variety is coming soon). There are 2 other placeholder levels in there that have randomly generated level modifiers to make them semi-unique, but they don’t have a great focus yet. There are a few new Release Rewards as well: - Database Indexes - Minimizes Network Packet Latency when hitting the dedicated DB - Multi-Threaded Processing - Decreases NetworkPacket Latency when hitting the Application Server - Contract Work - Allows you to earn a little extra cash to keep the lights on. - Tech Debt - Already existed but has been reworked. If the Tech Debt gets high, you will see an increase in events like Bugs and XSS Attacks. I also added Code Pipeline, so you can automate your deployments. This means your team can keep focused on researching and building new tech. The Sales Page Optimization reward has been beefed up, so you may want to focus on that to ensure you have enough cash to make it further into the game. That and about a million little tweaks and bug fixes. Meanwhile, I am taking a course on how to market a game on [Steam](https://store.steampowered.com/). If you know anyone who has done that before, I would love an intro. --- ## [Are you considering using AI Agents to manage your IaC and infrastructure?](https://schematical.com/posts/592-maybe-my-job-is-safe_20260312) Are you considering using AI Agents to manage your IaC and infrastructure? If so, then you will likely want to [read Alexy’s detailed write-up of this nightmare scenario](https://alexeyondata.substack.com/p/how-i-dropped-our-production-database) where Claude Code had some fun nuking production infrastructure. Also, I want to thank Alexy for being willing to share this painful story as a cautionary tale. Hopefully, it helps someone else from enduring such a painful experience. But really, are you considering using AI Agents to manage your IoC and infrastructure? What would you do differently? --- ## [The volatile state of Software Engineering Hiring](https://schematical.com/posts/590-swe-job-rising_20260311) One of my less healthy habits is to doomscroll a [subreddit called /r/EconomyCharts](https://www.reddit.com/r/EconomyCharts/). I much prefer numbers and cold, hard data when possible. Recently, I found [a post](https://www.reddit.com/r/EconomyCharts/comments/1rf8tzb/the_software_industry_is_apparently_dying_but_job/) that showed an abrupt uptake in the number of [SWE jobs posted on Indeed](https://fred.stlouisfed.org/series/IHLIDXUSTPSOFTDEVE). Initially, I thought “Amazing,” but my skeptical nature led me to dig in deeper. That increase was fairly recent, only really taking off in January 2026. Additionally, starting Feb 21st, it seems to be dropping off at a much faster pace than it rose. Zooming out as far as that chart can go, back to February 2020, we can see we are still only at 70% of prepandemic levels. What does this mean? I honestly don’t know, but I remain optimistic on a long enough timeline. I am sure SWE jobs will adapt and change, similar to how most bakers no longer stock their ovens with wood and instead rely on gas or electricity to bake their goods. Random: I will point out that the FRED datasource for this does not yet track job postings for “Prompt Engineers" quite yet… and hopefully never will. --- ## [ How secure are your credit card payments on AWS?](https://schematical.com/posts/aws-payment-cryptography_20260310) Personally, for my internal projects, I lean on Stripe. My bigger clients use a variety of payment options. Well, AWS has its own offerings if you want to go to the metal and really go hand- on with your cryptographic operations. Honestly, I personally don’t have a great use case, but I wanted to put [AWS Payment Cryptography](https://us-east-2.console.aws.amazon.com/payment-cryptography/home?region=us-east-2#/home) Service on your radar in case you did. From what I understand, it allows you to do some of that advanced payment cryptography that meets PCI standards inside of your AWS Account, meaning you don’t have to send it out to a 3rd party. That makes one less place you could potentially have your sensitive information exposed. Out of curiosity, let me know if you are using AWS Payment Cryptography, or if you have a use case that could benefit from it? --- ## [CTO Coffee Hour - Open Source & AI Slop ](https://schematical.com/posts/ctocoffe-031026_20260310) On this week's CTO Coffee Hour, Matt and Dom talk about  Open Source and AI slop. We touched more on this on last week Friday's post, check it out here:[ AI slop is destroying opensource](https://schematical.com/posts/ai-is-destroying-opensource_20260305). --- ## [Would you pay AWS to have them attack your website?](https://schematical.com/posts/aws-security-agent_20260309) Well, soon you will be able to with [AWS Security Agent](https://aws.amazon.com/security-agent/). AWS Security Agent does a few things, such as code reviews, which I would be curious about what models they are using under the hood for, and how they fine-tuned it, but that information isn’t public yet, to my knowledge. The feature I find most interesting is its on-demand penetration testing. It makes you wonder how wild things can get if you give an LLM access to [Kali Linux](https://www.kali.org/) and tell it to go nuts. I’m sure AWS’s implementation is a bit more nuanced, but I am still curious how off the rails it can get when simulating an XSS or SQL injection attack. It takes some of the fun out of pen testing, honestly. I rather enjoy finding crazy ways to blast through my client’s security during a security audit; Feeding in inputs they never expected, jacking sessions, and much more. With that said, I can’t wait to get my hands dirty with AWS Security Agent to see how it works. Let me know if you want to see a deeper dive or a video on it. If you aren't ready to delegate 100% of your infosec to an agent yet, you should check out my On-Demand Video Course on O'Reilly [Zero to Hero on AWS Security: An Animated Guide to Security in the Cloud](https://www.oreilly.com/videos/zero-to-hero/0642572107789/). --- ## [ AI slop is destroying opensource](https://schematical.com/posts/ai-is-destroying-opensource_20260305) AI slop is destroying opensource. A little while ago, [Jeff Geerling](https://www.youtube.com/watch?v=bZJ7A1QoUEI) dropped a video addressing a handful of situations where AI agents were generating garbage code and submitting it as pull requests to various open-source software. Then, when the pull request was not accepted, because it was garbage, the AI Agent started harassing the maintainers with spam comments. Now I am curious how the maintainers knew 100% it was a bot and not some “neck beard” hyped up on Mt Dew, but I suppose if the speed of the code/comments far exceeds what is humanly possible, you can infer it's a bot. He further went on to describe how valuable bug bounty programs, which normally allow white hat (Good guys) hackers to report bugs and security exploits in exchange for an incentive like cash, are being spammed with AI slop as well. This one is likely worse than the open source problem because there is an additional financial incentive. I have followed [Jeff Geerling](https://www.youtube.com/@JeffGeerling) for a while now, and he is not the type to sensationalize or otherwise scream that the sky is falling. These are real problems; this is not to say that there is no value in AI or anything like that. I am just pointing out some real-world events happening now and pointing out that important infosec programs shutting their doors will likely have a significant effect on our industry… not a good one, I am afraid. What do you think? --- ## [AWS SES Email Validation](https://schematical.com/posts/ses-email-validation_20260304) Sick of seeing high complaints, low engagements, and high bounce rates when sending emails from your application? Don’t worry, AWS recently launched Email Validation for SES. This helps you improve your reputation and your deliverability using their Auto Validation tool. The tool reviews all outbound email addresses, then only allows delivery of the ones that match thresholds you can set ahead of time. This will stop delivery of emails to targets that are likely to bounce or hurt your [domain’s reputation](https://aws.amazon.com/blogs/messaging-and-targeting/the-four-pillars-of-email-reputation/). Question for you: How are you protecting your outbound email reputation? --- ## [AWS AgentCore Browser Proxies](https://schematical.com/posts/aws-agentcore-browser_20260303) AWS AgentCore allows you to proxy [agent browser sessions](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/browser-proxies.html) around the world. I both love and hate this feature. As the guy writing scrapers, I love the fact that I can now proxy my agents around the globe. As the guy fending off bot attacks, these AI agents can really bounce around, making it hard to track. The good news from a security perspective is that, despite AWS 100% having the ability to proxy the requests for you, instead they require you to bring your own proxy servers. I think this will dial back the ease at which this could be abused slightly… only slightly, because it would take me all of a few minutes to set up an account with a proxy service that is indifferent to whether or not the traffic it proxies is malicious, and give the agent access to that account. Let's assume in this case the agent is being used for legitimate reasons, and you had some on-prem tasks that needed to be performed on your local network. You could spin up a proxy, then give the agent access to the proxy to do the work. Alternatively, you could probably also just run your agent locally. Aside from malicious activity, I actually don’t have the best use cases for this yet, but I am excited to play with it. What would be your use cases for AgentCore Browser Proxies? --- ## [CTO Coffee Hour: Tech Debt The Video Game Live Update](https://schematical.com/posts/ctocoffee-030326_20260303) On this episode, watch Matt & Dom play the new and updated Tech Debt The Video Game Live. If you want to try it for yourself, check it out here: https://schematical.com/game --- ## [Tech Debt The Game Update 3/2/2026](https://schematical.com/posts/tech-debt-devlog_20260301) I have been obsessively working on [Tech Debt - The Video Game](https://schematical.com/game), and it's been paying off. The biggest update in this release is breaking the “Product Road Map,” which is sort of like a dungeon map, or if you are familiar with the game [Faster Than Light (AKA: FTL)](https://store.steampowered.com/app/212680/FTL_Faster_Than_Light/) its very similar to their mapping system. This breaks the game into short 5-day “Sprints” (Levels) which, after the first level, have semi-random modifiers applied to them. Each sprint will have a launch day at the end, which will also have its own unique modifiers applied to it. This should make the game much more re-playable as you unlock new modifier/reward combinations. For example, you might have a modifier on the amount of traffic you will encounter or the rate at which your infrastructure accrues “tech debt”. Speaking of tech debt, the more tech debt you have, the higher the likelihood that negative events will happen, like bugs spawning or XSS script attacks. The good news is that the core game loop is coming together nicely, and it actually feels like you are playing a game and not just a simulation. The bad news is that I have completely neglected the UI while I focused on the core game loop. So there are a lot of under-the-hood game stats that are being displayed in a text format that is not pretty or easy to understand. I hope to fix this soon, but the programmers/stat geeks might find it interesting. I also had to remove the Tutorial temporarily as it needs to be updated to work with the new Sprint system. On the plus side, during the last playtest, I noticed that the game was more stable. Though there were a few times it froze, I think I fixed most of them. You should be able to get to the end of Sprint 2 before you run out of content. My goal is to keep going hard on the core development through the end of March and have something that is much more stable and flushed out for a possible launch on Steam. I have commissioned some Steam page art. The image for this is just some AI-generated stuff I used to communicate the ideas to the artist and will **NOT** be used in the end product. If anyone is willing to jump on a call and let me watch you run through a play test, let me know. ~Cheers Matt --- ## [New Podcast Episode: Preparing CISOs for AI & Cloud Risks in 2026](https://schematical.com/posts/life-of-a-CISOpod_20260226) Matt joined Dr. Eric Cole on Life of a CISO to talk about what security leaders should prioritize heading into 2026: cloud resiliency, outage readiness, and the real security tradeoffs as AI adoption accelerates. **[🎧 Listen here](https://podcasts.apple.com/us/podcast/how-cisos-should-prepare-for-ai-and-cloud-risks-in/id1458386656?i=1000751754573)** Enjoy! ~The Schematical Team --- ## [Want to save up to 95% on your AWS Athena costs?](https://schematical.com/posts/aws-athena_20260225) Want to save up to 95% on your AWS Athena costs? I love AWS Glue + Athena for long-term data lake storage. The problem is with the pricing, especially if you want to make small, frequent queries. First off, of course, you should use partitioning to ensure you only query the data you need. Beyond that, up until recently, you would have to pay the full rate. As of [February 10th, you can now reserve capacity at a cost savings up to 95%](https://aws.amazon.com/about-aws/whats-new/2026/02/amazon-athena-one-minute-capacity-reservations/). The regular pricing is based on the amount of TB scanned, but if you use the reserved capacity, there are no charges for data scanned, just per DPU hour billed per minute. This is a win-win as AWS gets that lovely, predictable income, and you get a massive discount. Need help figuring out other places where you can save up to 95% on this and other parts of your AWS bill? Use the link below to set up a call, and let's chat! https://calendly.com/schematical/consultation --- ## [Are you getting an INTERNAL_SERVICE_ERROR while trying to add a new data set to Quick Suite?](https://schematical.com/posts/aws-quick-suite_20260224) As much as QuickSuite promises, its error handling for importing data sets is severely lacking. Instead of telling you why they can’t process your data, they just present you with an `INTERNAL_SERVICE_ERROR` , and when you [look up what that means](https://docs.aws.amazon.com/quicksuite/latest/userguide/errors-spice-ingestion.html?icmpid=docs_quicksight_console) it simply states `An internal service error occurred.` (No duh…). As it turns out Quick Suite really doesn't like glue [`Map` fields](https://docs.aws.amazon.com/athena/latest/ug/data-types.html), and I am assuming any other field that isn’t just flat data that you would put in an old-fashion excel sheet. So what do you do if you want to import nested data? I was able to hack around this by adjusting the Athena query that gets run when the data is imported by converting the complex field into a JSON string, then in the data set pipeline, creating custom fields for each of the nested map fields. Basically, `json_format(myMapField AS JSON)` will do the trick. It’s tedious and makes things much less dynamic, but I can see why they would want you to explicitly state the fields coming in so they can be indexed. It just makes it difficult to create a dynamic event-driven architecture system. I hope that by posting this in the future, someone facing the same problem someday will find this and save themselves hours of banging their head against Quick Suite. If you need help scaling up your AWS infrastructure without breaking the bank, feel free to set up a consultation. --- ## [CTO Coffee Hour: LLM Benchmark ](https://schematical.com/posts/ctocoffee-022426_20260224) On today's CTO Coffee Hour, Matt & Dom talk about some interesting ways they are benchmarking LLM models. --- ## [Can your LLM of choice run a food truck?](https://schematical.com/posts/ai-foodtruck_20260222) This is probably not the question most people are pondering, but it is an [interesting LLM benchmark that is gaining in popularity](https://foodtruckbench.com/). You can even [play the simulation yourself](https://foodtruckbench.com/play) to see how you score on the benchmark. As a business owner, I find this fascinating. Out of the top 14 models, only 4 of them managed to not go bankrupt, and one of those top 4 managed to still get a -31% ROI. Now you might be wondering, are those winners possibly just a fluke? Each model was run 5 times, so either they were really lucky 5 times in a row, or they actually had some skills. Another interesting part is their “notable findings” section, where you can see Gemini 3 Flash got stuck in an infinite reasoning loop, or that any model that used the loan system went bankrupt. In the end, I am not sure how useful this will be in real life, but I am amused watching these LLMs compete in simulations like these. I realize running a business is more complicated than playing a videogame but at the same time, there might be some merit there. ## Question for you: Would the results of this simulation or other similar simulations influence which LLM model you chose to help run your business? --- ## [TechDebt Update 2/20/2026](https://schematical.com/posts/td-2-20-2026_20260219) I have been working hard on the next version of TechDebt, but… sadly today it doesn’t look like I am going to have anything stable quite yet. Here is what I added, but it isn’t quite ready for prime time: Added our first Boss in the form of a cross-site scripting attack that steals traffic from your servers and redirects the traffic to their own servers. Added the concept of a Sprint, which will help split up the various levels so it doesn’t feel like one long drag. Added indicators that show how the economy works a lot better with a satisfying coin flip. It’s starting to feel like an actual game instead of a simulation. What is next? First, I have to stabilize it from the major changes I made. Once that is done, I am planning to start work on the second level which will likely have more cybersecurity challenges. If you are interested in playing, check it out at https://schematical.com/game --- ## [Progress over perfection or just really low standards?](https://schematical.com/posts/we-are-all-going-to-have-to-loosen-up_20260218) Is “loosening up” or lowering our standards a good idea? To be clear, I am in favor of embracing AI tools when it makes sense to. What I am concerned about is the idea that we should lower our standards where it counts. The question then is where we should be lowering our standards and where we should absolutely not? How about efficiency for scalability? Well, if your app isn’t likely to need to scale up to millions of users in the near future, then perhaps you can drop your standards there. How about bugs? Just silly, annoying bugs? To be honest, in the early prototype for [Tech Debt The Video Game](https://schematical.com/posts/tech-debt-game-update_20260115), I sent it live with some bugs, but mainly to get some feedback. Security comes first and foremost in my opinion. Malicious attacks are more prevalent than ever. But if you're just prototyping, perhaps you can relax on this a bit, just don’t let your servers/code/etc. get weaponized against you. As I write this, I see a pattern here. Perhaps you can set your standards lower while prototyping, but then again, no one expects a prototype to be a fully flushed out scalable, secure app. If you are building something for production, to scale to millions of users and put food on the table for you and your team, perhaps you shouldn’t set your standards too low. Velocity is great, but the direction you are going and the ability to sustain that trajectory without catastrophic failure are important once you have passed that ever-vital validation/prototyping phase. With all that said, the author of this post is selling the AI equivalent of a shovel and pickaxe for this AI goldrush. It seems peculiar that they are asking their potential customers to lower their standards. Imagine if a restaurant asked you to lower your standards for their food… seems odd, right? I don’t mean to demean the author of that post, just pointing out the opposing incentive for the seller and the buyer. What are your thoughts? Speaking of security, if you are looking to beef up your AWS security skills, you may want to check out my on-demand video course on O’Reilly: [Zero to Hero on AWS Security: An Animated Guide to Security in the Cloud](https://www.oreilly.com/videos/zero-to-hero/0642572107789/) --- ## [Amazon Bedrock AgentCore Browser Custom Extension](https://schematical.com/posts/amazon-bedrock-agentcore_20260217) You can now give your AWS AgentCore Agents custom browser extensions to enhance their productivity. If you have been following me for a while, I am not of the mindset of [Stick an LLM in everything and call it AI](https://schematical.com/posts/comic-just-slap-a-chat-agent_20251210) , but when I see a good fit, I will call it out. I have built many search engines over the years, often ones that scraped the web for data. Adding an agent to assist in the web scraping actually can add significant value to help overcome hurdles, extract non-uniform data, and speed up the ingestion process. What if you wanted to take it to the next level and give your agent an additional set of tools in the browser? Good news! [AWS AgentCore allows you to give your agents access to custom browser extensions](https://aws.amazon.com/about-aws/whats-new/2026/01/amazon-bedrock-agentcore-browser-custom-extensions/). What can you do with this? You could give the agent the ability to cross-reference data it finds on the page with an extension. For my purposes, I could use the [Built With Browser Extension](https://aws.amazon.com/about-aws/whats-new/2026/02/bedrock-agentcore-browser-proxy) all the time to see what technologies people are using for their website. I could see an agent doing that research for me. You could use the extension to enhance the agent’s data collection abilities or just keep it on track by forcing constraints on the data collection. You could take the simple repetitive part of the data collection and hard-code it so it runs cheaper and is less prone to hallucinations/mistakes while still utilizing the creative problem-solving of the agent. I almost want to start writing another webscraper just so I can play with this tech. ## Question for you: Do you have a use case for this tech? I would love to hear about it. --- ## [Comic: Premature Optimization](https://schematical.com/posts/comic-premature-optimization_20260216) Premature Optimization --- ## [AWS “Durable” Lambda Functions](https://schematical.com/posts/aws-lambda-durable_20260215) Sick of having to manually configure AWS Lambda state management for longer, more complex functionality? AWS released “Durable” functions allows you to code your functions so that they behave in a state-aware manner. They introduced the concept of steps and callbacks (Not just your regular JS callback before they introduced `async` and promises). So when you call their new `@aws/durable-execution-sdk-js` framework specifying code to be run when the lambda is invoked with a specific callback ID, it will pick up where you left off. Tracking all this state forever would use up a lot of long-term memory, so, like LLM caching in bedrock, there is a limitation on how long Lambda retains the state. The good news is that you can configure this in the lambda’s configuration. My only fear with this is platform lock-in. If you write your lambdas in this way, it would be more difficult to migrate off of AWS if you ever had to. If that is not an issue for you then don’t worry about it. I plan on doing a longer post on cloud vendor lock-in soon. Overall, I am excited to give these a try. *PS: The image is AI-generated, but the writing is not.* *Let me know what you think of me playing with AI images to spice things up a bit. Like it or hate it?* --- ## [Humans are pretending to be bots now?](https://schematical.com/posts/bots-pretending-to-be-human_20260212) We live in a weird world where bots pretend to be human, and humans pretend to be bots. I have been trying to stay away from the Moltbot madness that seems to be going around, but this caught my attention. From my limited understanding, they launched a social network specifically for LLMs. I could possibly see that being interesting, but I am much more sure that it would be a giant waste of money on the computing power for it. Quickly, claims came out that the bots were planning an uprising and they had created their own religion. Then this morning, one of my Discord mods (Thanks, C.E.) posted [an article from the MIT Technology Review saying it was all fake and humans created those posts](https://www.technologyreview.com/2026/02/06/1132448/moltbook-was-peak-ai-theater/). We truly live in strange times where my clients and I fend off a plethora of bot attacks every week from LLM-powered bots posing as humans for all sorts of malicious and non-malicious reasons. But now, to make things even weirder, humans are pretending to be bots to hype their own projects, potentially for malicious reasons. Honestly, at this point, I am not sure what to believe. So I suppose the moral of the story is to stay vigilant and double-check your sources. --- ## [Nvidia's Open Source Virtual Robot Training Software](https://schematical.com/posts/robotic-physics_20260211) I suppose it's no surprise that, as a child, I was really interested in robotics, and I still am as an adult. The Schematical logo is a robot after all. My career took me towards software and the cloud, but I think I just found a place where the 2 paths may converge in the form of [Nvidia’s open source robot training software called “Isaac Lab”](https://developer.nvidia.com/isaac/lab#section-ecosystem). Building robots is expensive, and allowing them to stumble around in the real world can prove dangerous, time-consuming, and costly. What if it trips and breaks a leg? Now you have to rebuild that part and replace it. But what if there was a virtual environment where we could train thousands of different bot control systems in parallel at an insanely fast speed? The bot trips and breaks a leg in there, and a few milliseconds later its back on its feet with a slightly tweaked version of its neural net ready to attempt to solve the exact same challenge. That way, when you go to the real world, you know you have a neural net that is the best of millions of variations that has solved thousands of challenges piloting your expensive physical hardware. It’s a pretty amazing approach. Why am I writing about this? I find it fascinating, and I would love to work on a project involving robotics someday… just putting it out there in case anyone knows anyone working on a project like that which could use a hand. --- ## [Tech Debt (Not my game) is an asset now?](https://schematical.com/posts/tech-debt-is-an-asset_20260210) Could all the tech debt being introduced by AI-generated slop code actually be an asset? For example, let’s say you got a mortgage with a fixed, low rate before inflation kicked in. The debt you have to repay gets smaller and smaller compared to the rate of inflation, while your house is appreciating as fast or faster than inflation. Is this the case with these AI-generated code bases? Possibly, possibly not. First, in my experience, code doesn’t appreciate. It depreciates and becomes obsolete and needs more upkeep over time. Now, the value of getting whatever that code does today might have an advantage. Second, this assumes that the cost of AI continues to go down while the quality consistently gets better. I can see an argument for that being inevitable, but I also heard similar arguments about the US housing market in 2006. AI continuing to get better is the popular sentiment right now, so it feels safe, but if it doesn’t or demand drives the price up and makes it scarce, then you would be on the wrong side of this trade. My thoughts: As much as I like [leveraging tech debt](https://schematical.com/posts/leveraging-tech-debt_20251225), I would treat this like any other investment and make sure I don’t get in over my head. What are your thoughts about AI-generated tech debt being an asset in this modern era? --- ## [CTO Coffee Hour: Getting Out of the Gate in Cloud & DevOps — Starting Your Tech Entrepreneur Journey](https://schematical.com/posts/ctocoffee-021026_20260210) In this episode of CTO Coffee Hour, Dom & Matt respond to a listener question about how to get out of the gate when starting a cloud and DevOps–focused entrepreneurial journey. They discuss why cloud and DevOps don’t simply end when a project ships, what ongoing responsibility and operations really look like, and how founders and engineers should think about long-term ownership from day one. The conversation offers practical perspective and early-stage guidance for builders launching technical products and services. --- ## [AWS Bedrock Converse Now Support Structured Outputs](https://schematical.com/posts/aws-bedrock-structured_20260208) Sick of your LLMs responding with invalid gibberish when you ask for a structured response? Well now, if you are using AWS Bedrock, you can get it to respond with a structured schema. I have been using this feature in N8N and was curious why it was not in Bedrock Converse. Today I was more than pleased to see [they added it](https://aws.amazon.com/blogs/machine-learning/structured-outputs-on-amazon-bedrock-schema-compliant-ai-responses/). According to their documentation it supports quite a few [JSON Schema](https://json-schema.org/) features, but not all of them. As you all know I don’t think we should be shoving LLMs and Agents into every product, but when you do it's nice to validate their output with a schema. **Question:** How are you validating your LLMs output? --- ## [Legendary items and level-ups are now in Tech Debt The Game](https://schematical.com/posts/techdebt-0012_20260205) The biggest thing in this week's release is the level-up rarities and their animations. Any level up for both the NPC or as a reward for completing a code release will result in the possibility of the reward being upgraded to a higher rarity. This means Common rewards will get updated to Uncommon, Rare, Epic, or Legendary, which will improve their effectiveness. You will likely also notice that the NPCs you control have been randomized and that their animations have been tweaked. They also face away from you when running upwards. I spent way too much time making a pipeline to import and randomize them, but hopefully, it adds a nice touch to the game. Let me know what you think. Beyond that, I fixed a ton of little things found by our early playtesters. If you want a comprehensive list, [check it out on Discord](https://discord.gg/yFDKNDBquZ). What’s next: We have a basic gameplay loop, so now I think it's time to add a little variety. Enemy variety needs to be improved, so I will be adding in more enemies than your garden variety “Bug”. They will be personifications of real-life cyber attacks and will have similar mechanics. Reward variety needs to be improved as well, so the player has more agency over their runs. This will need me to add in more stat types for the NPCs that will affect the various mechanics in new and interesting ways. With that said, I am looking for more play testers, so if you are interested, take a minute to screen record yourself trying a run or two and send it my way. --- ## [Looks like AWS is making a play to grab market share from ChatGPT](https://schematical.com/posts/aws-quicksuite_20260204) AWS’s [Quick Suite](https://aws.amazon.com/quick/) looks to be a product for non-technical people to better manage business operations. It seems like a business-focused version of the ChatGPT or Gemini interfaces with a few other winning features. Their [Amazon Quick Automate](https://aws.amazon.com/quick/automate/) looks like it is a competitor for N8N or Make. Is it some amazing new groundbreaking technology? Not from what I can tell at the moment. It's more like AWS taking some of the best ideas from their competitors and implementing them in one spot, which, while likely being a good business move, is still not really all that innovative. I will say that I am eager to see how it natively integrates with other existing AWS systems. That could be interesting. I’ll be exploring different use cases for Quick Suite as time goes on. Do you have any groundbreaking use cases for this, or is it just another ChatGPT clone? --- ## [How AI assistance impacts the formation of coding skills](https://schematical.com/posts/how-ai-assistance-impacts_20260203) A few days ago, [Anthropic published a study on how new developers progress using AI assistance vs not using AI](https://www.anthropic.com/research/AI-assistance-coding-skills). Now you might think that the guys selling the shovels for the vibe coding AI gold rush might want to skew the data in their favor, but here are the results in their own words: ``` The AI group averaged 50% on the quiz, compared to 67% in the hand-coding group. ``` So those of us who choose to do it the old-fashioned way still have an advantage over delegating our thinking to AI. “Old-fashioned” is relative, as software and software engineering are newer professions in the grand scheme of things. It doesn’t end there though; they found that the developers who were allowed to use AI fell into 2 distinct categories that had very different scores. The developers who heavily relied on AI and delegated debugging to AI scored 40%. Contrast that with developers who used AI more like Stack Overflow (That is my interpretation) and copied and pasted what AI had given them, while still doing their own debugging, score 65%. They go into more detail in the paper, but that is how I read it. What does this mean for SWEs? Nothing is completely concrete, and I am glad to see that they are going to continue to study this. With that said, it sounds like using AI like a tool, or how Stack Overflow used to be used 5-10 years ago, while still taking the time to understand at minimum and do your own debugging, gives you an advantage as far as comprehending what you are building. I would be curious to hear what my peers think about this study. Does this change your opinion on AI-assisted programming for newcomers? If so, how? --- ## [CTO Coffee Hour: How AI assistance impacts the formation of coding skills](https://schematical.com/posts/ctocoffee-020326_20260202) On this episode of CTO Coffee Hour, Dom & Matt explore how AI assistance is shaping the development of coding skills, including the benefits, risks, and practical implications for engineers at different experience levels. --- ## [AWS Lambda and other serverless services now support a 1MB payload](https://schematical.com/posts/546-lambda-1mb-context-window_20260201) The jump to 1MB from 256 KB may sound trivial but that is a [pretty big jump](https://aws.amazon.com/blogs/compute/more-room-to-build-serverless-services-now-support-payloads-up-to-1-mb/). I have run into the lambda context window a few times, and it can be annoying. Well, now it's going to take a lot more to hit that window. This also expands to SQS and EventBridge. ## Question for you? How will this extra payload size change how you design your infrastructure? --- ## [My video game has bugs that crawl around the screen and attack your servers](https://schematical.com/posts/tech-debt-0010_20260129) We had a revelation this week. The core game loop for Tech Debt wasn’t quite as engaging as I wanted. Events happened like DDoS attacks, but they felt flat. Then, about 4 am on Tuesday, it hit me: We needed to bring these events to life. We needed to anthropomorphise them into characters that crawl around your screen and perform actions. I jumped out of bed and whipped up a little walk, idle, and death animation, then coded up the NPCBug class, which would run around and eat items and network packets. That quickly evolved to multiple classes of bugs, some that evolved into a bug that directly attacks your servers, forcing them to freeze. In order to get rid of these creatures, you have to assign your team members to “Debug” the bugs. It really brought the game to life. Other miscellaneous additions include a rewards screen, which doesn’t quite fit in its current iteration but I should have that fixed soon. Updated the tutorial to include bugs and release rewards. There is an “Attention Icon” that tells you when there are available actions for you to take. Started to experiment with more thematic fonts. Reworked NPC pathfinding so they actually stand in the right spot when interacting with certain objects. What's next: I am going to add a “rarity” system for level up, both release and NPC. Then I will start to expand the number of level-ups. If you play for even a little while, you will see that there is a lack of variety. Don’t worry, I have plenty of ideas, and it should be easy to implement when the time is right. From there, hopefully, I can start adding back in the ability to hire more NPCs of varying levels. That's it. In its current state, with the addition of bugs, it could use a rebalancing, as I think it's just a tad on the difficult side. Feel free to give it a play and let me know your thoughts on it. Any feedback is greatly appreciated. --- ## [Have we reached the peak of what LLMs can do?](https://schematical.com/posts/steve-eismen-has-llms_20260128) [Gary Marcus](https://www.linkedin.com/in/gary-marcus-b6384b4/) recently put forth a solid argument for that being the case on [a podcast with Steve Eisman](https://www.youtube.com/watch?v=aI7XknJJC5Q). It's definitely worth a listen. If you can remember back to the good old days of ChatGPT 2 and the massive jump from 2 to 3. It was a significant increase in capability. Then the leap from 3 to 4, which still had a notable increase in capabilities. But when it came to going from GPT4 to 5, the intelligence gain was less impressive. It got cheaper, which is good, and I suppose tool calls got better, but we didn’t see a massive gain in reasoning or anything like that. Basically, if you graphed out the gains of intelligence in LLMs, it once looked like a hockey stick pattern. Now, Gary argues that it's flattening out. He also came to a similar conclusion as I have that there really isn't a “moat” around this tech and their fore already profitable companies that already have access to all the internet's data and insane amounts of compute power are likely going to eat OpenAI. Specifically Google. I would make the argument that Amazon will do pretty well just by keeping people on their platform. So even if AWS offers a product that is 80% as good as the market leader, people already on AWS will use it. Amazon wins even if they offer that product at break-even prices because they will make money on all the other products their customers continue to use on AWS. Let me know what your thoughts are. --- ## [When was the last time you used IAM Access Analyzer to secure your IAM Permissions?](https://schematical.com/posts/aws-access-analyzer_20260127) If its been a while you then this is your friendly reminder to pop in to IAM and make sure the principals of **least privilege** are being applied to your users and roles. You never know when someone's creds will get leaked. One of your devs might download a free game that sends their `~/.aws` directory straight to a malicious party, and then your AWS becomes their playground. Lock it down before the worst happens. If you want to sharpen your AWS Security skills checkout my on demand video Course On O'Reilly [Zero to Hero on AWS Security: An Animated Guide to Security in the Cloud](https://www.oreilly.com/videos/zero-to-hero/0642572107789/) --- ## [CTO Coffee Hour: Tech Debt The Game & updates ](https://schematical.com/posts/ctocoffee-012726_20260126) On this week's episode, Matt and Dom talk more on the Tech Debt The Game & plus the newest updates. Watch Matt run through some gameplay during this episode. --- ## [Using “Crossmodal” search to index text, image, audio, and video.](https://schematical.com/posts/crossmodal-search_20260125) Do you have a wide range of media you want to have easily searchable via your new Vector Index? Let's say you run an e-commerce store and your customers can submit text reviews, images, and videos of them using the products, and you want to make all of those searchable via a single interface. Or perhaps you want your AI agents to be able to search them. Either way, you need “Crossmodal” embeddings. This means you can index multiple types of media with a single model. In the case of Bedrock, one option would be their `amazon.nova-2-multimodal-embeddings-v1:0` model. Fun side note: I would bet you could index even more mediums. For example, if you had a large collection of 3D Models, or perhaps CAD or G-Code files, I would bet you could encode those, though I doubt Nova’s crossmodal/multimodal solution has been trained on that… yet. If anyone knows of a vector embedding model for 3D files, I would love to hear about it. --- ## [Tech Debt - The Video Game Update 1/23/2026](https://schematical.com/posts/tdg-009_20260122) Since I initially announced Tech Debt (Working title, subject to change), I have released [2 or 3 new versions](https://schematical.itch.io/techdebt). I did a complete UI overhaul, rebalanced it, added several more mechanics and tools for you to explore, additional NPCs, a level-up system, and most importantly, a tutorial so it's a little easier to understand the mechanics. What am I working on now? I want this game to be educational, to help people understand these abstract cloud architecture concepts. But I also want it to be fun to play. So, in addition to the silly items that drop in, I am going to add a meta progression system that lets you unlock more cool power-ups and infrastructure as you play and complete challenges. This started out as a fun little holiday project, but it has taken on a life of its own, and I am loving working on it right now. As always, I would love any feedback you would like to share. Play it for free here: https://schematical.itch.io/techdebt --- ## [“I've never coded in my life, but in the last three weeks, I was able to code software better than 99% of my developers.”](https://schematical.com/posts/vibe-coding-nonsense_20260121) “I've never coded in my life, but in the last three weeks, I was able to code software better than 99% of my developers.” This was the first line of a post on my LinkedIn feed this morning. I find this really amusing. If I were to start writing songs tomorrow, in three weeks, would I be in a position where I could judge the quality of my songs against those of others who have been writing songs for 30-plus years? Against others who have written songs that went on to sell millions of copies? Perhaps… but it seems unlikely. Having worked with AI-assisted coding and with people that are trying to use AI to code with a ZERO coding background, I can say the odds of this person shipping “flawless” code is basically ZERO… today. Who knows where we will be in a few years. AI can help augment your workflows, but keep in mind you are 100% responsible for every line of code you ship to production, and ignorance of what that code does in detail is not a valid excuse. Let me know your thoughts on the subject. ~Cheers --- ## [AWS Kinesis Video Stream Cost Optimization](https://schematical.com/posts/aws-kinesis-video_20260120) A while ago, I was part of a team for the main competitor to the Ring Doorbell. As you can imagine, the backend for a video-enabled doorbell has to be able to process massive amounts of video data. Since then, Kinesis Video Streams have come a long way, and recently they released a new “[Warm Storage](https://docs.aws.amazon.com/kinesisvideostreams/latest/dg/tiered-storage.html)” feature to help you reduce costs for your longer-term video storage. It seems to be similar to the S3 storage tiers. Their “Hot” tier is for real time streaming, but if, instead of real time video, you are retrieving video from a while ago, you can opt into “warm” storage. If you have a video component to your project, you might want to check it out. If you need help getting set up with AWS Kinesis video streams, check out our group coaching community: https://schematical.com/community --- ## [CTO Coffee Hour: Have we reached the peak of what LLMs can do?](https://schematical.com/posts/ctocoffee-012026_20260119) On this week's episode, Matt and Dom dive into whether LLMs have reached the peak of what they can do. --- ## [AWS Nova Grounding - The good and the bad…](https://schematical.com/posts/aws-bedrock-nova-grounding_20260118) Want your AI tools to have the ability to search the internet to double-check that the information it is giving you is accurate and up to date? Then you may want to check out Nova Grounding… or possibly not. Let me explain. ​ AWS Nova Ground is a tool you can add when you make your API call. You don’t need to define it; passing in the arguments for it just makes the tool available to the model server side. So the model can choose to search the internet if it wants to. ​ Now here is what I said, “or possibly not”. When I asked it for the current price of the S&P 500, it was off by a huge amount. When I asked it about the top stories in the news, it was close but seemed to be missing the top stories. It did cite its sources, but the numbers on the sources did NOT match the numbers it gave me. So either it doesn’t have access to the latest information, like it's using cached data, or it is struggling to interpret what it is getting back from the web search. ​ Either way, something is off, and I would hesitate to use it in production at this point. I did try to get it to tell me what Nova Ground is using under the hood as a search engine, but it was reluctant to do so. **​A couple of things to note:** First, it only works with Nova Premier right now, so you have to pay for a beefier model if you want to use it. They did say they had plans to allow other models to use it in the future. Second, they did say in [their announcement post](https://aws.amazon.com/blogs/aws/build-more-accurate-ai-applications-with-amazon-nova-web-grounding/) “Web Grounding incurs additional cost” but the only thing I could find on their pricing page is this “The text tokens input and output pricing applies to specific use cases such as speech-to-text transcription, tool calls for task completion or knowledge grounding, adding conversation history to the session etc” which isn’t very clear. Amusingly, when I asked the Nova Premier model to use Nova Ground to find the price of Nova Ground, this is the response I got: "Nova Grounding isn't a commercial product or financial asset that has a market price.” Again, I would consider other RAG options before going to production with Nova Grounding at this time. ​ **Question for you:** What does your RAG use case and setup look like? Any technologies that should be on my radar? --- ## [Tech Debt - The Video Game Update 1/16/2026](https://schematical.com/posts/tech-debt-game-update_20260115) Since I initially announced Tech Debt (Working title, subject to change), I have released [2 or 3 new versions](https://schematical.itch.io/techdebt). I did a complete UI overhaul, rebalanced it, added several more mechanics and tools for you to explore, additional NPCs, a level-up system, and most importantly, a tutorial so it's a little easier to understand the mechanics. What am I working on now? I want this game to be educational, to help people understand these abstract cloud architecture concepts. But I also want it to be fun to play. So, in addition to the silly items that drop in, I am going to add a meta progression system that lets you unlock more cool power-ups and infrastructure as you play and complete challenges. This started out as a fun little holiday project, but it has taken on a life of its own, and I am loving working on it right now. As always, I would love any feedback you would like to share. Play it for free here: https://schematical.itch.io/techdebt --- ## [AWS Bedrock Reusable Prompts ](https://schematical.com/posts/aws-bedrock-reusable-prompts_20260114) If you are sending your model big system prompts or, even more likely, tool call definitions with every request you make, that is likely slow and not cost-effective. AWS Bedrock gives you a way to create [Reusable Prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-management.html), which you can pass in a few key variables that will change the outcome. As a test, I created a Reusable Prompt: `Write me a short 4-line haiku about {{topic}}.`  Then I simply passed the model just the topic, in this case, for my Wisconsin people, I passed it the word “Cheese”. It returned the following result ``` Cheese Haiku Creamy whispers soft,   Aged in caves, sharp dreams alight,   Joy on every bite. ``` Not exactly Shakespeare, but it did the trick. This was a super small example, but at scale, if you have tens of thousands of input tokens you are sending in every request, then this could save on network throughput over time and speed up your requests. An added security bonus is that you can encrypt your prompts with KMS in case there is something proprietary in there. While I didn’t find anything directly related to savings with reusable prompts, it does allow for [Prompt Caching](https://schematical.com/posts/prompt-caching-with-bedrock_20260113), which you can turn on by default when you [build the reusable prompt](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-management-create.html). For this purpose, I hope they don’t limit the TTL to 5 minutes, as you would want the cache (and the 75% discount on input tokens) to be in effect for every invocation of the Reusable Prompt, but I don’t believe that to be the case. So let me ask you: Do you have any other cost-saving tips for using AI/ML on AWS? --- ## [Save money at scale with prompt caching](https://schematical.com/posts/prompt-caching-with-bedrock_20260113) Are you thinking about launching a new LLM-powered service to millions of users a day? Have you done the math to figure out how much that will cost you? It’s not cheap, but here is a quick tip that could save you a decent amount of money while decreasing request latency. Let me introduce you to the concept of [Prompt Caching](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-caching.html). What you can do is create a `cachePoint` that caches the content blocks leading up to it in memory for a minimum of 5 minutes. This time period extends with each successful subsequent call. According to the [AWS Bedrock Pricing Page](https://aws.amazon.com/bedrock/pricing/): “Cache read input tokens will be 75% less than on-demand input token price”. So we are not talking peanuts on savings. When you factor in that you can cache images, and not only do you not have to send that image across the web with each new chat message, but you will get that lovely 75% discount on that massive amount of tokens, this really could have a profound impact on your AWS bill. ## Question for you: Are you using conversational AI? If so, how are you preventing your bills from exploding? --- ## [CTO Coffee Hour: AWS Bedrock](https://schematical.com/posts/ctocoffee-011326_20260112) On today's episode, Matt & Dom discuss AWS Bedrock , as Matt calls it, ***"The Netflix of AI".*** --- ## [How Amazon Inflation proofs itself with savings plans](https://schematical.com/posts/aws-savings-plan_20260111) It’s that time of year when we close out the year financially and plan for next year. And this is a great time to re-examine your AWS 1-3 year savings plans. In this post, I want to break down something I think AWS has done brilliantly to inflation-proof themselves, but also how that could negatively impact you. The main unit of measurement you pay for with these savings plans is compute and RAM per hour. But AWS doesn’t let you buy CPU/RAM hours and stockpile them. No, they allow you to pre-pay in dollars. If they allowed you to stock up CPU/RAM hours and the cost of delivering those to you went up, perhaps because energy costs spike or the supply of computer chips were to skyrocket, then they would have to eat those costs. But because they are only selling you a discount on dollars committed to be spent, even if they have to raise rates significantly, those dollars would be applied at the rate on the date they are being consumed. ## Let’s break it down: Let's say 1 server costs $30 per month right now, and you commit to 3 years at $30/mo, totalling $1080. Now, let's say the cost of serving you those same compute hours doubles over the next few years (or goes up 50% and the dollar drops by 50%, you can choose your poison). That means towards the end of your contract, you are going to chew through those dollars faster and likely need to chip in additional funds to keep your account in good standing. It’s a brilliant move on AWS’s behalf, keeping them nimble and able to adjust course. It’s not the end of the world for you as the customer; just keep that in mind when purchasing your savings plans. A lot can (and likely will) happen in the next 3 years, so know what you are paying for when making these big decisions. If you need help making these decisions, feel free to reach out to me; it's what I do. --- ## [Agentic ProbLLMs: Exploiting AI Computer-Use and Coding Agents By Embrace The Red](https://schematical.com/posts/llm-cyber-security_20260108) Want to see some pro hackers decimate LLM’s “Security” layers as if they didn’t even exist? I try not to just repost other people’s content, but this one was too good to pass up, sending you right to the source. Allow me to introduce a brilliant presentation by Johann Rehberger from[ Embrace The Red](https://www.youtube.com/@embracethered), where he completely annihilates pretty much every mainstream coding agent. It really is amazing watching a master at work, even if that work is obliterating any notion that security exists with these tools that everyone has been so quick to pick up. I am not an absolutist when it comes to using AI tools, but I must say that this presentation makes most AI tools' security look like Swiss cheese - moldy Swiss cheese, with numerous holes in it. So without further ado, please enjoy and let me know what you think about it. --- ## [Need to customize your models for specific use cases before you run them at scale?](https://schematical.com/posts/aws-nova-forge_20260107) AWS just released [AWS Nova Forge](https://aws.amazon.com/blogs/aws/introducing-amazon-nova-forge-build-your-own-frontier-models-using-nova/), which allows you to customize(finetune/train) their [foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/foundation-models-reference.html) for your specific use cases. What is a foundation model? They have a wide variety of models, but most seem to be text and image. I can see those being useful, but what really excites me is the embedding models, which could be used to create custom VectorDBs. What does that mean from a business standpoint? ## Let me go back to my torn bicep example: You could train an embedding model on thousands of MRI images to rank the bicep on a 1 to 10 score from “Torn” to “Not Torn”. Furthermore, since biceps can tear from the top by the shoulder or the bottom by the elbow, you can classify that as well. I am curious - Do you have a use case for customizing or fine-tuning your own models? If so, I would love to hear about it. --- ## [Tech Debt - The Video Game](https://schematical.com/posts/tech-debt-the-video-game_20260106) Want to learn or communicate cloud concepts from the basic to the sophisticated in a fun, engaging way? Allow me to introduce you to what I am currently calling [Tech Debt - The Video Game](https://schematical.itch.io/techdebt). The demo is [free to play on itch.io](https://schematical.itch.io/techdebt). I hope people will find it to be a valuable training tool, as well as a means to communicate to the C-suite why their cloud compute bill is increasing or why scaling their services is more complex than just clicking a “spend more” button. I will admit I am grabbing inspiration from a lot of genres and games, mainly [Super Fantasy Kingdom](https://store.steampowered.com/app/2289750/Super_Fantasy_Kingdom/). I have seen [other games that focus on designing a system from scratch](https://schematical.com/posts/server-survival-_20251218). I opted for a simpler approach that allows you to unlock predesigned infrastructure. My goal is to introduce you to a series of advanced cloud compute concepts in a visible way but, I want to balance it so you are not tempted to just keep bumping up instance sizes when there is a more efficient way to architect your infrastructure. Additionally, I want to add a human element that focuses more on the dynamics you see when running these big teams, such as the trade-off when you let tech debt pile up or just focus on shipping features; therefore, the name “Tech Debt - The Video Game”. Just for fun, I threw in some items to make gameplay more interesting. So if you see the nuke or clock in there, understand those are NOT tools that actually exist, but they do make things a little more fun. Keeping in mind that this is super early access and not balanced at all, feel free to [give it a play](https://schematical.itch.io/techdebt) and let me know what you think. Feedback would be greatly appreciated. ~Cheers! --- ## [CTO Coffee Hour: Tech Debt the Videogame ](https://schematical.com/posts/ctocoffee0106-26_20260105) Happy new year! It's 2026 and the first CTO Coffee Hour episode. Today Matt & Dom dive into some gameplay with something Matt has been working on, The Tech Debt Videogame. Enjoy! --- ## [Adjusting Your AWS Savings Plans Payment Terms For 6+ Figures In Savings](https://schematical.com/posts/math-of-pre-paying_20260104) Recently, I was planning out savings plans for 6+ figure savings over the next few years. These things can be complicated. __“Sure, we can get 52% savings but only on compute, not DBs, not S3, and only if we commit to XYZ, and ABC payment terms”. __ Generally, I try to break it down into raw dollars and cents when communicating with the C suite, particularly the CFO. Their job is complicated enough without needing to understand the nuances of what qualifies for an [AWS Compute Savings Plan](https://aws.amazon.com/savingsplans/compute-pricing/). Because of this, I try to give the CFO very distinct variables they can toggle/shift to fit the business's needs. One important one when it comes to long-term savings plans is the “payment terms”. Mainly deciding when to take our hard-earned cash out of our bank account and hand it to AWS? There are 3 main payment terms: - All Upfront - Partial Upfront - No Upfront At the time of this writing, the difference between All Upfront(Roughly 52%) and No Upfront(Roughly 44%) for a 3-year compute savings plan is 8%. So I ask the CFO, “Would that cash be better utilized on other things over the next 3 years?” That gives the CFO the option to search all the potential investments the company could put that money in and decide if those investments would have a higher ROI than the 8% additional discount you would get by paying up front. If having that extra cash on hand now doesn’t have more than an 8% ROI, then you might want to send it off to AWS to get the discount. If you have something that will yield a 10% or greater return, then you might want to keep that cash on hand for now. It pays to think like an investor, not just an engineer, when making these decisions. I am contemplating building my own savings plan calculator for this. Let me know if you would like access to something like that. --- ## [Want to compete solving real-world problems for cash prizes?](https://schematical.com/posts/aws-ai-league_20260101) AWS released their [AI League](https://aws.amazon.com/ai/aileague/), which pairs up real-world businesses that have specific problems they want solved with a league of smart people that want to compete to solve these problems. It's refreshing, especially right now, to see people competing to solve actual problems with AI instead of [just cramping it in everything because it's trending](https://schematical.com/posts/we-need-ai_20241028). With that said, I also would hesitate to say the solution for any problem presented is an AI-related solution, but Amazon is the one selling the shovels in the AI gold rush, so why not run a competition to see who can most effectively buy their product while solving the problem. I know I sound a bit cynical, but in reality, I am somewhat interested in forming a team to tackle these problems and compete in the league. Unfortunately, I do not know what the problems are or exactly what a competition looks like yet, but I am sure we will know soon enough. If you are interested in joining me to compete, let me know; it could be a good time. --- ## [Happy New Year!](https://schematical.com/posts/happy-new-year-2026_20251231) 2025 flew by! Crazy to think about all that happened. In January I started Cloud War Games. In February Lerato joined my team as my Executive Assistant and now I can not believe I was ever able to do business without her. In March I did a “Nuclear” hands-on project where I designed and built an extremely scalable cost effective free text search engine for one of my big clients. In April we launched my [O’Reilly’s On Demand Course Zero to Hero on AWS Security: An Animated Guide to Security in the Cloud](https://www.oreilly.com/videos/zero-to-hero/0642572107789/) In June I got bicep repair surgery and I am happy to say I am back to 100% as of now. In July Dominic and Kelly joined the team. Unfortunately Kelly’s other responsibilities have since drawn her away but Dominic is still helping me keep the wheels on the bus. In August I [did a live presentation for the Badger Startup Summit](https://badgerstartup.com/speakers/) and hosted the first Cloud War Games live event. September and October I was a guest on a handful of [great podcasts](https://schematical.com/press). Sadly in November a close family member passed away but thanks to my amazing team we were able to keep the plates spinning at Schematical while I helped my family out. In December I had some really interesting projects pop up on my radar for 2026 right before I managed to take my first vacation in a long, long time. I do take time off, but since I got dogs and a house I rarely travel. My house is typically the vacation destination. I am sure I missed a few things there but that is the gist of it. As for what we at Schematical have planned for 2026 you will have to wait and see. I hope you had a great 2025 and hopefully 2026 will be another great year! --- ## [Incident Response Testing in Cloud Forward Organizations with Matt Lea](https://schematical.com/posts/virtual-ciso-podcast_20251230) Check out Matt's latest podcast interview on the The Virtual CISO Podcast: [Incident Response Testing in Cloud Forward Organizations with Matt Lea ](https://podcasts.apple.com/am/podcast/episode-155-incident-response-testing-in-cloud-forward/id1498720073?i=1000741687742) Enjoy! ~The Schematical Team --- ## [Database Savings Plans ](https://schematical.com/posts/db-saving-plans_20251229) During [AWS Reinvent this year](https://reinvent.awsevents.com/), I was on a call with one of my larger customers’ AWS reps when they informed us that AWS had just dropped new [Database Savings Plans](https://aws.amazon.com/about-aws/whats-new/2025/12/database-savings-plans-savings/) that allowed up to a 35% discount. It was so new that the AWS reps didn’t have any details they could share yet. With that said, over the next few months, I will likely start cycling my clients into these plans using the same guidelines I have been writing about. Something interesting I observed about DB savings plans in general is that you never get near the savings rate that you get for compute spend. I figured that, as opposed to just raw compute resources, DB has the additional cost of long-term storage. So even if you turned off the DB completely and it wasn’t servicing queries, it has the cost of storage of the entire dataset that is stored on the DB. Given that cost is a constant (if the data were flat), they can’t discount it as deeply. Just an observation. Let me know if you have another theory. Either way, I just wanted to make sure these new savings plans are on your radar. If you need help figuring out a good repeatable strategy for long-term savings, please feel free to reach out to me. --- ## [Hiring Devs In 2026 - Part 3](https://schematical.com/posts/hiring-devs-part-3_20251228) GitHub used to be my go-to. Most of my top hires have 100 or so repos. Now, just creating a repo isn’t enough; it is what is in the repos that tells you a lot about the candidate. In the modern era of “AI”, a substitute for GitHub might be contributions made to [HuggingFace](huggingface.co) or a similar website, which comes with nuances, but a lot of this translates. Are their recent repos just forks of Hello World tutorials? If so, then you can bet they are pretty entry-level in those technologies. Have they forked a prominent framework, then pull-requested fixes back into the main repo? If so, they are likely proficient with that tech. Do they have a lot of random passion projects? Great, the more passionate the better. Look deeper. Do they have good commit messages and a well-written README file? If so, they are likely a good communicator. What do they tend to focus on for these projects? Over-engineering every detail, or are they 100% cowboying up spaghetti code to ship features? I am not saying either is better, but it's best to know before you hire them. Do they tend to use existing tools and frameworks, or do they like to keep it close to the metal, writing their own proprietary tools whenever possible? Lastly and possibly most importantly, do they collaborate with others? Do they teach or are they happy to create knowledge silos that give them [Job Security](https://schematical.com/posts/comics-job-security_20250123) but end up costing your team a lot of time and money? Basically, even an intern-level candidate should have some type of portfolio. A senior-level candidate should have an extensive portfolio that you can look at and learn a lot about them. If they don't, that is a red flag in my opinion. --- ## [Leveraging tech debt for massive profit](https://schematical.com/posts/leveraging-tech-debt_20251225) Some people think all debt is bad debt. I can respect that in some ways, but I have watched firsthand as technical entrepreneurs have leveraged a significant amount of tech debt into 9-figure businesses. It’s quite similar to taking on a debt to buy rental properties. As long as the property isn’t a money pit and there is a sea of renters and you didn’t get screwed on the rate/terms of the loan, it's a pretty sound investment. The key to this is knowing what tech debt has a high interest rate and what tech debt has a low interest rate. Let’s say you have a problem that needs to be fixed, but instead of fixing it, you just throw money at bigger servers and kick solving that problem down the road for a bit. Is that a problem? For example, let's say we have a problem (AKA tech debt) that is costing you $1,000 extra in server costs per month, but it would take $10,000 in engineering hours to fix. You might be tempted to throw the engineering hours at it. In 12 months, you will have a $2,000 positive ROI. But let's say that $10,000 in engineering hours could be spent on features that would give you a gain of $100,000 over the next year. Is paying down that $12,000 (12x$1000/mo) worth more to you than that $100,000 of value over the next year? The problem is it’s not as obvious as taking out a loan from a bank or buying T Bills. Spending extra on computers, though common, is on the simpler side of the spectrum when trying to quantify tech debt. The bottom line is, if you can figure out how to leverage tech debt without being overwhelmed by it, then you can use that to build some amazing businesses. But just like financial debt, be careful, it can compound quickly. Need help figuring out how to tell what the interest rates on your tech debt are or how to leverage it better? That’s part of what I do, so feel free to reach out for one-on-one consulting or join my group coaching community. --- ## [Building Disaster Muscle Memory and Collaborative Resilience in DevOps Teams with Matt Lea](https://schematical.com/posts/cloud-war-games-incident-response_20251223) Here is Matt's latest podcast interview and article on To The Point - Cybersecurity: [​Building Disaster Muscle Memory and Collaborative Resilience in DevOps Teams with Matt Lea​](https://www.forcepoint.com/resources/podcast/cloud-war-games-incident-response-readiness) Enjoy! **~The Schematical Team** --- ## [Tool calls with AWS Bedrock are easier than you think](https://schematical.com/posts/tool-calls-with-bedrock_20251222) I had a use case come up recently where we wanted to keep all the data on AWS inside the AWS account for the project. Lots of people have a fairly rational fear that they don’t want to give their data over to big tech like ChatGPT. Despite ChatGPT claiming they do NOT train on data, a requirement was made to keep it in AWS since AWS has all of our data anyway. I am not a lawyer, and I don’t play one on the internet, so double-check your terms and services. I chose to give AWS Bedrock a spin, specifically their [Converse API](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_runtime_Converse.html). I was surprised to see there wasn’t anything that needed to be provisioned. Converse’s serverless inference implementation just worked out of the box. That blew my mind a bit, but I suppose why would you? Just charge per invocation, it’s not like it has persistent data or stores code like a lambda. ## Setup: It's super simple, it just uses the AWS SDK v3, and you send it Converse Commands. Include the tool call definition, and it will respond just like you would expect. ## How did it perform? I was able to get Amazon’s Nova Lite to do simple tool calls, no problem. I decided to try my luck with Nova micro to see how that ran, and it correctly made the same tool call with the exact right parameters. ## What did it cost? I can’t go into too much detail on what I was using it for right now, but I was able to get it to run each inference for about $0.00002. If this were running on a website with 100,000 executions a day, we are talking about $2 per day. Now that is without any caching or high-performance tuning. Add that in, and we could cut that down a bit more. My plan is to dig into this a bit deeper in future posts. If you want to get access to hands-on workshops about how to do serverless inference at scale on AWS, check out the [Schematical Group Coaching Community](https://schematical.com/community). --- ## [AWS Lambda Managed Instances](https://schematical.com/posts/aws-lambda-managed_20251221) Allow me to introduce AWS Lambda Managed Instances. You can now choose what underlying hardware your Lambda functions run on for better performance and cost optimization. Unfortunately, I haven’t found anything about running them on GPU instances yet, so that might not be available quite yet. Interestingly enough, you get charged for 3 things: $0.20 per 1M invocations, the EC2 instance’s normal compute hour costs, and an additional 15% of the EC2 instance cost as a “Compute Management" fee. I’m curious how this weighs out over just using Lambda. I suppose if you had a fairly constant and predictable amount of invocations, it could weigh out in the end.  ## Question for you: Do you have a use case for AWS Lambda Managed Instances? # MCP servers and tools - mcp: https://schematical.com/api/mcp tools: - list_posts: Get blog posts with optional filtering by tags, limit, and page - list_events: Get events with optional filtering by event type, limit, and page - echo: Echo a message calls: - tool: list_posts args: page: 1 limit: 10 - tool: list_events args: page: 1 limit: 10 - mcp: https://schematical.com/api/public/mcp tools: - list_mcps: Get a list of MCP servers with optional filtering by tags, limit, and page - submit_mcp: Submit a Streamable HTTP MCP server to our database - list_mcp_software: Get a list of MCP Enabled Software with optional filtering by tags, limit, and page - ping_mcp: Ping a Streamable HTTP MCP server by URL to test connectivity and retrieve its tools - echo: Echo a message - mcp: https://schematical.com/api/products/mcp tools: - search_products: Search products with optional filters, sorting, and pagination - search: Return generic product search results for a query - quota: Check remaining search quota for authenticated user - mcp: https://schematical.com/api/inbox/mcp tools: - list_inboxes: List inboxes for the authenticated tenant - create_inbox: Create a new inbox - delete_inbox: Delete an inbox - list_messages: List messages for an inbox - create_message: Create a message in an inbox - get_message: Get a single message - mark_message_read: Mark or unmark a message as read - delete_message: Delete a message permanently