AWS

Introduction Margin risk management is critical to brokerages, where volatility events can pose existential risks when clients hold concentrated positions with leverage. Imagine a scenario where a stock held through margin, having a high beta coefficient (making it especially reactive to market movements), is held by enough clients to cause catastrophic losses during a flash crash. It only takes minutes for the damage to be done. As fiduciaries, brokers must ensure the firm can weather all sorts of market events so that clients’ funds remain safe. This necessitates constant vigilance and examination of risk positions. Traditionally, these calculations were done through batch processes running hourly, every 15 minutes, or if you were really advanced, every minute. But modern technology has made it possible—through tools like Kafka and Spark Streaming—to make these calculations in real-time, as the market moves. ...

Introduction On August 1, 2012, Knight Capital Group—one of the largest market makers on the New York Stock Exchange—lost $440 million in 45 minutes due to a software deployment failure. The incident nearly bankrupted the firm and sent shockwaves through financial markets. While the technical details are fascinating, the real lesson lies in what wasn’t there: an effective, centralized mechanism to stop runaway automation before catastrophic losses occurred. This post explores how modern streaming architectures using Apache Kafka and Apache Spark can implement the kind of real-time risk controls that regulations now require—and that Knight Capital desperately needed. We’ll connect the dots between a historic trading disaster, regulatory requirements, and a hands-on demo you can deploy yourself. ...

Managing AWS costs becomes increasingly complex as infrastructure grows. Organizations often struggle with cloud cost management, spending valuable engineering time manually analyzing Cost Explorer data, identifying optimization opportunities, and implementing changes. Even with dedicated cost management tools, the analysis and remediation process remains largely manual, requiring specialized expertise to interpret cost data and translate it into actionable steps. This post demonstrates how to build an automated agent that analyzes AWS costs and generates actionable recommendations to reduce cloud spend. By combining AWS Bedrock’s analytical capabilities with Cost Explorer data, the system identifies cost outliers and provides specific optimization steps that go beyond basic visualizations to deliver meaningful insights. ...

Code reviews are essential for maintaining code quality, but they can be time-consuming and often repetitive. Developers find themselves commenting on the same issues across multiple pull requests: missing tests, inconsistent naming, inadequate error handling, and numerous other routine concerns. This creates a bottleneck in the development process, as team members wait for their code to be reviewed while reviewers struggle to balance thorough reviews with their own development work. ...

“Where can I find our vacation policy?” “What’s the process for requesting new hardware?” “Can you explain our security guidelines?” These questions echo through company Slack channels daily, interrupting workflows and creating redundant work for team leads and HR staff. The same questions get asked repeatedly, and answers are buried in documentation that’s difficult to navigate. In this post, I’ll show you how to build a simple yet powerful Q&A bot for Slack that leverages your company’s documentation to provide accurate, contextual answers. The best part? It runs entirely on AWS managed services, minimizing operational overhead while delivering immediate value to your organization. ...

The Real Problem: Production, Not Prototypes Everyone can demo generative AI. Almost no one can run it safely in production. Enterprises in finance, healthcare, and the public sector aren’t blocked by technology capabilities—they’re blocked by governance requirements that today’s AI implementations rarely satisfy. These organizations face three critical blockers: Data leakage risk: Sensitive information, from PII to trade secrets, flowing through public model APIs Lack of auditability: No reliable record of prompts, responses, or who accessed what information Unclear ownership: Ambiguous rights over prompt engineering IP, training data, and generated outputs AWS customers don’t want AI that behaves like a chatbot toy. They need AI that behaves like enterprise infrastructure: secured, monitored, audited, governed, and compliant with their existing security posture. ...

What is the Model Context Protocol? The Model Context Protocol (MCP) is an open standard for connecting AI agents to external systems. Think of it as a universal adapter that lets any AI agent talk to any tool or data source without custom integration code. Anthropic announced MCP in November 2024 and donated it to the Linux Foundation’s Agentic AI Foundation a month later. The adoption has been swift: OpenAI integrated it into ChatGPT, Google DeepMind uses it for Gemini agents, AWS built AgentCore around it, and development tools like Zed, Sourcegraph, Replit, and Codeium all support it. In just a few months, the community has built thousands of MCP servers. The protocol has become the de-facto standard for agent-to-tool communication. ...

Here’s what should make every security leader uncomfortable: organizations routinely deploy vulnerable code to production to meet delivery deadlines. Not because they don’t care about security. Because security can’t keep up. Over 60% of organizations update their web applications weekly or more frequently. Nearly 75% test those applications for security monthly or less. The math doesn’t work. The gap between development velocity and security validation grows wider every sprint. At re:Invent 2024, AWS CEO Matt Garman announced AWS Security Agent—not as another security scanning tool to add to the pile, but as a fundamentally different approach to the problem. ...

Enhancing Security: Adding AWS Cognito Authentication to Your Serverless App Our serverless survey application is a great example of a modern cloud native application. It’s fast, scalable, and cost-effective. But it’s missing one critical feature: user authentication. In this post, we’ll walk through how to add robust, secure authentication using AWS Cognito. Why Add Authentication? Right now, anyone can vote, and anyone can reset the entire survey. In a real-world application, we need to control access. Authentication allows us to: ...

At an AWS Road Show this fall, Darko Mesaros demoed a URL shortener he’d built in Rust called krtk.rs. Something about watching a clean, fast URL shortener just work stuck with me. I’ve built a few of these for demos since then, but I wanted to try something different this time: build one in Python with a retro 90s vibe, and let Kiro handle most of the heavy lifting. Kiro is one of AWS’s three frontier agents announced at re:Invent 2024—autonomous AI systems that maintain context and work independently for hours. While DevOps Agent handles incident response and Security Agent conducts penetration testing, Kiro is your AI developer that takes specifications and generates production-ready code. ...