Risk assessment articles

9/23/2025 • EN

To vibe or not to vibe

A Thoughtworks engineer explores the nuanced risk assessment required when using AI to generate code, moving beyond a simple 'good or bad' debate.

ai code review ai-assisted coding generative ai risk assessment software development

Martin Fowler

9/9/2025 • EN

Secure Your MCP Servers with Environment Variable Risk Assessment

The ls-mcp tool update adds a security feature to detect and assess the risk of credentials stored in environment variables within MCP server configurations.

Credential Detection environment variables Mcp Servers risk assessment security

Liran Tal

10/31/2023 • EN

Boogeyman Diplomacy

The author critiques the focus on speculative AI risks at global summits, arguing for addressing real issues like corporate power and algorithmic bias instead.

AI Safety artificial intelligence International Relations risk assessment Technology Policy

Neil Lawrence

7/15/2022 • EN

Third-party libraries are no party at all

A senior engineer at Lyft outlines the risks of using third-party libraries in production apps and proposes a framework for consistent risk assessment.

code review Production Apps risk assessment software development Third Party Libraries

Scott Berrevoets

5/30/2022 • EN

Availability Zones & DR

Explains modern cloud disaster recovery and resilience using Availability Zones, contrasting with legacy data center approaches.

Availability Zones Cloud Architecture Disaster Recovery Resilience risk assessment

Roelf Zomerman

8/27/2020 • EN

Threat modelling case study: bicycles

A threat modeling case study using bicycle theft to illustrate security principles applicable to IT systems.

Case Study Physical Security risk assessment security Threat Modeling

Cal Paterson

4/15/2019 • EN

Questions I'd Ask My Cloud Provider

A developer's critical questions for evaluating cloud providers, focusing on problem-solving, security implementation, and customer-driven development.

Cloud Provider Cloud Security risk assessment Service License Agreement Threat Model

Jessie Frazelle