Platforms

GitLab CI/CD has evolved into a fully integrated system within GitLab, covering everything from code integration and testing to deployment and monitoring. It supports complex workflows with features like multi-stage pipelines, caching, parallel execution and auto-scaling runners and is suitable for large-scale projects and complex pipeline needs. We want to highlight its built-in security and compliance tools (such as SAST and DAST analysis) which make it well-suited for use cases with high-compliance requirements. It also integrates seamlessly with Kubernetes, supporting cloud-native workflows, and offers real-time logging, test reports and traceability for enhanced observability.

Trino is an open-source, distributed SQL query engine designed for interactive analytic queries over big data. It’s optimized to run both on-premise and cloud environments and supports querying data where it resides, including relational databases and various proprietary datastores via connectors. Trino can also query data stored in file formats like Parquet and open-table formats like Apache Iceberg. Its built-in query federation capabilities enable data from multiple sources to be queried as a single logical table, making it a great choice for analytic workloads that require aggregating data across diverse sources. Trino is a key part of popular stacks like AWS Athena, Starburst and other proprietary data platforms. Our teams have successfully used it in various use cases, and when it comes to querying data sets across multiple sources for analytics, Trino has been a reliable choice.

ABsmartly is an advanced A/B testing and experimentation platform designed for rapid, trustworthy decision-making. Its standout feature is the Group Sequential Testing (GST) engine, which accelerates test results by up to 80% compared to traditional A/B testing tools. The platform offers real-time reporting, deep data segmentation and seamless full-stack integration through an API-first approach, supporting experiments across web, mobile, microservices and ML models.

ABsmartly addresses key challenges in scalable, data-driven experimentation by enabling faster iteration and more agile product development. Its zero-lag execution, deep segmentation capabilities and support for multi-platform experiments make it particularly valuable for organizations looking to scale their experimentation culture and prioritize data-backed innovation. By significantly reducing test cycles and automating result analysis, ABsmartly helped us optimize features and user experiences more efficiently than traditional A/B testing platforms.

Dapr has evolved considerably since we last featured it in the Radar. Its many new features include job scheduling, virtual actors as well as more sophisticated retry policies and observability components. Its list of building blocks continues to grow with jobs, cryptography and more. Our teams also note its increasing focus on secure defaults, with support for mTLS and distroless images. All in all, we've been happy with Dapr and are looking forward to future developments.

Formerly known as Grafana Agent, Grafana Alloy is an open-source OpenTelemetry Collector. Alloy is designed to be an all-in-one telemetry collector for all telemetry data, including logs, metrics and traces. It supports collecting commonly used telemetry data formats such as OpenTelemetry, Prometheus and Datadog. With Promtail’s recent deprecation, Alloy is emerging as a go-to choice for telemetry data collection — especially for logs — if you’re using the Grafana observability stack.

Grafana Loki is a horizontally scalable and highly available multi-tenant log aggregation system inspired by Prometheus. Loki only indexes metadata about your logs as a set of labels for each log stream. Log data is stored in a block storage solution such as S3, GCS or Azure Blob Storage. The upshot is that Loki promises a reduction in operational complexity and storage costs over competitors. As you'd expect, it integrates tightly with Grafana and Grafana Alloy, although other collection mechanisms can be used.

Loki 3.0 introduced native OpenTelemetry support, making ingestion and integration with OpenTelemetry systems as simple as configuring an endpoint. It also offers advanced multi-tenancy features, such as tenant isolation via shuffle-sharding, which prevents misbehaving tenants (e.g., heavy queries or outages) from impacting others in a cluster. If you haven't been following developments in the Grafana ecosystem, now is a great time to take a look as it is evolving rapidly.

Grafana Tempo is a high-scale distributed tracing backend that supports open standards like OpenTelemetry. Designed to be cost-efficient, it relies on object storage for long-term trace retention and enables trace search, span-based metric generation and correlation with logs and metrics. By default, Tempo uses a columnar block format based on Apache Parquet, enhancing query performance and enabling downstream tools to access trace data. Queries are executed via TraceQL and the Tempo CLI. Grafana Alloy too can be configured to collect and forward traces to Tempo. Our teams self-hosted Tempo in GKE, using MinIO for object storage, OpenTelemetry collectors and Grafana for trace visualization.

Heroku used to be an excellent choice for many developers who wanted to release and deploy their applications quickly. In recent years, we’ve also seen the rise of deployment platforms like Vercel, which are more modern, lightweight and easy to use but designed for front-end applications. A full-stack alternative in this space is Railway, a PaaS cloud platform that streamlines everything from GitHub/Docker deployment to production observability.

Railway supports most mainstream programming frameworks, databases as well as containerized deployment. As a long-term hosted platform for an application, you may need to compare the costs of different platforms carefully. At present, our team has had a good experience with Railway's deployment and observability. The operation is smooth and can be well integrated with the continuous deployment practices we advocate.

Unblocked is an off-the-shelf AI team assistant. Once integrated with codebase repositories, corporate documentation platforms, project management tools and communication tools, Unblocked helps answer questions about complex business and technical concepts, architectural design and implementation as well as operational processes. This is particularly useful for navigating large or legacy systems. While using Unblocked, we've observed that teams value quick access to contextual information over code and user-story generation. For scenarios requiring more extensive code generation or task automation, dedicated software engineering agents or coding assistants are more suitable.

Weights & Biases has continued to evolve, adding more LLM-focused features since it was last featured in the Radar. They are expanding Traces and introducing Weave, a full-fledged platform that goes beyond tracking LLM-based agentic systems. Weave enables you to create system evaluations, define custom metrics, use LLMs as judges for tasks like summarization and save data sets that capture different behaviors for analysis. This helps optimize LLM components and track performance at both local and global levels. The platform also facilitates iterative development and effective debugging of agentic systems, where errors can be difficult to detect. Additionally, it enables the collection of valuable human feedback, which can later be used for fine-tuning models.

With the popularity of LLM and agentic applications, LLM observability is becoming more and more important. Previously, we’ve recommended platforms such as Langfuse and Weights & Biases (W&B). Arize Phoenix is ​​another emerging platform in this space, and our team has had a positive experience using it. It offers standard features like LLM tracing, evaluation and prompt management, with seamless integration into leading LLM providers and frameworks. This makes it easy to gather insights on LLM output, latency and token usage with minimal configuration. So far, our experience is limited to the open-source tool but the broader Arize platform offers more comprehensive capabilities. We look forward to exploring it in the future.

Chainloop is an open-source supply chain security platform that helps security teams enforce compliance while allowing development teams to seamlessly integrate security compliance into CI/CD pipelines. It consists of a control plane, which acts as the single source of truth for security policies, and a CLI, which runs attestations within CI/CD workflows to ensure compliance. Security teams define workflow contracts specifying which artifacts — such as SBOMs and vulnerability reports — must be collected, where to store them and how to evaluate compliance. Chainloop uses Rego, OPA's policy language, to validate attestations — for example, ensuring a CycloneDX SBOM meets version requirements. During workflow execution, security artifacts like SBOMs are attached to an attestation and pushed to the control plane for enforcement and auditing. This approach ensures compliance can be enforced consistently and at scale while minimizing friction in development workflows. This results in an SLSA level-three–compliant single source of truth for metadata, artefacts and attestations.

DeepSeek-R1 is DeepSeek's first-generation of reasoning models. Through a progression of non-reasoning models, the engineers at DeepSeek designed and used methods to maximize hardware utilization. These include Multi-Head Latent Attention (MLA), Mixture of Experts (MoE) gating, 8-bit floating points training (FP8) and low-level PTX programming. Their high-performance computing co-design approach enables DeepSeek-R1 to rival state-of-the-art models at significantly reduced cost for training and inference.

DeepSeek-R1-Zero is notable for another innovation: the engineers were able to elicit reasoning capabilities from a non-reasoning model using simple reinforcement learning without any supervised fine-tuning. All DeepSeek models are open-weight, which means they are freely available, though training code and data remain proprietary. The repository includes six dense models distilled from DeepSeek-R1, based on Llama and Qwen, with DeepSeek-R1-Distill-Qwen-32B outperforming OpenAI-o1-mini on various benchmarks.

Created by Ryan Dahl, the inventor of Node.js, Deno was designed to address what he saw as mistakes in Node.js. It features a stricter sandboxing system, built-in dependency management and native TypeScript support — a key draw for its user base. Many of us prefer Deno for TypeScript projects, as it feels like a true TypeScript run time and toolchain, rather than an add-on to Node.js.

Since its inclusion in the Radar in 2019, Deno has made significant advancements. The Deno 2 release introduces backward compatibility with Node.js and npm libraries, long-term support (LTS) releases and other improvements. Previously, one of the biggest barriers to adoption was the need to rewrite Node.js applications. These updates reduce migration friction while expanding dependency options for supporting tools and systems. Given the massive Node.js and npm ecosystem, these changes should drive further adoption.

Additionally, Deno’s Standard Library has stabilized, helping combat the proliferation of low-value npm packages across the ecosystem. Its tooling and Standard Library make TypeScript or JavaScript more appealing for server-side development. However, we caution against choosing a platform solely to avoid polyglot programming.

Graphiti builds dynamic, temporally-aware knowledge graphs that capture evolving facts and relationships. Our teams use GraphRAG to uncover data relationships, which enhances retrieval and response accuracy. As data sets constantly evolve, Graphiti maintains temporal metadata on graph edges to record relationship lifecycles. It ingests both structured and unstructured data as discrete episodes and supports queries using a fusion of time-based, full-text, semantic and graph algorithms. For LLM-based applications — whether RAG or agentic — Graphiti enables long-term recall and state-based reasoning.

Similar to Langfuse, Weights & Biases and Arize Phoenix, Helicone is a managed LLMOps platform designed to meet the growing enterprise demand for LLM cost management, ROI evaluation and risk mitigation. Open-source and developer-focused, Helicone supports production-ready AI applications, offering prompt experimentation, monitoring, debugging and optimization across the entire LLM lifecycle. It enables real-time analysis of costs, utilization, performance and agentic stack traces across various LLM providers. While it simplifies LLM operations management, the platform is still emerging and may require some expertise to fully leverage its advanced features. Our team has been using it with good experience so far.

Humanloop is an emerging platform focused on making AI systems more reliable, adaptable and aligned with user needs by integrating human feedback at key decision points. It offers tools for human labeling, active learning and human-in-the-loop fine-tuning as well as LLM evaluation against business requirements. Additionally, it helps manage the cost-effective lifecycle of GenAI solutions with greater control and efficiency. Humanloop supports collaboration through a shared workspace, version-controlled prompt management and CI/CD integration to prevent regressions. It also provides observability features such as tracing, logging, alerting and guardrails to monitor and optimize AI performance. These capabilities make it particularly relevant for organizations deploying AI in regulated or high-risk domains where human oversight is critical. With its focus on responsible AI practices, Humanloop is worth evaluating for teams looking to build scalable and ethical AI systems.

One of the biggest challenges in prompting is ensuring the AI tool has access to all the context relevant to the task. Often, this context already exists within the systems we use all day: wikis, issue trackers, databases or observability systems. Seamless integration between AI tools and these information sources can significantly improve the quality of AI-generated outputs.

The Model Context Protocol (MCP), an open standard released by Anthropic, provides a standardized framework for integrating LLM applications with external data sources and tools. It defines MCP servers and clients, where servers access the data sources and clients integrate and use this data to enhance prompts. Many coding assistants have already implemented MCP integration, allowing them to act as MCP clients. MCP servers can be run in two ways: Locally, as a Python or Node process running on the user’s machine, or remotely, as a server that the MCP client connects to via SSE (though we haven't seen any usage of the remote server variant yet). Currently, MCP is primarily used in the first way, with developers cloning open-source MCP server implementations. While locally run servers offer a neat way to avoid third-party dependencies, they remain less accessible to nontechnical users and introduce challenges such as governance and update management. That said, it's easy to imagine how this standard could evolve into a more mature and user-friendly ecosystem in the future.

Open WebUI is an open-source, self-hosted AI platform with a versatile feature set. It supports OpenAI-compatible APIs and integrates with providers like OpenRouter and GroqCloud, among others. It can run entirely offline by connecting to local or self-hosted models via Ollama. Open WebUI includes a built-in capability for RAG, allowing users to interact with local and web-based documents in a chat-driven experience. It offers granular RBAC controls, enabling different models and platform capabilities for different user groups. The platform is extensible through Functions — Python-based building blocks that customize and enhance its capabilities. Another key feature is model evaluation, which includes a model arena for side-by-side comparisons of LLMs on specific tasks. Open WebUI can be deployed at various scales — as a personal AI assistant, a team collaboration assistant or an enterprise-grade AI platform.

pg_mooncake is a PostgreSQL extension that adds columnar storage and vectorized execution. Columnstore tables are stored as Iceberg or Delta Lake tables in the local file system or S3-compatible cloud storage. pg_mooncake supports loading data from file formats like Parquet, CSV and even Hugging Face datasets. It can be a good fit for heavy data analytics that typically requires columnar storage, as it removes the need to add dedicated columnar store technologies into your stack.

One of the most significant AI advances since the last Radar is the breakthrough and proliferation of reasoning models. Also marketed as "thinking models," these models have achieved top human-level performance in benchmarks like frontier mathematics and coding.

Reasoning models are usually trained through reinforcement learning or supervised fine-tuning, enhancing capabilities such as step-by-step thinking (CoT), exploring alternatives (ToT) and self-correction. Examples include OpenAI’s o1/o3, DeepSeek R1 and Gemini 2.0 Flash Thinking. However, these models should be seen as a distinct category of LLMs rather than simply more advanced versions.

This increased capability comes at a cost. Reasoning models require longer response time and higher token consumption, leading us to jokingly call them "Slower AI" (as if current AI wasn’t slow enough). Not all tasks justify this trade-off. For simpler tasks like text summarization, content generation or fast-response chatbots, general-purpose LLMs remain the better choice. We advise using reasoning models in STEM fields, complex problem-solving and decision-making — for example, when using LLMs as judges or improving explainability through explicit CoT outputs. At the time of writing, Claude 3.7 Sonnet, a hybrid reasoning model, had just been released, hinting at a possible fusion between traditional LLMs and reasoning models.

Restate is a durable execution platform, similar to Temporal, developed by the original creators of Apache Flink. Feature-wise it offers workflows as code, stateful event processing, the saga pattern and durable state machines. Written in Rust and deployed as a single binary, it uses a distributed log to record events, implemented using a virtual consensus algorithm based on Flexible Paxos; this ensures durability in the event of node failure. SDKs are available for the usual suspects: Java, Go, Rust and TypeScript. We still maintain that it's best to avoid distributed transactions in distributed systems, because of both the additional complexity and the inevitable additional operational overhead involved. However, this platform is worth assessing if you can’t avoid distributed transactions in your environment.

Supabase is an open-source Firebase alternative for building scalable and secure backends. It offers a suite of integrated services, including a PostgreSQL database, authentication, instant APIs, Edge Functions, real-time subscriptions, storage and vector embeddings. Supabase aims to streamline back-end development, allowing developers to focus on building front-end experiences while leveraging the power and flexibility of open-source technologies. Unlike Firebase, Supabase is built on top of PostgreSQL. If you're working on prototyping or an MVP, Supabase is worth considering, as it will be easier to migrate to another SQL solution after the prototyping stage.

A common challenge in software development is generating test data for development and test environments. Ideally, test data should be as production-like as possible, while ensuring no personally identifiable or sensitive information is exposed. Though this may seem straightforward, test data generation is far from simple. That's why we’re interested in Synthesized — a platform that can mask and subset existing production data or generate statistically relevant synthetic data. It integrates directly into build pipelines and offers privacy masking, providing per-attribute anonymization through irreversible data obfuscation techniques such as hashing, randomization and binning. Synthesized can also generate large volumes of synthetic data for performance testing. While it includes the obligatory GenAI features, its core functionality addresses a real and persistent challenge for development teams, making it worth exploring.

Tonic.ai is part of a growing trend in platforms designed to generate realistic, de-identified synthetic data for development, testing and QA environments. Similar to Synthesized, Tonic.ai is a platform with a comprehensive suite of tools addressing various data synthesis needs in contrast to the library-focused approach of Synthetic Data Vault. Tonic.ai generates both structured and unstructured data, maintaining the statistical properties of production data while ensuring privacy and compliance through differential privacy techniques. Key features include automatic detection, classification and redaction of sensitive information in unstructured data, along with on-demand database provisioning via Tonic Ephemeral. It also offers Tonic Textual, a secure data lakehouse that helps AI developers leverage unstructured data for retrieval-augmented generation (RAG) systems and LLM fine-tuning. Teams looking to accelerate engineering velocity while generating scalable, realistic data — all while adhering to stringent data privacy requirements — should consider evaluating Tonic.ai.

turbopuffer is a serverless, multi-tenant search engine that seamlessly integrates vector and full-text search on object storage. We quite like its architecture and design choices, particularly its focus on durability, scalability and cost efficiency. By using object storage as a write-ahead log while keeping its query nodes stateless, it’s well-suited for high-scale search workloads.

Designed for performance and accuracy, turbopuffer delivers high recall out of the box, even for complex filter-based queries. It caches cold query results on NVMe SSDs and keeps frequently accessed namespaces in memory, enabling low-latency search across billions of documents. This makes it ideal for large-scale document retrieval, vector search and retrieval-augmented generation (RAG) AI applications. However, its reliance on object storage introduces trade-offs in query latency, making it most effective for workloads that benefit from stateless, distributed compute. turbopuffer powers high-scale production systems like Cursor but is currently only available by referral or invitation.

VectorChord is a PostgreSQL extension for vector similarity search, developed by the creators of pgvecto.rs as its successor. It’s open source, compatible with pgvector data types and designed for disk-efficient, high-performance vector search. It employs inverted file indexing (IVF) along with RaBitQ quantization to enable fast, scalable and accurate vector search while significantly reducing computation demands. Like other PostgresSQL extensions in this space, it leverages the PostgreSQL ecosystem, allowing vector search alongside standard transactional operations. Though still in its early stages, VectorChord is worth assessing for vector search workloads.

We've observed multiple teams encountering issues with the Tyk hybrid API management solution. While the concept of a managed control plane and self-managed data planes offers flexibility for complex infrastructure setups (such as multi-cloud and hybrid cloud), teams have experienced control plane incidents that were only discovered internally rather than by Tyk, highlighting potential observability gaps in Tyk's AWS-hosted environment. Furthermore, the level of incident support appears slow; communicating via tickets and emails isn’t ideal in these situations. Teams have also reported issues with the maturity of Tyk's documentation, often finding it inadequate for complex scenarios and issues. Additionally, other products in the Tyk ecosystem seem immature as well, for example, the enterprise developer portal is reported to not be backward compatible and has limited customization capabilities. Especially for Tyk’s hybrid setup, we recommend proceeding with caution and will continue to monitor its maturity.