Konvu Security Blog
Insights, guides, and best practices for security professionals and engineering teams.
Smooth Operations: Agentic Triage in Production
How Konvu uses agentic systems to autonomously triage security vulnerabilities in production, keeping sensitive code in-boundary while centralizing decisions.
Read more →
Navigating Kubernetes: Hard-Won Lessons from Agent Injection Webhooks
Building a Kubernetes mutating admission webhook for production? Learn from our experience deploying agent injection across multiple clusters - from bootstrapping pitfalls to namespace scoping.
Read more →
You don't need an AI agent framework, or why frameworks are the new Juicero
A practical back-to-school lightning talk on building AI agents without frameworks. The thesis is simple - build the loop, add the tools, measure, then earn the complexity.
Read more →
Handling GitHub App Admin Approval Workflows
Building GitHub integrations for enterprise customers? Learn how to handle the complex admin approval workflows.
Read more →
How Konvu got its name
The real story behind the Konvu name and a repeatable, two-hour process you can use to pick a strong .com without drama.
Read more →
We helped build a YC Startup. Now we're building our own, The YC Way.
The principles we learned at Sqreen, and still live by at Konvu.
Read more →
Using Java Dynamic Instrumentation to Detect Exploitable Vulnerabilities at Runtime
How Konvu uses Java dynamic instrumentation to identify truly exploitable vulnerabilities, reducing false positives and focusing remediation efforts.
Read more →
Navigating the Maze of Maven Dependencies - A Survival Guide
A comprehensive guide to understanding and managing Maven dependencies, including conflict resolution, best practices, and common pitfalls.
Read more →
How We Built Konvu for Global Scale From Day One
How Konvu built a global company from day one - lessons from US incorporation, international culture, and early market commitment by European founders.
Read more →