Harness engineering

The trick isn't learning to feel the wax soften before the feathers go. It's being honest enough with yourself to know the difference between burning for something and just burning.

Most people who burn out aren't flying too close to the sun — they're flying toward the wrong thing entirely. The wax doesn't care how hard you're working. It only cares whether the heat is coming from your direction or your fuel.

The real choice isn't between obsession and balance. It's between intentional intensity and directionless drift. One requires you to know exactly what you're optimizing for. The other just requires you to keep showing up.

Somewhere between telling other people's stories, writing my own, and trying to be useful to both, I realized the question isn't whether to go all in. It's what you're going all in on, and whether you're building it or feeding it.

Gripping something too tightly doesn't just exhaust you — it changes what you're holding. The thing you're protecting starts demanding pieces of you to sustain itself.

Someone called me obsessive recently. They corrected themselves almost immediately and said extreme, like it helped. I've been thinking about it since because I couldn't work out if it was a warning or a compliment, or both.

Daedalus understood something we don't like to admit — both directions kill you. The only safe altitude is the one that requires constant adjustment.

Everyone seems to remember that Icarus flew too close to the sun, but not that his father also told him not to fly too low and let the sea dampen his wings. We only ever tell half the story: the falling half. Hubris makes a better cautionary tale than mediocrity does.

I always appreciate when Claude resorts to question and exclamation marks in its statements — it's reassuring knowing I'm not the only one deeply confused as to what's going on.

Early Access Join the InferaDB waitlist — lock in launch-day pricing, get priority onboarding, and be first to deploy the authorization database built for modern software.

We built this because we saw the same failures at Auth0. It's what we wished existed.

Join 200+ teams on the early access list: inferadb.com/waitlist

Cryptographic isolation — not row-level security bolted onto a general-purpose database

Every permission check is tenant-scoped by default

Cross-tenant access is architecturally impossible, not just policy-restricted

2.8 microsecond p99 latency — isolation doesn't mean slow

2026 is being called "the year SaaS breaches go from trend to epidemic." The root cause is the same: authorization and isolation are implemented at the application layer, where a single missed WHERE clause exposes everything.

InferaDB enforces tenant isolation at the storage engine level:

Shared caches without tenant scoping serve the right answer to the wrong customer. Connection pool contamination and async context leaks cause RLS to fail silently.

Cross-tenant data exposure from misconfigured APIs increased 17% in SaaS environments this year. PostgreSQL CVE-2024-10976 showed RLS policies silently failing below subqueries. CVE-2025-8713 revealed optimizer statistics leaking data from rows RLS was supposed to hide.

Authentication and authorization alone don't achieve tenant isolation.

A user can be fully authenticated, fully authorized for their own tenant — and still access another tenant's resources if isolation isn't enforced at the infrastructure level.

This isn't theoretical.

Early Access Join the InferaDB waitlist — lock in launch-day pricing, get priority onboarding, and be first to deploy the authorization database built for modern software.

- Purpose-built infrastructure, not policy rules duct-taped to a general-purpose database

The agent era needs authorization infrastructure built for agents: inferadb.com/waitlist

InferaDB provides the authorization layer MCP deployments need:

- Fine-grained, context-aware permission checks at microsecond latency
- Scoped, short-lived authorization decisions — not broad token grants
- Cryptographic audit trail for every agent action

The MCP spec uses OAuth for authorization, but the implementation conflicts with modern enterprise security practices. Efforts are underway to fix this — production deployments aren't waiting.

Authorization can't be an afterthought bolted onto your agent framework.

- Confused deputy attacks: malicious clients exploit proxy servers to get authorization without consent
- Token scope creep: broadly scoped, long-lived tokens become attack vectors
- Prompt injection: manipulated context steers agents into unsafe tool use

MCP formalizes context exchange — but doesn't validate the legitimacy of what enters that context. Malicious content in the pipeline becomes part of the agent's decision-making.

The risks:

- Over-permissioning: connectors expose too much, agents access data beyond task scope

Model Context Protocol (MCP) is becoming the standard for connecting AI agents to enterprise systems. But its authorization model has a fundamental problem.

Early Access Join the InferaDB waitlist — lock in launch-day pricing, get priority onboarding, and be first to deploy the authorization database built for modern software.

- Tenant isolation is enforced at the storage layer, not the application layer

We built OpenFGA at Auth0. We've seen what breaks at scale. Now we're building what we wished existed.

200+ teams are already on the early access list: inferadb.com/waitlist

At InferaDB, we're building authorization infrastructure purpose-built for this moment:

- Agents get scoped, identity-aware permissions — not shared API keys
- Every permission check completes in 2.8 microseconds at p99
- Every decision is logged with a cryptographic audit trail

The result? 88% of organizations confirmed or suspected agent-related security incidents this year.

The problem isn't that agents are dangerous. It's that we're giving them the keys to the kingdom without building the lock.

Here's what's happening: 81% of teams have deployed AI agents past the planning phase. But only 14.4% have full security approval. Agents are calling APIs, accessing databases, and acting on behalf of users — with zero fine-grained authorization.

Only 22% of teams treat AI agents as independent identities. The rest? Shared API keys.

That stat comes from the 2026 State of AI Agent Security Report — and it should terrify every CISO reading this.

I don't quite know how Marathon's graphic realism aesthetic fits into enterprise software yet, but I can't help wanting every UI I touch to have it. It's just gorgeous.

Early Access Join the InferaDB waitlist — lock in launch-day pricing, get priority onboarding, and be first to deploy the authorization database built for modern software.

• Built by the team that helped create OpenFGA (CNCF incubating, used by Grafana Labs, Docker, Canonical)

Early access: inferadb.com/waitlist

InferaDB is purpose-built authorization infrastructure:

• Centralized policy enforcement across every service
• Relationship-based access control (ReBAC) — not static role lookups
• Every decision is explainable, traceable, replayable