Skip to main content
From our practice

Blog

Notes on cloud architecture, security, data & AI — from our practice in Berlin.

134articles9featured1146minutes total reading

Filter by topic

More articles

133 articles
AI & Data11 min read

A2A Protocol: Patterns for Multi-Agent Systems

How the Agent-to-Agent (A2A) protocol enables interoperable multi-agent systems on Azure — practical patterns, governance, and production guidance for 2026.

Read article
AI & Data10 min read

AI Agent Evaluation: Building a Testing Harness

How to build an evaluation and testing harness for AI agents — LLM evals, regression suites, golden datasets, tracing and CI gates that move agents from pilot to production.

Read article
AI & Data10 min read

AI Agent Memory and State: Architecture Patterns

Architecture patterns for AI agent memory and state management — short-term, long-term, episodic, and shared memory for reliable long-running agents.

Read article
AI & Data10 min read

Securing AI Agents: Prompt Injection & Tool Abuse

A practitioner threat model for AI agents — prompt injection defense, tool abuse containment, and excessive agency controls for production deployments.

Read article
AI & Data10 min read

Azure AI Foundry Production Readiness Checklist

A practitioner's checklist for taking Azure AI Foundry agents from pilot to production — reliability, observability, security, evaluation, and cost governance.

Read article
Cybersecurity10 min read

Post-Quantum Migration with Azure Key Vault

A practitioner guide to post-quantum cryptography on Azure — ML-KEM, Azure Key Vault and Managed HSM PQC, crypto-agility, and a realistic migration plan.

Read article
Cloud Architecture10 min read

Reserved Instances vs Savings Plans vs Spot on Azure

A practitioner deep-dive into Azure commitment strategy — when Reserved Instances, Savings Plans, or Spot VMs actually save money, and how to combine them.

Read article
Cybersecurity11 min read

Crypto-Agility Roadmap for the Post-Quantum Era

A practitioner roadmap for crypto agility and PQC migration — discovery, ML-KEM/ML-DSA adoption, Azure timelines, and a defensible plan for CTOs and CISOs.

Read article
Cybersecurity9 min read

Cryptographic Discovery: Find Where Crypto Lives

A practitioner guide to cryptographic discovery and building a CBOM — how to find where crypto is used across your estate before the quantum migration starts.

Read article
AI & Data11 min read

Azure OpenAI Audit Logging for the EU AI Act

How to build EU AI Act-compliant audit logging and traceability for Azure OpenAI workloads before the August 2026 high-risk obligations apply.

Read article
AI & Data11 min read

EU AI Act Post-Market Monitoring on Azure

How to operationalise EU AI Act post-market monitoring on Azure — logging, model drift detection, and serious-incident reporting duties for high-risk AI.

Read article
AI & Data10 min read

EU AI Act vs ISO 42001: A Practical Crosswalk

A practitioner crosswalk mapping ISO/IEC 42001 controls to EU AI Act obligations — what overlaps, what doesn't, and how to build one system.

Read article
AI & Data10 min read

End-to-End Fabric MLOps with Cross-Workspace MLflow

How to build end-to-end Fabric MLOps using cross-workspace MLflow — model registry, lineage, promotion gates, and bringing Azure Databricks and Azure ML assets into Fabric.

Read article
Cloud Architecture10 min read

Controlling GPU and AI Workload Costs on Azure

A practitioner guide to controlling GPU and AI workload cost on Azure — commitment strategy, scheduling, token engineering, and policy-as-code guardrails.

Read article
AI & Data10 min read

HITL Approval Gates for Autonomous AI Agents

How to design human-in-the-loop approval gates for autonomous agents — patterns, decision tables, and governance for production-grade agent oversight.

Read article
Cloud Architecture10 min read

Kubernetes Cost Allocation with OpenCost on AKS

A practitioner guide to Kubernetes cost allocation with OpenCost on AKS — namespace chargeback, idle cost, and when Kubecost earns its price.

Read article
AI & Data10 min read

Microsoft Agent Framework 1.0: Architecture Guide

An enterprise architecture guide to Microsoft Agent Framework 1.0 and Azure AI Foundry — A2A, MCP, observability, security, and cost governance for production agents.

Read article
Cybersecurity10 min read

ML-KEM and ML-DSA Explained for Architects

A practitioner's guide to ML-KEM (FIPS 203) and ML-DSA (FIPS 204) — what the post-quantum algorithms do, where they fit, and how to migrate.

Read article
AI & Data11 min read

Multi-Agent Failure Modes & How to Design Around Them

The failure modes that kill multi-agent systems in production — cascading errors, coordination deadlocks, cost runaway — and the architecture patterns that contain them.

Read article
Cybersecurity9 min read

NIS2 BSI Registration in Germany: Step-by-Step

A practitioner walkthrough of NIS2 BSI registration under NIS2UmsG — scope test, the BSI portal, deadlines, data you need, and what comes after.

Read article
Cybersecurity10 min read

NIS2 24/72-Hour Incident Reporting Runbook

A practitioner runbook for the NIS2 24-hour early warning and 72-hour report — thresholds, decision triggers, templates, and German BSI specifics.

Read article
Cybersecurity10 min read

Mapping NIS2 to Microsoft Sentinel Detections

A practitioner guide to mapping NIS2 risk-management measures to Microsoft Sentinel detections, KQL analytics, and SOC evidence under the German NIS2UmsG.

Read article
Cybersecurity10 min read

The 10 NIS2 Risk-Management Measures on Azure

Map all 10 NIS2 Article 21 risk-management measures to concrete Azure controls — with an implementation checklist for German entities.

Read article
AI & Data10 min read

Power BI Semantic Models Built for Copilot

How to design Power BI semantic models that Copilot can reason about reliably — naming, descriptions, the Copilot Tooling Format, and a CI-friendly workflow.

Read article
Cybersecurity6 min read

Building a Zero-Trust AI Platform on Azure Databricks

How we designed a fully private Azure Databricks platform with hub-spoke networking, forced-tunnel firewall, private endpoints, and managed identities — no public IPs, no stored secrets.

Read article
Cloud Architecture1 min read

Welcome to the Conceptualise blog

Cloud, security, data, and AI notes from our Berlin practice — plus how we work with clients.

Read article
Cloud Architecture11 min read

Migrating from AWS to Azure: A 12-Week Enterprise Playbook

A week-by-week enterprise playbook for migrating from AWS to Azure covering discovery, architecture mapping, identity, networking, data migration, application migration, and cutover.

Read article
Software Engineering6 min read

Enterprise API Design: 8 Principles That Scale

Eight battle-tested API design principles for enterprise systems — REST vs gRPC, versioning, pagination, error handling, and more.

Read article
Digital Transformation7 min read

Post-Merger IT Integration: The 90-Day Playbook

A practical 90-day playbook for post-merger IT integration covering Day-1 readiness, identity, network, apps, and communication.

Read article