Resources · Blog

Writing on B2B, compliance, DevSecOps, and AI.

Insights from the OpenCentric team on the topics we work in every day — container security, compliance engineering, RAG pipelines, cloud cost, and the infrastructure of trust in B2B markets.

FactoryMay 15, 2026·8 min read

Why your Dockerfile FROM line is a compliance liability

Most teams pick a base image once and forget about it. We explain what's actually in your image, why weekly rebuilds matter, and how signed SBOMs change the audit conversation.

Read article

DevSecOps

Shift-left is dead. Long live shift-left.

The promise of shifting security left hasn't failed — but the implementation often has. We look at what actually works: policy-as-code, admission controllers, and embedding advisors, not tools.

May 8, 202611 min read

Compliance

SOC 2 in 6 weeks: the brutally honest timeline

Everyone claims you can get SOC 2 ready in 30 days. Here's what that actually requires, where teams get stuck, and a more realistic 6-week plan that holds up under auditor scrutiny.

April 29, 202614 min read

AI Transformation

RAG in production: the failure modes nobody talks about

Hallucination gets all the attention. But the RAG failures that actually kill products in production are subtler: stale indexes, retrieval misses, and context poisoning. We document all of them.

April 22, 202612 min read

Platform

Why B2B discovery is broken — and how structured identity fixes it

Cold outreach has a 2% response rate. Referrals don't scale. Search engines rank content, not capability. The underlying problem is that business identity is unstructured. Here's what we're doing about it.

April 14, 20269 min read

FinOps

Your cloud bill is a product problem

Most FinOps programmes treat cost as an ops issue. The teams that actually control cloud spend treat it as a product decision. We explain the difference with real examples from Kubernetes cost allocation.

April 3, 202610 min read