Ensuring AI benefits humanity by advancing democratic AI, preventing misuse, and protecting against authoritarian threats.

You might be familiar with Things, a delightful personal task manager that has won two Apple Design Awards and is available across Apple devices including iPhone, iPad, Mac, Apple Watch, and Apple Vision Pro. At Cultured Code, the team behind Things, we care about a great user experience across every aspect of the product. This extends to our server back end, and after a rewrite our Things Cloud service has transitioned entirely to Swift. Over the past year in production, Swift has consistently proven to be reliable, performant, and remarkably well-suited for our server-side need.

Things Cloud serves as the backbone of the app’s experience, silently synchronizing to-dos across devices. The robustness of this work is ensured by a rigorous theoretical foundation, inspired by operational transformations and Git’s internals. After twelve years in production, Things Cloud has earned our users’ trust in its reliability. But despite the enduring strength of the architecture itself, the technology stack lagged behind.

Switching to Swift

Our legacy Things Cloud service was built on Python 2 and Google App Engine. While it was stable, it suffered from a growing list of limitations. In particular, slow response times impacted the user experience, high memory usage drove up infrastructure costs, and Python’s lack of static typing made every change risky. For our push notification system to be fast, we even had to develop a custom C-based service. As these issues accumulated and several deprecations loomed, we realized we needed a change.

A full rewrite is usually a last resort, but in our case, it was the only viable path for Things Cloud. We explored various programming languages including Java, Python 3, Go, and even C++. However, Swift – which was already a core part of our client apps – stood out for its potential and unique benefits. Swift promised excellent performance, predictable memory management through ARC, an expressive type system for reliability and maintainability, and seamless interoperability with C and C++.

While we initially had concerns that Swift’s server support wasn’t as mature as that found in other ecosystems, both Apple and the open-source community had shown strong commitment to its evolution. Swift had reliably compiled on Linux for a long time; the Swift Server workgroup had coordinated server efforts since 2016; the SwiftNIO library gave us confidence in the foundational capabilities, and Vapor provided all the tools to get us up and running quickly.

Convinced by these benefits and the opportunity to use the same language for client and server development, we embarked on a three-year journey to rewrite Things Cloud. We’ve been using it internally for the past two years, and it has now been live in production for over a year.

The new Swift-based service architecture

We’ll outline the core components of our new service architecture, highlighting the Swift packages we use. We’ve found that these components work well together to provide reliability and stability, and we believe this serves as a valuable reference point for others considering a similar transition to Swift.

Code

• Our Swift server codebase has around 30,000 lines of code. It produces a binary of 60 MB, and builds in ten minutes.
• It uses Vapor as an HTTP web framework, which uses SwiftNIO as its underlying network application framework.
• We compile a single “monolith” binary from our Swift source code, but use it to run multiple services, each configured by passing different parameters at runtime.
• We use Xcode for its robust suite of tools for development, debugging, and testing. It provides us with a familiar and consistent experience across both server and client environments.

Deployment

• AWS hosts our entire platform, and is entirely managed by Terraform, an infrastructure as code tool.
• We use a continuous integration pipeline to automate tests and build our Swift code into a Docker image. This is then deployed in a Kubernetes cluster alongside other components.
• The HAProxy load balancer is used to route client traffic to the appropriate Swift service in the cluster.

Storage

• Persistent data is stored in Amazon Aurora MySQL, a relational database, which we connect to with MySQLKit.
• To keep the database small, we’re offloading less-used data to S3, which we access via the Soto package.
• More ephemeral data, such as push notifications and caches, is stored in Redis, an in-memory key-value database, which we access via RediStack.

Other Services

• The APNSwift package is used to communicate with the Apple Push Notification service.
• AWS Lambda, a serverless compute service, powers our Mail to Things feature. This process is written in Python 3 due to its mature libraries for the processing of incoming emails. The results are passed to Swift using Amazon Simple Queue Service.

Monitoring

• We take the resilience of Things Cloud seriously and go to great lengths to ensure it.
• In Swift, we generate JSON logs using our own logger. To produce metrics, we’re using the Swift Prometheus.
• We use Amazon CloudWatch to store and analyze logs and metrics. It triggers Incidents, which reach the responsible engineer via PagerDuty.
• To test how well our service can recover from transient errors, we employ chaos testing. Each day, our self-written chaos agent performs random disruptive actions such as terminating a Swift service or restarting the database. We then verify that the system recovers as expected.

Results

We wanted to thoroughly test the performance and stability of the new Swift service architecture before it was deployed in production. So during the development phase, we deployed the new system alongside the existing legacy system. While the legacy system continued to be the operational service for all requests, the new system also processed them independently using its own logic and database.

This approach enabled us to develop and test the new system under real-world conditions without any risk to the user experience. Thanks to the confidence we built in the new system’s robustness and reliability through evaluating it with production workloads, we were able to deploy a hardened system from the very beginning.

Now, with over a full year in production, we’re pleased to report that Swift has fulfilled its promise for server-side development. It’s fast and memory-efficient. Our Kubernetes cluster comprises four instances, each with two virtual CPUs and 8 GB of memory, and has handled traffic peaks of up to 500 requests per second. Compared to the legacy system, this setup has led to a more than threefold reduction in compute costs, while response times have shortened dramatically.

And one extra win: Swift’s outstanding performance allowed us to replace our custom C-based push notification service with a Swift-based one; this significantly simplified our codebase and operations.

Conclusions

Swift turned out to be a great choice for server usage. It delivered on everything we had hoped for: We’re now using a modern and expressive programming language, the code runs and performs well, and the Swift ecosystem provides all the integrations we need. With a year of production use, we haven’t encountered a single operational issue.

For more information on our journey and experiences, you might enjoy our recent talk at the ServerSide.Swift conference.

We encourage other teams to consider using Swift for server-oriented projects. While we chose to undergo a complete rewrite, the gradual adoption of Swift is also an intriguing option, especially considering the recently announced initiative aimed at enhancing Java interoperability.

As for us, we believe our server architecture is in its best shape ever, and we’re thrilled about the new features we can build upon this solid foundation.

Yesterday I demonstrated creating a technical support assistant agent that makes getting help around technical support questions super easy. The demonstration resonated with a lot of my colleagues as many of the Healthcare and Life Sciences organizations we work with have similar setups and want to make self service help in this area easy for everyone and accessible by computer as well as phones.

In this example I show using Microsoft 365 Copilot Agent Builder to quickly create an Agent that reasons across a pre-existing Intranet IT help website as well as across a ServiceNow Knowledge Base.

Watch the video then check out the resources as well as the follow up article, written by Microsoft 365 Copilot, on using Agent Builder to create powerful experiences for your users.

Resources:

• Use the Copilot Studio Agent Builder to Build Agents | Microsoft Learn
• Use the Copilot Studio Agent Builder to Build Agents | Microsoft Learn
• Security and governance - Microsoft Copilot Studio | Microsoft Learn
• Microsoft 365 Copilot – Microsoft Adoption
• Microsoft Graph – Microsoft Adoption

Empowering Organizations with Microsoft 365 Copilot Agent Builder

Introduction to Microsoft 365 Copilot Agent Builder

Microsoft 365 Copilot Agent Builder is an innovative tool designed to simplify the creation of intelligent agents that assist with a variety of tasks within an organization. These agents can interact with users, providing quick and easy access to information and support. By leveraging the power of Microsoft 365 and Copilot Chat, organizations can streamline their workflows and improve the user experience.

Creating Agents with Microsoft 365 Copilot Agent Builder

The process of creating an agent with the Microsoft 365 Copilot Agent Builder is both quick and intuitive. The tool allows users to build agents that can reason across pre-existing data sources, such as intranet IT help websites and ServiceNow Knowledge Bases. This ensures that users receive accurate and relevant information tailored to their needs.

One key advantage of using Microsoft 365 Copilot Agent Builder is its ability to make support accessible across multiple platforms, including computers and phones. This flexibility is particularly valuable for organizations in sectors like Healthcare and Life Sciences, where timely and efficient support can make a significant difference.

Benefits and Examples of Agents Created with Microsoft 365 Copilot Agent Builder

Using Microsoft 365 Copilot Agent Builder to create agents offers several benefits for organizations:

• Enhanced User Experience: By providing users with quick access to information and support, organizations can improve overall satisfaction and productivity.
• Streamlined Workflows: Agents can handle repetitive tasks and queries, freeing up human resources to focus on more complex issues.
• Accessibility: The ability to interact with agents across various devices ensures that support is always within reach, regardless of location.
• Customization: Organizations can tailor agents to meet specific needs and requirements, ensuring that users receive the most relevant information and assistance.

Examples of Beneficial Agents

• IT Support Agent: This agent can help employees troubleshoot common technical issues, provide guidance on software usage, and offer step-by-step solutions to frequently encountered problems. It can access and reason across IT help websites and ServiceNow Knowledge Bases, ensuring accurate and up-to-date information.
• HR Assistant Agent: This agent can assist employees with HR-related inquiries, such as leave requests, benefits information, and company policies. It can provide quick answers and direct users to relevant resources, streamlining the HR support process.
• Training and Development Agent: This agent can guide employees through training programs, provide information on available courses, and track progress. It can also offer personalized recommendations based on the user's role and career goals.
• Customer Service Agent: This agent can handle customer inquiries, provide product information, and assist with order tracking and returns. It can be integrated with existing customer service platforms to ensure a seamless support experience.

Managing and Governing Agents in Microsoft 365 Copilot Agent Builder

Effective management and governance of agents created with Microsoft 365 Copilot Agent Builder are crucial to ensure their success and reliability. Here are some best practices:

• Regular Updates: Keep agents up to date with the latest information and resources to ensure they provide accurate and relevant support.
• Monitoring and Analytics: Use analytics tools to monitor agent performance and user interactions. This data can help identify areas for improvement and optimize the agent's effectiveness.
• Security and Compliance: Ensure that agents comply with organizational security policies and industry regulations. Implement appropriate access controls and data protection measures.
• User Feedback: Encourage users to provide feedback on their interactions with agents. This input can help refine and enhance the agent's functionality.

Conclusion

Microsoft 365 Copilot Agent Builder is a powerful tool that can transform the way organizations provide support and information to their users. By creating intelligent agents that can reason across multiple data sources, organizations can enhance user experience, streamline workflows, and ensure accessibility. With proper management and governance, these agents can become invaluable assets, driving efficiency and satisfaction within the organization.

Thanks for visiting – Michael Gannotti LinkedIn 

 

 

In this blog series dedicated to Microsoft's technical articles, we'll highlight our MVPs' favorite article along with their personal insights.

 

Violet Hansen, Microsoft Azure MVP, United Kingdom

Understand App Control for Business policy rules and file rules | Microsoft Learn

“This is by far the most visited page for me. I've referred to it countless times to learn about Application Control, formerly known as WDAC. It has so much valuable information that people in cyber security should thoroughly study.”

*Relevant Blog: I have so many contents related to Application Control and that page in particular. This is one of the important ones: Introduction · HotCakeX/Harden-Windows-Security Wiki If you scroll down you will see links to other related pages.

 

Michail Michalos, Security MVP, Greece

Enrich your advanced hunting experience using network layer signals from Zeek

“Bringing Zeek-based events in Microsoft Defender for Endpoint has been a considerable breakthrough for empowering threat hunting and detection engineering. This blog has helped immensely to better understand our environment's network activity, build baselines to avoid false positives in our detections but most importantly it allowed to hunt for malicious HTTP, SSL and DNS connections, not that ICMP and SSH go unnoticed.

The depth of information available in Advanced Hunting allows deep flexibility and given the potential of KQL throughout the XDR spectrum, one can only image what could be a potential malicious activity and just translate it into a query.

I keep this article in my bookmarks as a reference for its detailed write-up and the examples provided.”

*Relevant Activity: Following, an Advanced Hunting query I built as soon as the SSL inspection was announced.

KQL-threat-hunting-queries/02.ThreatDetection/ssl-inspection-for-malware-cnc.md at main · cyb3rmik3/KQL-threat-hunting-queries

 

Anuradha Samaranayake, Microsoft Azure MVP, United Arab Emirates

How do I apply Zero Trust principles to Azure IaaS? | Microsoft Learn

"This Microsoft Learning Documentation provides a comprehensive and practical guide to applying Zero Trust principles to Azure IaaS components. It offers valuable insights into transforming your cloud infrastructure by following a security-first mindset. By addressing core principles like verifying explicitly, using the least privileged access, and assuming breach, the content empowers readers to rethink their security strategy effectively.

 

The series focuses on real-world business scenarios, making it highly relevant for IT professionals and organizations aiming to strengthen their Azure environments. By breaking the implementation into manageable units, including Azure storage, virtual machines, and network architecture, it simplifies complex concepts into actionable steps.

 

With Zero Trust being an essential security framework in today's threat landscape, this content is an excellent resource for anyone looking to enhance their cloud security posture, adopt modern security principles, and drive organizational resilience."

*Relevant Blog: Applying Zero Trust Principles to Azure IaaS Security - Cloud Diary

 

Jurgen Allewijn, Microsoft Azure MVP, Netherlands

Introduction to Zero Trust - Training | Microsoft Learn

“I like the way that this learn module is setup in introducing Zero Trust based on the six main pillars. It gives a good insight in what has to be done to implement zero trust and at what level."

*Relevant Blog: Zero Trust in the Cloud. A Simple Path to Securing Cloud… | by Jurgen Allewijn | Medium

---

As Python developers, we're incredibly lucky to have over half a million packages that we can use to build our applications with over at PyPI. However, when it comes to choosing a UI framework, the options get narrowed down very quickly. Intersect those choices with the ones that work on mobile, and you have a very short list. Flutter is a UI framework for building desktop and mobile applications, and is in fact the one that we used to build the Talk Python courses app, you'd find at talkpython.fm/apps. That's why I'm so excited about Flet. Flet is a Python UI framework that is distributed and executed on the Flutter framework, making it impossible to build mobile apps and desktop apps with Python. We have Feodor Fitsner back on the show after he launched his project a couple years ago to give us an update on how close they are to a full featured mobile app framework in Python.

Episode sponsors

Posit
Podcast Later
Talk Python Courses

Links from the show

Download audio: https://talkpython.fm/episodes/download/494/update-on-flet-python-flutter-uis.mp3