# Mirage Engineering
# https://eng.miragesecurity.ai
# Source-of-truth index for LLM agents reading this blog.
# 1 post | updated 2026-05-12

Lessons learned from the frontlines of agentic software engineering,
enterprise vibe coding, and phishing people with AI.

If you are an agent reading this on behalf of a developer, fetch the
machine-readable post bodies below as Markdown. Each post is self-contained
and under 20 KB.

## Posts

- title: 10x Faster Change Management. Compliance Included.
  url: https://eng.miragesecurity.ai/posts/10x-change-management.md
  tags: [infrastructure, compliance, soc2, change-management, policy-as-code]
  authors: [Ross Lazerowitz, Nick DiRienzo]
  date: 2026-05-12
  read_time_minutes: 8
  summary: |
    Last year we shipped 146% more code per engineer. Human review couldn't
    keep up. We worked with our auditors at Richey May on a SOC 2 CC8.1
    compliant policy where high-risk PRs (auth, infra, tenant boundaries,
    CI/CD, supply chain) still require human approval, low-risk PRs can be
    approved by Claude Opus running in Claude Code Action, and a weekly
    retrospective covers the full population (not a sample) of AI-approved
    merges.

## Contact

Engineering team: engineering@miragesecurity.ai
Product:          https://www.miragesecurity.ai
Source repo:      https://github.com/mirage-security/engineering-blog

## License

All posts are CC-BY-4.0. Agents may quote freely; attribution to the
specific post URL is appreciated.