May 2026 Summaries
9 posts from Vercel
Filter
Month:
Year:
Post Summaries
Back to Blog
In the context of AI endpoint security, inference theft poses a significant risk due to the high costs associated with AI calls, compared to the relatively inexpensive HTTP requests. This type of theft involves unauthorized use and resale of AI inference, which can lead to substantial financial losses for AI operators. Traditional defenses like IP rate limits and authentication walls are insufficient because attackers can easily bypass these measures using residential proxies and disposable accounts. Sophisticated attackers can adapt custom AI endpoints to be compatible with standard platforms, enabling them to resell stolen inference at a fraction of the cost. A real incident at Vercel demonstrated the effectiveness of using Vercel's BotID for deep analysis to protect against such attacks by verifying every AI request individually, rather than at the session level. This approach helps prevent attackers from amortizing their bypass costs across multiple calls, leveraging the cost asymmetry between expensive inference and cheap verification. Implementing such verification strategies can mitigate the risk of inference theft and protect the financial and operational integrity of AI services.
May 29, 2026
1,215 words in the original blog post.
Inference theft is a significant challenge for AI systems, where unauthorized users exploit AI inference endpoints to conduct costly operations without incurring expenses, subsequently reselling the stolen resources at a lower price. This type of theft can dramatically increase operational costs for AI service providers, as seen in cases where traffic spikes lead to tens of thousands of dollars in potential losses. Traditional defenses such as IP rate limits and authentication walls often prove inadequate due to attackers using sophisticated measures like residential proxies and custom adapters to bypass security. To combat this, it is crucial to implement verification on every AI request rather than just at the session level. Vercel employs BotID deep analysis, a tool that effectively distinguishes between legitimate users and bots without visible challenges, thereby protecting endpoints by evaluating each request individually. This approach helps maintain normal traffic levels and prevent significant financial damage from inference theft, demonstrating the importance of robust AI endpoint security in mitigating the risk of unauthorized access and resource exploitation.
May 29, 2026
1,239 words in the original blog post.
Endeavour Energy, one of Australia's largest electricity distributors, serving over 2.8 million people, faced challenges with their outage map during storms due to high traffic and outdated infrastructure. To address these issues, they migrated their system to Vercel, implementing a headless setup with Next.js for the frontend and Supabase for real-time data management, while maintaining their existing CMS for content editing. This transformation resulted in significantly faster deployments, with sub-second page loads even during peak storm traffic and a five-minute data sync cycle, replacing the previous manual and unreliable system. The incremental migration approach avoided service disruption, and Vercel's preview deployments facilitated quicker stakeholder approvals. The new system allows Endeavour Energy to focus on customer needs, ensuring the outage map provides timely and accurate information during storm seasons.
May 28, 2026
1,342 words in the original blog post.
Conductor, an innovative tool for engineering teams, facilitates the management of multiple parallel coding agents in the cloud, offering a model-agnostic interface that seamlessly integrates with platforms like Claude Code and Codex. Originally constrained by local hardware limitations, Conductor's transition to cloud-based execution, powered by Vercel Sandboxes, allows developers to operate without interruption, regardless of local device status. This advancement has been particularly beneficial for teams at companies such as Notion, Linear, and Ramp, who appreciate the ability to manage and review the work of various agents concurrently. The move to the cloud not only enhances scalability but also ensures reliability and speed, which are critical for maintaining developer trust in the execution infrastructure. Charlie Holtz, co-founder and CEO of Conductor, emphasizes the importance of having a robust cloud layer that remains adaptable amid rapidly evolving technological trends, with Vercel providing the necessary support and performance for Conductor's continued innovation.
May 27, 2026
747 words in the original blog post.
In the rapidly evolving AI industry, different models excel in varied use cases, as evidenced by data from Vercel's AI Gateway, which serves tens of trillions of tokens across numerous models. Anthropic leads in spending due to high-stakes applications, while Google dominates in token volume with its consumer-focused, cost-efficient models. OpenAI's share is increasing, driven by recent model updates, highlighting the dynamic nature of model adoption. The data reveals that AI workloads are becoming more agentic, with tool-using requests carrying a significantly higher token volume. Teams handling large-scale requests utilize an average of 35 models, reflecting a shift towards flexible, multi-model architectures that allow rapid adaptation to new releases and circumvent provider outages. This approach underscores the importance of designing AI systems based on workload efficiency and reliability rather than allegiance to specific providers, drawing parallels to early cloud computing strategies.
May 12, 2026
1,915 words in the original blog post.
Superset, founded by former CTOs Kiet Ho, Satya Patel, and Avi Peltz, is an innovative IDE designed for the era of multi-agent AI development, enabling developers to manage multiple coding agents in parallel within isolated workspaces. With its operations based on Vercel, Superset facilitates the automatic deployment of branches with live URLs, supporting around 600 preview deployments daily and maintaining an efficient workflow without the need for a dedicated platform engineering team. This setup allows developers to focus on product development instead of infrastructure management, as evidenced by their ability to handle rapid user growth, such as during a Hacker News launch, and swiftly manage incidents with quick rollbacks. Superset's architecture includes a robust AI stack that supports multi-model workflows and scalable compute resources, ensuring that the transition from development to deployment is seamless and fast, with build times averaging around 30 seconds. Using Superset, the team demonstrates its capability to efficiently handle exponential growth in development tasks, maintaining high velocity and continuous integration without bottlenecks, and setting the stage for future scalability and enhancements in AI agent capabilities.
May 10, 2026
997 words in the original blog post.
KIKO Milano, a global beauty brand, significantly improved its ecommerce operations by migrating from AWS to Vercel, eliminating weeks of manual infrastructure preparation for events like Black Friday. Previously, KIKO had to manually scale AWS resources and adjust configurations weeks in advance, a process that was both time-consuming and risky, as any miscalculation could lead to site slowdowns or crashes. With Vercel, KIKO benefits from automatic scaling, faster app builds, and the ability to deploy multiple times a day, transforming their focus from infrastructure management to enhancing the ecommerce experience. This shift has not only reduced the operational burden but also increased the team's confidence and efficiency, allowing them to innovate rapidly and improve SEO. The seamless scalability during traffic spikes and the supportive partnership with Vercel have been invaluable, enabling KIKO to concentrate on delivering quality service without the stress of infrastructure limitations.
May 05, 2026
846 words in the original blog post.
General Intelligence, an 8-person company with 5 engineers, is developing a platform called Cofounder, which empowers founders to run companies entirely with AI agents, covering departments such as engineering, marketing, and finance. To achieve this, they operate as an agent-driven business themselves, necessitating full programmatic control over their infrastructure, which led them to migrate from Render to Vercel. This move allows them to automate most of their Site Reliability Engineering tasks and efficiently manage multiple app versions, enabling each engineer to ship numerous PRs and commits daily. Cofounder provides customers with a managed Vercel account and a GitHub repository, facilitating seamless deployment and domain management, as agents like Cofounder's CTO handle end-to-end workflows. The company plans to continue scaling its operations on Vercel, ensuring customers can focus on their business without worrying about the underlying infrastructure.
May 04, 2026
1,101 words in the original blog post.
Deepsec is an open-source security tool designed to uncover hard-to-find issues in large codebases by utilizing coding agents and running on a user's own infrastructure without requiring cloud services for source code access. It incorporates Opus 4.7 and GPT 5.5 models for codebase investigation, starting with static analysis to identify security-sensitive files, followed by detailed investigation, validation, enrichment, and export of findings into actionable tickets. The tool supports parallel research execution via Vercel Sandboxes, enabling scalability to over 1,000 concurrent sandboxes, and has proven effective in identifying subtle security issues, such as edge cases in authentication conditions, in Vercel's own monorepos. Deepsec's false positive rate is around 10-20%, and it includes a revalidation step to reduce inaccuracies. It is particularly suited for applications and services, with customization options available through plugins, and is compatible with both specialized and off-the-shelf AI models to perform security tasks. Users can begin using deepsec by initializing it in their repository, with further guidance available on GitHub, where feedback and contributions to its development are encouraged.
May 04, 2026
952 words in the original blog post.