Technical essays, architectural deep-dives, and practical guides at the intersection of code and design.
Page 2 of 28
How to detect and manage vulnerable dependencies across hundreds of repositories. Covers SCA tools (Snyk, Dependabot, Trivy), SBOM generation, vulnerability prioritization, and building an automated remediation pipeline.
How to build security observability in AWS using CloudTrail, CloudWatch, and Athena. Covers audit logging, anomaly detection, SIEM integration, and building custom security dashboards.
Understand why code signing matters and how to implement it. Covers signing Git commits, Docker images (cosign/Notary), npm packages, and building a chain of trust from developer to production.
Automate compliance for SOC2 and ISO 27001 using infrastructure as code, continuous monitoring, and policy-as-code tools. Covers AWS Config, Open Policy Agent, and building evidence collection pipelines.
Deep dive into AWS IAM security best practices. Covers permission boundaries, SCPs, assume role chains, session policies, and how to audit IAM for least-privilege access in production environments.
Build automated security remediation using AWS Lambda, EventBridge, and Config Rules. Auto-close open security groups, revoke public S3 buckets, and enforce tagging — with real Lambda code examples.
How to build a complete security pipeline integrated into your CI/CD. Covers SAST, DAST, SCA, secret scanning, infrastructure scanning, and how to shift security left without slowing down developers.
Build a real cloud security scanner from scratch using Python and AWS APIs. Scan for open security groups, public S3 buckets, unencrypted volumes, overly permissive IAM policies, and generate a security report.
Build real-time applications with WebSockets and Socket.io in Node.js — rooms, namespaces, scaling with Redis adapter, and handling reconnection
Comprehensive testing strategies for Node.js applications with Jest, Supertest, and Testcontainers — from unit tests to end-to-end API testing
Use Redis with Node.js for caching, session storage, pub/sub messaging, rate limiting, and distributed locks using ioredis
Connect Node.js to PostgreSQL using pg, Knex.js, and Prisma ORM. Learn connection pooling, migrations, transactions, and query optimization