Blog / Security

Posts on Security

All Golang (9) Architecture (7) Getting started (4) Security (4) DevOps (3) homelab (3) Kubernetes (3) Microservices (3) server (3) TypeScript (3) AI (2) Backend (2) cisco (2) Data Engineering (2) Development (2) networking (2) Performance (2) rack (2) Cloud (1) Cloud Native (1) Enterprise (1) Frontend (1) hardware (1) Infrastructure (1) Productivity (1)
Architecting AI Applications for Production
Architecture Backend Security

Architecting AI Applications for Production

A threat-model-first walkthrough of shipping LLM-backed features — prompt injection defenses, multi-provider failover, structured output, cost control, and the concurrency traps that melt AI services in production.
Zero Trust Security for Microservices
Security Architecture DevOps

Zero Trust Security for Microservices

Service-mesh zero trust, in practice: SPIFFE identities, mTLS by default, Istio and Linkerd policy at the sidecar, network policies underneath, and the places where you still need app-level authorization.
Authentication Patterns for Distributed Systems
Security Golang TypeScript

Authentication Patterns for Distributed Systems

A threat-model-first walkthrough of JWT, OAuth2/OIDC, refresh rotation, and zero trust auth for Go services — with the mistakes that actually burn people in production.
Authorization Patterns for Go Microservices
Security Golang Microservices

Authorization Patterns for Go Microservices

Authorization in a service mesh — RBAC, ABAC, policy engines, SPIFFE service identity, and deny-by-default patterns for Go microservices without the panics and silent bypasses.