Tag
security
10 articles tagged with “security”
Secrets Management in IaC: No More Hardcoded Credentials
Azure Key Vault integration, Terraform sensitive variables, Pulumi secrets, and CI/CD secret injection patterns.
OWASP Top 10: The Developer's Security Checklist
A practical guide to the OWASP Top 10 — injection, broken authentication, XSS, IDOR, security misconfigurations, and how to prevent each vulnerability class.
JWT Authentication: From Basics to Best Practices
How JSON Web Tokens work, signing algorithms (HS256 vs RS256), common vulnerabilities (algorithm confusion, none attack), token storage, and refresh token patterns.
OAuth 2.0 & OIDC: Authorization and Identity Explained
OAuth 2.0 grant types, PKCE, OpenID Connect layers, access vs ID tokens, token introspection, and securing SPAs and APIs with modern auth flows.
Zero Trust Architecture: Never Trust, Always Verify
Core principles of Zero Trust, microsegmentation, identity-centric security, BeyondCorp, continuous verification, and implementing Zero Trust in cloud environments.
Dependency Scanning: Securing Your Software Supply Chain
Supply chain attacks, CVE scoring, SBOMs, transitive vulnerabilities, lockfile integrity, dependency confusion, Sigstore, and tools like Snyk and Dependabot.
Secrets Management: Keeping Credentials Out of Code
Vault patterns, dynamic secrets, automated rotation, git secret scanning, HashiCorp Vault, Azure Key Vault, envelope encryption, and incident response for leaked secrets.
Threat Modeling for Developers: STRIDE, DREAD & Beyond
STRIDE threat categories, data flow diagrams, trust boundaries, attack trees, DREAD scoring, PASTA methodology, and integrating threat modeling into the SDLC.
Docker for Production: Multi-Stage Builds, Security, and Compose
Multi-stage builds that cut image size by 80%, non-root users, read-only filesystems, health checks, and Compose patterns for local development parity.
Prompt Injection: Attack Vectors and Defence in Production
Direct injection, indirect injection via retrieved content, jailbreaks, and the defence-in-depth architecture that keeps LLM applications secure.

