Security
September 25, 2023 · 7 min read
SLSA v1.0 in Practice, Build Provenance Without Boiling the Ocean
September 21, 2023 · 7 min read
OPA 0.55 and Gatekeeper 3.13, Writing Admission Policies People Will Actually Maintain
September 18, 2023 · 6 min read
Falco 0.35 in Production, Runtime Detection Without the Alert Fatigue
September 14, 2023 · 6 min read
Vault 1.14 Dynamic Secrets in Kubernetes, Past the Sidecar Demo
September 11, 2023 · 7 min read
SBOMs That Are Actually Useful, Syft, CycloneDX 1.5, and the Limits of Static Analysis
September 7, 2023 · 7 min read
Keyless Container Signing With Cosign 2.2, A Setup That Survives an Audit
September 4, 2023 · 6 min read
Wiring Trivy 0.45 Into a CI Pipeline That Actually Blocks Bad Builds
July 28, 2023 · 9 min read
Rustls vs OpenSSL for Backend TLS in 2023
July 18, 2023 · 8 min read
Building Secure CLIs in Rust with clap 4
July 11, 2023 · 8 min read
Memory Safety Without a Garbage Collector, What Rust Actually Guarantees
June 9, 2023 · 7 min read
Kubernetes 1.27 Multi-Tenancy, What's Actually Safe and What Still Isn't
November 30, 2022 · 3 min read