Security

post-image
November 28, 2022 · 5 min read
Audit Logging for Backend APIs
post-image
November 25, 2022 · 5 min read
Input Validation and the OWASP Top 10
post-image
November 23, 2022 · 4 min read
CSRF Defense Patterns in 2022
post-image
November 21, 2022 · 4 min read
CORS, What It Actually Protects
post-image
November 18, 2022 · 4 min read
API Keys vs OAuth for Third-Party Access
post-image
November 16, 2022 · 4 min read
Distributed Rate Limiting with Redis
post-image
November 14, 2022 · 5 min read
Rate Limiting Algorithms, Token Bucket, Leaky Bucket, Sliding Window
post-image
November 11, 2022 · 3 min read
OAuth 2.1 vs OAuth 2.0, What Changed
post-image
November 9, 2022 · 4 min read
Refresh Tokens and Token Revocation
post-image
November 7, 2022 · 4 min read
Why JWT for Sessions Is Usually Wrong
post-image
November 4, 2022 · 5 min read
JWT Done Right, Signing, Verifying, Rotating Keys
post-image
November 2, 2022 · 4 min read
Backend API Security in 2022, The Threat Model