Apr 16 · 6 min read · The sequel Yesterday was about pain — fighting the ocean integration, the grayed-out button, the docker image wall. Today was about pushing past that and seeing how far the platform actually goes. Spoiler: pretty far, but every step has a catch. What...
Join discussion
Mar 3 · 5 min read · Dependency Management and Security Scanning The average JavaScript project has 200+ transitive dependencies. The average Python project has 50+. Every one of them is attack surface. Supply chain attacks — compromising a widely-used package to inject ...
Join discussionFeb 6 · 16 min read · Basic security terms for the course SAST, SCA, DAST, IAST SAST: Static Application Security Testing (Code review for your own code)-> white box testing SCA: Software Composition Analysis (Background check of external libraries you use) DAST: Dynam...
Join discussion
Nov 30, 2025 · 12 min read · TL;DR: Scanners that run automatically, findings that aggregate in one place, reports that don't make stakeholders' eyes glaze over. For small-to-medium engineering teams who need real security without hiring a dedicated AppSec team. Security scanne...
Join discussion
May 3, 2025 · 4 min read · In a fast-moving industry like tech, the difference between staying ahead and falling behind often comes down to the tools you use. Whether you are coding UI components, managing infrastructure, or scaling apps across the cloud, your stack is your su...
Join discussion
Feb 24, 2025 · 5 min read · 🚀 Introduction In the fast-paced world of web development, staying ahead of the curve is crucial. With new tools and technologies emerging every year, developers need to equip themselves with the best resources to boost productivity, streamline work...
Join discussion
Feb 20, 2025 · 5 min read · 🔒 Imagine this: You’ve spent months building a web application, and just as it’s about to launch, a hacker exploits a vulnerability, stealing user data and crashing your system. The result? Lost revenue, damaged reputation, and countless hours of wo...
Join discussion
Jan 27, 2025 · 3 min read · What is Snyk IaC Snyk is a misconfiguration IaC tool that identifies vulnerabilities in how people write their code. Though I am writing about its use with Terraform on Azure, it supports other IaC tools, Cloud platforms, and various coding languages...
Join discussion
Jun 26, 2024 · 3 min read · Unveiling Snyk: Simplifying Open Source Security Introduction With the widespread adoption of open-source software, managing dependencies and ensuring their security has become a critical aspect of modern software development. Snyk is a comprehensive...
Join discussion
Mar 8, 2024 · 6 min read · In the fast-paced world of software development, there's a delicate dance between the need for speed and the imperative of security. Historically, these two forces have often been at odds. Developers have long been caught in the crossfire, striving t...
Join discussion
