Writing

Thoughts, lessons, and things I find interesting along the way.

All agentic-ai-security ai-app-security ai-coding ai-coding-agents ai-infrastructure ai-security ai-tools api-rate-limiting api-security application-security aws-sam ci-cd-security cicd claude-code contact-forms crypto-agility developer-tools devops devsecops enterprise-passkeys enterprise-security fido gateway-api github-actions gitlab-ci hybrid-cloud-security identity-security ingress-nginx kubernetes kubernetes-ai-workloads llm-cost-optimization llm-infrastructure mcp monorepo network-security nextjs open-source-security owasp passwordless-authentication platform-engineering playwright post-quantum-cryptography pqc ransomware react saas saas-integrations sbom serverless-architecture side-project software-development software-supply-chain-security vs-code zero-trust zero-trust-architecture

ai-tools April 6, 2026

Building Site 4 That: An AI-Powered Tools Platform for Real Life

How I built Site 4 That — a SaaS platform with 40+ AI tools for ADHD, relationships, productivity, and parenting using Next.js 15, Claude, and Stripe.

claude-code April 1, 2026

Why Most CLAUDE.md Files Are Too Big: A Better Multi-Stack Claude Code Setup

Most CLAUDE.md files try to do too much. Here is a modular approach using conditional rules, subagents, and hooks that keeps context lean and Claude focused.

cicd March 17, 2026

React SPA Monorepo CI/CD: How to Automate Testing and Deploy Only What Changed

Learn how React SPA monorepo CI/CD works with 7 validation gates, Playwright E2E testing, intelligent change detection, selective deploys, and staging-to-production release workflows.

llm-cost-optimization March 15, 2026

LLM API Rate Limiting and Cost Control: Manage Token Budgets, Per-Key Throttling, and Cost Dashboards

Stop LLM API costs from spiraling. A practical guide to rate limiting, per-user token budgets, exact-match caching, and cost dashboards with a deployable open-source proxy.

ai-coding-agents March 14, 2026

Securing AI Coding Agent Workflows: Sandbox, Permission, and Review AI-Generated Code in Production Pipelines

Stop AI-generated code from reaching production unchecked. A practical framework for detection, policy-as-code, sandboxed execution, and risk-tiered review gates.

mcp March 13, 2026

Building Custom MCP Servers: Extend AI Agents with Domain-Specific Tools

Learn how to build production-grade MCP servers that connect AI agents to your internal databases, APIs, and tools with proper security, validation, and deployment.

serverless-architecture March 12, 2026

Serverless Contact Forms with AWS SAM: Why They Win on Cost, Security, and Simplicity

Why a serverless contact form backend built with AWS SAM, Lambda, DynamoDB, and SES beats traditional server setups on cost, security, and operational simplicity.

post-quantum-cryptography March 11, 2026

Post-Quantum Cryptography Migration Roadmap for IT Teams

NIST has moved post-quantum cryptography into a real migration phase. Here's how IT teams should inventory, prioritize, and plan the transition.

api-security March 10, 2026

API Security for AI Apps and Modern SaaS Integrations

Modern apps depend on APIs more than ever. Learn the API security practices that matter most for AI applications and SaaS integrations in 2026.

zero-trust-architecture March 7, 2026

Zero Trust Architecture in Practice for Hybrid and Multi-Cloud

A practical Zero Trust guide for hybrid and multi-cloud environments, based on real implementation patterns and operational lessons.

ai-coding-agents March 6, 2026

AI Coding Agents in 2026: How MCP Is Changing Software Development

Learn how AI coding agents work in 2026, why MCP matters, and how GitHub Agent HQ and Xcode are changing modern software development.

agentic-ai-security March 5, 2026

How to Secure Agentic AI Applications: The 2026 Playbook

A practical guide to agentic AI security in 2026, including OWASP-aligned risks, guardrails, tool controls, logging, and deployment advice.

kubernetes March 4, 2026

Ingress NGINX Retirement: Your Kubernetes Migration Guide

Ingress NGINX retires in March 2026. Here's how to evaluate your exposure, choose a migration path, and avoid breaking production traffic.

kubernetes-ai-workloads March 3, 2026

Kubernetes for AI Workloads: Networking, Gateways, and Reliability

AI workloads put new pressure on Kubernetes networking and reliability. Learn what platform teams should change in 2026.

software-supply-chain-security March 2, 2026

Software Supply Chain Security in the AI Era

AI speeds up software delivery, but it also amplifies dependency and provenance risks. Here's how to modernize software supply chain security in 2026.

identity-security March 1, 2026

Why Ransomware Is Becoming an Identity Problem

Ransomware is shifting from malware-heavy attacks to credential theft and session abuse. Here's what security teams should change in 2026.

enterprise-passkeys February 28, 2026

Enterprise Passkeys Rollout: What Actually Works

Planning an enterprise passkeys rollout? Learn the best implementation strategies, UX considerations, recovery flows, and adoption tips for 2026.