Designing a Scalable DNS Schema for Large Distributed Systems
In large distributed systems, a well-designed DNS schema isn’t just about naming; it’s about controlling access, enforcing boundaries, and supporting automat...
Recent posts
Platform as a Product – A Guide for Platform Product Owners
In the age of digital transformation, platforms are no longer just infrastructure, they are products. Whether you’re building a developer platform, data plat...
The Forgotten Defenders: A Guide to HTTP Security Headers
Despite years of advancements in web security, many applications still lack one of the simplest, most effective defense mechanisms: HTTP Security Headers. Th...
Building a Cloud-Native Container Platform from Scratch - Part 8
Part 8: The Future of Your Internal Platform. Progressive delivery, AI-driven insights, and what comes next.
Building a Cloud-Native Container Platform from Scratch - Part 7
Part 7: Day-2 Operations and Platform Maturity. From running to sustaining — the reality of platform engineering at scale.
Building a Cloud-Native Container Platform from Scratch - Part 6
Part 6: Scaling the Platform — Multi-Tenancy, Environments, and Governance. Designing for multiple teams, regions, and stages of software delivery.
Building a Cloud-Native Container Platform from Scratch - Part 5
Part 5: Crafting the Developer Experience Layer. Turning Kubernetes into a smooth, self-service developer platform.
Building a Cloud-Native Container Platform from Scratch - Part 4
Part 4: Installing Core Platform Services. GitOps, ingress, observability — laying the groundwork for self-service.
Building a Cloud-Native Container Platform from Scratch - Part 3
Part 3: Bootstrapping Your Infrastructure with Terraform. From zero to a secure, repeatable foundation in AWS.
Building a Cloud-Native Container Platform from Scratch - Part 2
Part 2: Choosing Your Container Platform Building Blocks. EKS, AKS, ECS, Nomad… How do you choose the right base for your internal platform?
Building a Cloud-Native Container Platform from Scratch - Part 1
Part 1: Why Build a Self-Service Container Platform? A pragmatic look at internal platforms, orchestration fatigue, and building for developer flow.
Container Security 101: From Dockerfiles to Runtime
How to Build, Ship, and Run Containers Without Opening the Front Door to Attackers
STRIDE vs. Attack Trees: Two Lenses for Threat Modeling
Threat modeling has evolved from a niche security task into a core part of modern software development. It’s not just for security engineers — it’s a tool pr...
How to Conduct a Post-Incident Security Review
Incidents happen. Maybe it was a misconfigured S3 bucket, a leaked token, or a logic bug that let a user see someone else’s data. The temptation after contai...
Authentication Pitfalls in the Real World
If there’s one thing nearly every developer has built at some point, it’s a login system. And why not? There are plenty of libraries to help, standards like ...
OWASP Top 10:2021 — A10: Server-Side Request Forgery (SSRF)
We’ve reached the end of the OWASP Top 10 in this OWASP Top 10:2021 series — and we’re finishing with a bang. SSRF is one of the most dangerous vulnerabiliti...
OWASP Top 10:2021 — A09: Security Logging and Monitoring Failures
You Can’t Respond to What You Don’t See
OWASP Top 10:2021 — A08: Software and Data Integrity Failures
Welcome back to this OWASP Top 10:2021 security series. Today, we’re stepping away from code bugs and logic flaws to talk about something much sneakier: trus...
OWASP Top 10:2021 — A07: Identification and Authentication Failures
Welcome back to this deep dive into the OWASP Top 10. Today we’re looking at something fundamental: authentication.
OWASP Top 10:2021 — A06: Vulnerable and Outdated Components
Welcome back to this OWASP Top 10 deep dive. Today’s topic — Vulnerable and Outdated Components — might not sound exciting at first, but it’s a silent killer...
OWASP Top 10:2021 — A05: Security Misconfiguration
Welcome to Part 5 of this OWASP Top 10 series. So far, we’ve covered insecure code, weak design, and architectural flaws. Now it’s time to talk about somethi...
OWASP Top 10:2021 — A04: Insecure Design
Welcome to Part 4 of our OWASP Top 10:2021 series. So far, we’ve looked at hands-on, tactical flaws like Injection and Cryptographic Failures. But now we’re ...
OWASP Top 10:2021 — A03: Injection
Welcome back to this OWASP Top 10 series. So far, we’ve looked at Broken Access Control and Cryptographic Failures — both dangerous, both preventable. Now we...
OWASP Top 10:2021 — A02: Cryptographic Failures
Welcome to part two of this OWASP Top 10:2021 series, where I break down each of the top security risks, in a way that makes sense to everyday engineers. In ...
OWASP Top 10:2021 — A01: Broken Access Control
Welcome to the first post in this OWASP Top 10:2021 series, where I break down each of the top security risks. This is for engineers who may not be security ...
The Future of AI in Software Development: A Partnership, Not a Replacement
The future of AI in software development is something that has been hotly debated, and I can understand why so many are quick to jump to the conclusion that ...
How to Improve Organisation Culture: A Guide to Transforming the Workplace
Organisational culture is the invisible force that drives the day-to-day behaviours, attitudes, and interactions within a company. This culture can sometimes...
Hiring for Platform Teams: Prioritise Engineers, Not Tools
Platform teams are at the heart of modern tech organisations, providing the tools, infrastructure, and systems that empower product teams to work efficiently...
Breaking Down Silos: How Platform Standardisation Transforms Engineering Effectiveness
In the rapidly evolving landscape of software engineering, one of the most persistent challenges is breaking down the invisible walls that separate teams. As...
Getting to grips with CSS: A Beginner’s Tutorial (Part 2)
Cascading Style Sheets (CSS) is a fundamental technology for web development, allowing you to control the presentation and layout of your HTML documents. Thi...
Getting to grips with CSS: A Beginner’s Tutorial (Part 1)
Cascading Style Sheets (CSS) is a fundamental technology for web development, allowing you to control the presentation and layout of your HTML documents. Thi...
Designing high performance Kanban processes
Kanban is a popular Agile methodology used to manage workflows and improve productivity. A Kanban board is a visual representation of your team’s workflow an...
Principles for building a successful platform
Building a software platform can be a challenging task. Even with the best technical features and capabilities, a platform won’t be successful if people don’...
Implementing effective OKRs
OKRs (Objectives and Key Results) are a powerful goal-setting framework that can help teams and organisations focus on achieving their most important objecti...
OpsLevel vs Backstage for Internal Developer Platforms
OpsLevel and Backstage are two popular internal developer platforms that offer a range of features for software development organisations. In this blog post,...
Monorepo vs Polyrepo - a comparison
When it comes to organising code repositories for software development projects, two popular approaches are monorepo and polyrepo. Both have their advantages...
Benefits of an Internal Developer Platform
In today’s rapidly evolving technological landscape, delivering software quickly and efficiently is paramount to staying competitive. An internal developer p...
AWS Lambda best practices
AWS Lambda has become one of the most popular serverless computing platforms in recent years. With Lambda, developers can easily run code in response to even...
Getting started with GitHub Actions
GitHub Actions is a powerful tool that allows you to automate your software development workflows. With GitHub Actions, you can build, test, and deploy your ...
Terraform vs Serverless Framework
Terraform and the Serverless Framework are two popular infrastructure-as-code tools that are widely used by developers and DevOps teams to automate the deplo...
Mentoring junior software engineers
Mentoring junior software engineers is a crucial aspect of building a strong and effective software development team. Mentoring is not only about imparting t...
Platform engineering best practices
Platform engineering is a crucial aspect of software development that involves creating a robust and scalable infrastructure that can support multiple applic...
AWS database offerings
When it comes to cloud computing, Amazon Web Services (AWS) is one of the most popular providers on the market. One of the main reasons for its popularity is...
Differences between senior and principal software engineer roles
The world of software engineering is vast, and it offers many job opportunities. Two of the most prestigious roles in this field are senior software engineer...
Maintaining team health when working remotely
In recent years, remote work has become increasingly popular, and it’s easy to see why. Remote work offers many benefits, such as greater flexibility and aut...
Benefits of kanban
Kanban is a lean approach to software development that focuses on the flow of work and continuous delivery. It is a visual system for managing work that enab...
Resolving conflict between colleagues
Resolving conflict between junior colleagues can be a challenging task, especially for managers who are responsible for maintaining a productive and harmonio...
Dead letter queues in AWS
Dead Letter Queues (DLQs) are a powerful feature in Amazon Web Services (AWS) that can help improve the reliability and resiliency of your applications. In t...
Making use of Terraform modules
Terraform is a powerful tool for managing infrastructure as code, allowing you to define and deploy your infrastructure in a repeatable and automated way. Te...
Benefits of serverless computing
Serverless technologies have been with us since Google released Google App Engine in 2008. For the first time a developer was able to develop a program and l...
Getting started with Cloud Custodian and AWS
Cloud Custodian is an open-source tool for managing your cloud resources across multiple cloud platforms, including Amazon Web Services (AWS). It is a policy...
AWS multi-account organizations
Everyone starts from a single AWS account and you may be wondering why you would need multiple AWS accounts. Let me explain…
Cloudflare vs Route 53 for DNS
DNS hosting is an essential component of any web application or website. It provides a way to map domain names to IP addresses, allowing users to access the ...
Setting effective career goals
Setting effective career goals is a crucial step towards achieving success in your professional life. Career goals help you define what you want to achieve, ...
Types of software testing
Software testing is a crucial step in the software development lifecycle. It helps identify and fix bugs and issues in the software before it is released to ...