Backend Proxy 및 Secret Management 기반 API Token 유출 원천 차단 설계
# Securing API Tokens: Protecting Your AI Applications from Credential Leakage
# Securing API Tokens: Protecting Your AI Applications from Credential Leakage
How I Built and Secured a Self-Hosted Stack
How Do You Prepare ECS Fargate for a SOC 2 Audit?
The Engineering Buyer’s Guide: How to Compare Just-In-Time (JIT) Access Solutions
Hublo: a web desktop that runs as your own Unix user over SSH — with a sandboxed app store
Your AI Agents Are Privileged Identities. You're Treating Them Like Interns.
100 Days of DevOps, Day 4: Permissions That Actually Matter and Why S3 Versioning Shouldn't Be Optional
The agent that cannot sign: a pattern for letting AI move value without self-authorization
The Complete Guide to Firebase Security Rules: Why They Matter and how to Write Them
I built an AWS access recertification engine that actually enforces the decision
Keyless by Default: Securing FarmOps Desk without a Single Static Secret
AI Coding Agents Are the New Attack Surface Nobody's Ready For
I gave Claude SSH access to my server — here's the consent gate that makes it safe
AINAScan Found Two Security Bugs in a Real Open-Source App — Here Is What Happened
DevOps Security Best Practices Every Engineering Team Should Follow
SOC 2 Type I & Type II: A Complete Beginner-to-Expert Guide
MCP Server Auth: The API Is the Real Boundary
Building Trust Into Authentication: Practical Access Control Patterns for Modern Apps
MCP Security: The Risks of Model Context Protocol and How to Govern It (2026)
Dependabot can finally pull from private GitHub Packages without a PAT