After implementing SBOM signing and verification across 50+ microservices in production, I can tell you: supply chain security is one of those things that feels like overkill until you find a compromised base image in your pipeline. Here’s what actually works in practice — not theory, but the exact patterns… Read more →
Security, DevOps & Trading Tech — Practical Guides
-
Self-Host Ollama: Local LLM Inference on Your Homelab
The $300/Month Problem 📌 TL;DR: The $300/Month Problem I hit my OpenAI API billing dashboard last month and stared at $312.47. That’s what three months of prototyping a RAG pipeline cost me — and most of those tokens were wasted on testing prompts that didn’t work. 🎯 Quick Answer: Self-hosting Ollama on… Read more →
-
Backup & Recovery: Enterprise Security for Homelabs
Learn how to apply enterprise-grade backup and disaster recovery practices to secure your homelab and protect critical data from unexpected failures. Why Backup and Disaster Recovery Matter for Homelabs 📌 TL;DR: Learn how to apply enterprise-grade backup and disaster recovery practices to secure your homelab and protect critical data from unexpected failures…. Read more →
-
Securing GitHub Actions: OIDC, Least Privilege, & More
Did you know that 84% of developers using GitHub Actions admit they’re unsure if their workflows are secure? That’s like building a fortress but forgetting to lock the front gate. And with supply chain attacks on the rise, every misstep could be the one that lets attackers waltz right into… Read more →
-
Penetration Testing Basics for Developers
I started doing penetration testing because I got tired of finding the same vulnerabilities in code reviews. Once you learn to think like an attacker, you write fundamentally different code. I run regular pen tests against my own homelab services — it’s the fastest way to internalize security. Here’s how… Read more →
-
Terraform Security: Encryption, IAM & Drift Detection
What happens when your Terraform state file ends up in the wrong hands? Spoiler: it’s not pretty, and your cloud environment might as well send out party invitations to every hacker on the internet. Keeping your Terraform setup secure can feel like trying to lock the front door while someone’s already… Read more →
-
HashForge: Privacy-First Hash Generator for All Algos
I’ve been hashing things for years — verifying file downloads, generating checksums for deployments, creating HMAC signatures for APIs. And every single time, I end up bouncing between three or four browser tabs because no hash tool does everything I need in one place. So I built HashForge. The Problem with Existing… Read more →
-
JSON Forge: Privacy-First JSON Formatter in Your Browser
Pasting a nested API response into an online JSON formatter means your auth tokens, user data, and internal endpoints are now on someone else’s server. A privacy-first JSON tool that runs entirely in your browser handles the same formatting, diffing, and path-querying—without the data exfiltration risk. **👉 Try JSON Forge now:… Read more →
-
TeamPCP Supply Chain Attacks on Trivy, KICS & LiteLLM
On March 17, 2026, the open-source security ecosystem experienced what I consider the most sophisticated supply chain attack since SolarWinds. A threat actor operating under the handle TeamPCP executed a coordinated, multi-vector campaign targeting the very tools that millions of developers rely on to secure their software — Trivy, KICS,… Read more →
-
Parse JPEG EXIF Data in Browser With Zero Dependencies
Parsing JPEG EXIF data in the browser without dependencies means reading a binary format—TIFF-structured IFDs, big-endian and little-endian byte orders, and tag types that reference offset chains. Most tutorials hand-wave this complexity, but if you want zero-dependency EXIF extraction, you need to understand the byte layout. Why Parse EXIF Data in… Read more →