DevSecOps Guides

Investigate Incident with Logs like Ninja

dev/sec/ops important services logs

Dec 12 • Reza

Secret Alternatives for DevSecOps Engineers

some techniques to reduce use secret for devops environments and cloud native apps

Dec 5 • Reza

November 2025

Feature Flagging for DevSecOps Engineer

enable or disable feature specifically security feature

Nov 28 • Reza

DevSecOps Process Management

Covers eight core processes that span the software delivery lifecycle. Each process includes implementation details for different organizational…

Nov 21 • Reza

2

Secret Management Like a Ninja: A Tale of Compromise, Recovery, and Mastery

This article tells the story of how secrets fail, how attackers exploit them, and how defenders can build impenetrable secret management practices; all…

Nov 14 • Reza

Keycloak Tenants vs Realms: For Fun and Profit

Keycloak is an open-source Identity and Access Management (IAM) solution security best practices with attack scenario

Nov 7 • Reza

October 2025

Building and Breaking Secure Kubernetes Helm Charts

Helm Charts Hardening Guides

Oct 24 • Reza

2

1

Secure by Design - The Reverse Proxy Security Paradox

Your reverse proxy sits at the edge of your infrastructure the gatekeeper that becomes the breach point. It’s the component trusted to route traffic…

Oct 17 • Reza

Monitoring as Code: DevSecOps Edition

Monitoring as Code: When Your Observability Stack Becomes the Attack Vector

Oct 10 • Reza

2

Insecure by Design: The Vibe Coding Misunderstanding Crisis

Vibe coding has transformed software development by democratizing programming through AI-assisted tools like GitHub Copilot, Cursor, Windsurf, and…

Oct 3 • Reza

September 2025

Secure by Design Real-Time Communication

From Attack TTPs to Defensive Architecture for WebSocket, WebRTC, MQTT, XMPP, and QUIC

Sep 25 • Reza

1

Secure by Design Execution and File Management

From File Upload to Execution: A Comprehensive Guide to Modern File System Security

Sep 17 • Reza

1