DevSecOps Guides
Subscribe
Sign in
Home
Notes
Guides
Archive
About
Latest
Top
Secure by Design Access Control: Middleware Playbook (2025)
In this playbook we harden the middleware tier that arbitrates access across APIs and services.
Sep 3
•
Reza
1
August 2025
Web Service and API Secure by Design
A CISO's Playbook (2025 Edition)
Aug 27
•
Reza
1
Authentication Secure by Design
A comprehensive guide to implementing enterprise-grade authentication with defensive security principles
Aug 22
•
Reza
Java Spring Bug Hunter's Secure Coding Playbook (2025 Edition)
Java Spring Security with SAST Arsenal from Semgrep to Claude
Aug 14
•
Reza
AWS Proactive Defence: The Art of War in Cloud Security
The art of AWS proactive defence lies in understanding these attack patterns and positioning your defenses not where you think attacks might occur, but…
Aug 6
•
Reza
1
July 2025
The Container Base Image Security
Choosing Base Image as Security Perspective
Jul 24
•
Reza
Container Attack and Defend
Container Security Cheatsheet
Jul 18
•
Reza
1
AWS EKS Attack and Defend
In the chess game of cloud security, Amazon EKS is both the king you must protect and the battlefield where modern cyber warfare unfolds.
Jul 8
•
Reza
June 2025
AWS Authentication & Permission (IAM)
AWS Identity and Access Management (IAM) Cheatsheet
Jun 30
•
Reza
AWS CSPM Playbook
Cloud Security Posture Management (CSPM) Cheatsheet
Jun 23
•
Reza
1
AWS EC2 Attack and Defend:
The Battle for the Cloud's Beating Heart
Jun 16
•
Reza
2
AWS S3 Attack and Defend
A Journey Between Shadows and Shields
Jun 9
•
Reza
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts