Security
Recent articles
Showing 24 of 50
GitHub Actions Security: Risks, Exploits, and Hardening
A comprehensive guide to GitHub Actions security vulnerabilities, common exploit patterns, and how to audit ….gitignore Patterns and Best PracticesZero Trust for AI Model Serving
Applying zero trust architecture to AI systems: securing inference endpoints, model artifact access, training …Zero Trust Architecture
What zero trust means, how it replaces perimeter-based security, and why AI model serving and data access …VPC - Virtual Private Cloud
What a VPC is, how it provides network isolation on AWS, and essential VPC design considerations for AI …TLS/SSL
Transport Layer Security and its predecessor Secure Sockets Layer, cryptographic protocols that provide …Symmetric Encryption
Encryption algorithms that use the same key for both encryption and decryption, including AES and DES.Supply Chain Security
Cybersecurity practices for managing risks across the chain of vendors, open-source components, and …Subnet
What subnets are, how they segment VPC networks, and best practices for subnet architecture on AWS.Security Threat Modeling
Structured approaches for identifying and prioritizing security threats, including STRIDE, DREAD, and attack …Security Scanning in AI/ML CI/CD Pipelines
How to integrate security scanning into AI/ML CI/CD pipelines: dependency scanning, container image analysis, …Secrets Management for AI Pipelines
How to manage API keys, credentials, and sensitive configuration in AI pipelines using vault integration, …Red Teaming and Adversarial Testing for AI Systems
How to plan and execute red team exercises that systematically probe AI systems for vulnerabilities, biases, …Red Teaming
What red teaming is in AI, how adversarial testing discovers vulnerabilities and failure modes before …Prompt Injection Defense
Layered defense strategies against prompt injection attacks in production LLM applications: input validation, …Prompt Injection
An attack technique where malicious input manipulates an LLM into ignoring its instructions, executing …Penetration Testing
Authorized simulated attacks on systems to identify security vulnerabilities before malicious actors exploit …OWASP Top 10 for LLM Applications (2025)
Practical guide to the OWASP Top 10 vulnerabilities for LLM applications, covering prompt injection, data …OAuth
OAuth is an open standard for delegated authorization, originating from Blaine Cook and Chris Messina's work …NAT Gateway
What NAT gateways do, how they enable private subnet internet access, and cost considerations for AWS …Istio
What Istio is, how it implements a service mesh on Kubernetes, and when the operational overhead is justified.HTTP and HTTPS
The foundational web protocols for transferring hypertext documents and resources, with HTTPS adding …Homomorphic Encryption
How homomorphic encryption enables computation on encrypted data, allowing ML inference without exposing …Hashing Algorithms
One-way functions that produce fixed-size digests from arbitrary input, including SHA-256, MD5, and bcrypt.
50 articles in this section. Search for a specific topic.
Open source projects