Security
All articles
55 total
Vibe Coding in Public: The Safety Check Nobody Gave You New
When your vibe-coded app goes live, it is on the public internet. Five …
Guides
Added 14 Jul
·
Upd 14 Jul
·10 min
Log4Shell (CVE-2021-44228) New
A critical 2021 remote code execution flaw in the Apache Log4j 2 logging …
History
Added 23 Jun
·
Upd 23 Jun
·5 min
SolarWinds Supply-Chain Compromise New
Attackers hid a backdoor inside SolarWinds Orion software updates, …
History
Added 23 Jun
·
Upd 23 Jun
·5 min
SSL and TLS: Encrypting the Web New
SSL and its successor TLS encrypt traffic between browsers and servers, …
History
Added 23 Jun
·
Upd 23 Jun
·5 min
What is Security and Auth? New
Security and auth are how software lets the right people in and keeps …
Basics
Added 15 Jun
·
Upd 15 Jun
·4 min
.gitignore Patterns and Best Practices
Software Engineering
Added 31 Mar
·
Upd 30 May
·9 min
Access Control Models
Frameworks for controlling who can access resources, including DAC, MAC, …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Adversarial Machine Learning
How evasion, poisoning, and model extraction attacks threaten ML …
Glossary
Added 28 Mar
·
Upd 30 May
·4 min
AI Security Best Practices
Security considerations for AI systems, covering prompt injection, data …
Guides
Added 28 Mar
·
Upd 30 May
·5 min
AI Supply Chain Security
Verifying model weights, scanning dependencies, and securing the …
Patterns
Added 28 Mar
·
Upd 30 May
·3 min
AI-Enhanced Vulnerability Scanning
AI augments traditional security scanners by understanding code context, …
Ideas
Added 28 Mar
·
Upd 30 May
·2 min
Amazon Cognito
User Authentication and Identity
Infrastructure
Added 24 Mar
·
Upd 14 Jun
·10 min
Amazon Fraud Detector
ML-Based Fraud Prevention
Data
Added 28 Mar
·
Upd 14 Jun
·7 min
API Gateway
What an API gateway is, how it manages API traffic, and when to use …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Asymmetric Encryption
Public-key cryptography using mathematically related key pairs, …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Authentication and Authorization (AuthN/AuthZ)
The distinction between verifying identity (authentication) and granting …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
AWS Cloud Governance for AI Workloads
Practical guide for implementing cloud governance on AWS for AI and ML …
Guides
Added 28 Mar
·
Upd 30 May
·3 min
AWS vs Azure Governance Tools
Comparison of AWS and Azure governance capabilities for AI workloads, …
Comparisons
Added 28 Mar
·
Upd 14 Jun
·5 min
AWS WAF
Web Application Firewall
Tools
Added 28 Mar
·
Upd 30 May
·2 min
CIA Triad
Confidentiality, Integrity, Availability
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Cloud Armor
Web Application Firewall and DDoS Protection
Tools
Added 28 Mar
·
Upd 30 May
·3 min
Cloud Governance
The framework of policies, processes, and controls that organizations …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
DevSecOps
What DevSecOps means, how it integrates security into every stage of …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
Digital Signatures and Certificates
Public key infrastructure (PKI) mechanisms for verifying authenticity …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Enterprise Cloud Governance Framework
A comprehensive framework for governing cloud environments that host AI …
Frameworks
Added 28 Mar
·
Upd 30 May
·3 min
Firewalls and Network Security
Network security devices and techniques that control traffic flow …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
GitHub Actions Security: Risks, Exploits, and Hardening
A comprehensive guide to GitHub Actions security vulnerabilities, common …
Guides
Added 2 Apr
·
Upd 30 May
·10 min
Guardrails Pattern
Input and Output Safety for AI Systems
Patterns
Added 28 Mar
·
Upd 30 May
·4 min
Hashing Algorithms
One-way functions that produce fixed-size digests from arbitrary input, …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Homomorphic Encryption
How homomorphic encryption enables computation on encrypted data, …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
HTTP and HTTPS
The foundational web protocols for transferring hypertext documents and …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
Istio
What Istio is, how it implements a service mesh on Kubernetes, and when …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
NAT Gateway
What NAT gateways do, how they enable private subnet internet access, …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
OAuth
OAuth is an open standard for delegated authorization, originating from …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
OWASP Top 10 for LLM Applications (2025)
Practical guide to the OWASP Top 10 vulnerabilities for LLM …
Guides
Added 28 Mar
·
Upd 30 May
·4 min
Penetration Testing
Authorized simulated attacks on systems to identify security …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Prompt Injection
An attack technique where malicious input manipulates an LLM into …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
Prompt Injection Defense
Layered defense strategies against prompt injection attacks in …
Patterns
Added 28 Mar
·
Upd 30 May
·3 min
Red Teaming
What red teaming is in AI, how adversarial testing discovers …
Glossary
Added 28 Mar
·
Upd 30 May
·4 min
Red Teaming and Adversarial Testing for AI Systems
How to plan and execute red team exercises that systematically probe AI …
Guides
Added 28 Mar
·
Upd 30 May
·3 min
Secrets Management for AI Pipelines
How to manage API keys, credentials, and sensitive configuration in AI …
Guides
Added 28 Mar
·
Upd 30 May
·4 min
Security (Well-Architected Pillar)
The Well-Architected pillar covering IAM, encryption, network security, …
Glossary
Added 26 Mar
·
Upd 30 May
·4 min
Security Fundamentals
Authentication, authorization, encryption, the OWASP Top 10, and the …
Foundations
Added 1 Jan 0001
·
Upd 30 May
·8 min
Security Scanning in AI/ML CI/CD Pipelines
How to integrate security scanning into AI/ML CI/CD pipelines: …
Guides
Added 28 Mar
·
Upd 30 May
·4 min
Security Threat Modeling
Structured approaches for identifying and prioritizing security threats, …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Shared Responsibility Model
What the shared responsibility model is, how AWS, Azure, and GCP divide …
Glossary
Added 25 Mar
·
Upd 30 May
·3 min
Subnet
What subnets are, how they segment VPC networks, and best practices for …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
Supply Chain Security
Cybersecurity practices for managing risks across the chain of vendors, …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
Symmetric Encryption
Encryption algorithms that use the same key for both encryption and …
Glossary
Added 28 Mar
·
Upd 30 May
·2 min
The Shared Responsibility Model for AI on AWS
How AWS shared responsibility applies to AI and ML workloads: data, …
Guides
Added 25 Mar
·
Upd 30 May
·5 min
TLS/SSL
Transport Layer Security and its predecessor Secure Sockets Layer, …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
VPC
Virtual Private Cloud
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
Well-Architected Framework
The cloud architecture review methodology used by AWS, Azure, and Google …
Foundations
Added 1 Jan 0001
·
Upd 30 May
·14 min
Zero Trust Architecture
What zero trust means, how it replaces perimeter-based security, and why …
Glossary
Added 28 Mar
·
Upd 30 May
·3 min
Zero Trust for AI Model Serving
Applying zero trust architecture to AI systems: securing inference …
Patterns
Added 28 Mar
·
Upd 30 May
·4 min
55 articles in this section. Search for a specific topic.
Open source projects