Architect

Stop using hard-coded tokens like it's 2007: A deep dive into securing microservices with OAuth 2.0 Client Credentials and the magic of JWKS key rotation.

This hands-on guide walks you through setting up Kerberos and LDAP on Ubuntu to achieve secure, password-free database access for service accounts, inspired by real-world practices at Uber.

This post uses a hands-on Go demo to show how SPIFFE/SPIRE automates Zero Trust security for gRPC microservices.

Why fundamental digital principles are as invisible (and essential) as the laws of physics.

This post explores how WeChat's PhxSQL uses the "Fastest Majority" principle to offer a timeless lesson in designing fast and resilient distributed database systems.

a.k.a. I wrote a Raft cluster in Go and accidentally learned a lot

Service accounts may sound boring, but they’re the unsung heroes of secure automation. In this post, we time-travel back to the prehistoric age of Windows domains to see how service accounts and Kerberos work together to avoid hardcoded passwords and security nightmares.