Everything here is v0. Experimental code, technical deep-dives, and core logic.
Everything here is v0. Experimental code, technical deep-dives, and core logic.
Eight locally-verified microsegmentation patterns (K8s NetworkPolicy, Cilium L7, Calico, Istio mTLS, SPIFFE/SPIRE, nftables, OPA Gatekeeper, LocalStack AWS SG)
Collect, score, and surface deep-dive candidates across OAuth WG, WIMSE, and OpenID Foundation specs
Build an xDS control plane from raw protobuf, in the spirit of Kubernetes the Hard Way. Rust + tonic + xds-api.
MCP server fronting an OpenID AuthZEN 1.0 PDP — lets LLM agents query a real Policy Decision Point
MCP server exposing Open Policy Agent (OPA) Rego evaluation as a tool — for Claude Code, Cursor, and other MCP clients
secure-by-default github template for oss: signed commits, sha-pinned actions, slsa v1.0 provenance, sigstore keyless signing, npm oidc publishing.
A visual explainer for software supply chain security: six stages, six real attacks, six defenses.
Weekly deep-dive reports on AWS — IAM/identity focused, automatically collected via GitHub Actions and published as a static site.
Loading…
Loading…