Signed URL Security for Object Storage Access Control
Guide to secure signed URL usage in object storage systems, including expiration policy and abuse prevention.
Security#security#storage#signed-url#cloud#backend
#backend
4 posts
#agent#ai#analytics#api#api-design#api-gateway#architecture#audit#authentication#authorization#autoscaling#backend#backfill#backward-compatibility#batch#cache#cancellation#career#cdc#cdn#chaos-engineering#chatgpt#circuit-breaker#cli#cloud#cloud-native#cluster-autoscaler#cobra#compliance#concurrency#connection-pooling#consistency#context#contracts#cost-optimization#cqrs#csr#data#data-contracts#database#deployment#deprecation#developer#devops#distributed-systems#distroless#docker#dynamic-rendering#ebpf#economy#error-budget#event-driven#event-sourcing#feature-flag#filesystem#fintech#gemini#geo#go#golang#gorm#goroutine#governance#grpc#high-availability#hpa#idempotency#incident-management#index#indexing#integration-test#integrations#java#javascript#jwt#kafka#kms#kubernetes#leadership#linux#llm#logging#m2m#markets#media#mental-health#microservices#migration#mindset#mock#mtls#multi-region#multi-stage#multi-tenant#network#news#nodejs#oauth#oauth2#observability#openfeature#opentelemetry#operations#outbox#pagination#partitioning#passkey#payments#performance#pgbouncer#pii#pipeline#postgres#postgresql#postmortem#pprof#productivity#profiling#protobuf#psychology#pub-sub#puppeteer#python#queues#rabbitmq#rate-limiting#realtime#redis#release#reliability#resilience#rest#retry#rls#saas#saga#scalability#scaling#scheduling#schema#search#secrets#security#seo#service-mesh#sharding#signed-url#situational-leadership#sli#sliding-window#slo#snapshot#software-engineering#spiffe#sql#sre#ssr#statefulset#stoicism#storage#streaming#streams#team-management#temporal#terminal#testcontainers#testing#timeout#token-bucket#tracing#trump#vault#versioning#vpa#web#webauthn#webhook#websocket#workflow#world#zero-downtime#zero-trust
PII Masking and Log Safety: Balancing Compliance and Operability
Covers masking, tokenization, and auditing techniques for securing logs that may contain personal data.
Security#security#pii#logging#compliance#backendOAuth2 Token Exchange Design for Machine-to-Machine Authentication
Implementation-focused guide to token exchange, scope reduction, and secure machine-to-machine OAuth2 flows.
Security#security#oauth2#m2m#authentication#backendPasskey and WebAuthn: A Practical Passwordless Authentication Guide
A backend-focused walkthrough of passkey registration/login flows, threat model improvements, and rollout strategy.
Security#passkey#webauthn#security#authentication#backend
