Tous les articles

// page 1/1 · 7 articles
// DEV Security

Security for AI

1. Hoàn cảnh ra đời bài viết Dạo gần đây khi các khách hàng của tôi sử dụng AI nhiều hơn, họ xây dựng và sử dụng các nền tảng AI platform nhiều hơn thì câu hỏi đặt ra ...

// DEV Security

Transaction Tokens Deep Dive: The OAuth Spec That Carries 'Who, and Why' Across Your Microservices

Introduction A modern system processes a single request across many cooperating microservices. A user clicks "Buy" on a trading site, and behind that one click the API...

// DEV Security

NHI Governance Is the Outcome. GitGuardian Is How You Get There

There is a category mistake that happens all the time in the non-human identity (NHI) market. People talk about governance as if it were a box you buy, install, and tu...

// DEV Security

You can't delete an event. GDPR says you must. Crypto-shredding is the truce.

Two rules that can't both be true Event sourcing has one rule: you never delete. You append. The log is the source of truth, and rewriting history is the cardinal sin....

// DEV Security

Cloudsec-Audit Python Package

🚀 Excited to share my latest open-source contribution! I’ve built and published a Python package: CloudSec Audit — designed to simplify and automate cloud security aud...

// DEV Security

Stratoclave: a tenant-aware credit gateway for Amazon Bedrock — now with OpenAI codex support

If you let a team share a single AWS account for Amazon Bedrock, you quickly run into questions Bedrock alone does not answer: who called which model, under whose budg...

// DEV Security

ID-JAG, Transaction Tokens, WIF: The Three Layers of AI Agent Auth

Introduction Something clicked when I looked at the Workload Identity Federation that Anthropic shipped in May 2026. Delete the sk-ant-... API key, have a k8s service ...