Long-form writing on security, Kubernetes, platform engineering, and the operational realities of keeping production systems alive.
A new open-source MCP server that wraps Bitwarden Secrets Manager, so Claude (or Hermes, or whoever's driving your homelab this week) gets a controlled, audited path to read and write secrets — without you teaching it how to eval shell strings.
Read article →How a single Python script and an LLM endpoint can turn your Kubernetes cluster logs into actionable security intelligence. Point it at any Loki instance. No SIEM subscriptions, no per-GB ingestion fees.
Read article →The undocumented bot name, the silent failures, and the three working approaches for requesting Copilot code reviews from CI/CD pipelines and agentic workflows.
Read article →Yesterday's PyPI compromise of LiteLLM harvested every credential it could find on disk. Here's how ephemeral filesystem secrets via the Kubernetes Secrets Store CSI Driver reduce the blast radius of exactly this class of attack.
Read article →