Writings & Notes

</>

Cybersecurity· Mar 08, 2023

Zero-Trust Is Not a Product You Buy. It Is a Decision You Make.

Every security vendor sells Zero-Trust. Most organisations still do not have it.

</>

Backend Engineering· Feb 14, 2023

TypeScript Is Not Optional for Production JavaScript

I converted a significant JavaScript codebase to TypeScript. Here is what we found in the process.

</>

Cybersecurity· Feb 07, 2023

The Authentication Checklist Every Application Needs

Authentication is a security-critical component that most applications implement incompletely. Here is the complete checklist.

</>

AI & Machine Learning· Jan 25, 2023

Overfitting Is Not Embarrassing. Deploying It Is.

Every ML model overfits during training at some point. The engineers who catch it before production know what to look for.

</>

DevOps· Nov 08, 2022

Docker in Production: What Nobody Tells You

The documentation tells you how to build images. It does not tell you about the production realities.

</>

Backend Engineering· Oct 04, 2022

Queue Everything That Can Wait

Synchronous processing is right for operations that must complete before responding. For everything else, a job queue is better.

</>

AI & Machine Learning· Sep 19, 2022

Machine Learning Does Not Replace the Expert. It Amplifies Them.

On the right relationship between ML models and domain experts — from credit scoring, fintech, and enterprise AI deployments.

</>

Systems Design· Aug 25, 2022

Design for Failure. Every System Will Fail.

The question is not whether your system will fail. It is whether you designed it to fail safely.

</>

PHP Development· Aug 10, 2022

Laravel Queues in Production: The Gotchas Nobody Warns You About

Laravel Queues are excellent. These are the production behaviours that will catch you off guard if you deploy them naively.