Publications
A collection of articles, papers, and blog posts on AI, engineering, and modern software development.
All Publications
Ruby SAML CVE-2024-45409
Analysis of the Ruby SAML vulnerability CVE-2024-45409 and how to mitigate it in your applications.
How to Secure RAG Applications with Fine-Grained Authorization: Tutorial with Code
A practical guide to implementing fine-grained authorization in Retrieval Augmented Generation applications.
Top 5 Google Zanzibar Open Source Implementations in 2024
A comparison of the top open source implementations of Google's Zanzibar authorization system.
Best Practices for CLI Authentication: A Technical Guide
Technical best practices for implementing secure authentication in command-line interfaces.
How to Build Browser-Based OAuth into Your CLI with WorkOS
A step-by-step guide to implementing browser-based OAuth authentication in command-line tools.
Actions
An introduction to WorkOS Actions for automating workflows and responses to security events.
How to Build Document Access Control with S3, WorkOS FGA, and Lambda Authorizers
A comprehensive guide to implementing document-level access control using AWS S3, WorkOS FGA, and Lambda authorizers.
What is Multitenant Authentication?
Understanding multitenant authentication and its implementation in modern SaaS applications.
AuthQuake: Microsoft's MFA System Vulnerable to TOTP Brute Force Attack
Analysis of the vulnerability in Microsoft's MFA system that allows brute force attacks against TOTP codes.
WASM Auth Server: Golang to JS
Building an authentication server with WebAssembly by compiling Golang to JavaScript.
How to Build Row-Level Access Control with WorkOS FGA and Postgres
A practical guide to implementing row-level access control in PostgreSQL using WorkOS Fine-Grained Authorization.
Best Practices for Secrets Management
Essential best practices for securely managing secrets in modern applications and infrastructure.
What is Device Fingerprinting and How Does it Work?
An in-depth explanation of device fingerprinting technology and its applications in security and fraud prevention.
How WorkOS Radar Really Works
A behind-the-scenes look at how WorkOS Radar protects applications from authentication attacks and fraud.
How WorkOS Radar's Bot Detection Works
An exploration of the technology behind WorkOS Radar's bot detection system and how it protects applications.
How WorkOS Radar Does Rate Limiting with Device Fingerprinting
An exploration of how device fingerprinting can be used to implement effective rate limiting for web applications.
DeepSeek R1 Pushes Local and Open AI Forward
How DeepSeek R1 is advancing the capabilities of local and open-source AI models.
Shadcn UI: What is it, and why do you care?
A comprehensive guide to using Shadcn UI for building modern React applications.
What is Ente Auth?
An introduction to Ente Auth and its approach to secure, privacy-focused authentication.
What is Authentik?
Exploring Authentik, an open-source identity management solution for modern applications.
How to Run DeepSeek R1 Locally
A step-by-step guide to running DeepSeek R1 on your local machine for AI development.
What Does It Mean to Distill a Machine Learning Model or LLM?
Understanding the process of model distillation and its importance in creating efficient AI models.
How to Build Secure AI Agents that are Enterprise Ready
Best practices for building secure, compliant AI agents for enterprise environments.
What is Arcade.dev? An LLM Tool Calling Platform
An introduction to Arcade.dev, a platform that simplifies authentication and tool management for LLM applications.
What is the difference between Radix and Shadcn UI?
A comparison of Radix UI's unstyled primitives and Shadcn UI's styled components approach for modern React applications.
AI Agents Are Taking Over
Exploring how AI agents are transforming workflows and automating complex tasks across industries.
The Best Feature Flag Providers for Apps in 2025
A comprehensive review of the top feature flag providers and how they can improve your development workflow.
Securing AI Agents: Operator Models and Authentication
Best practices for implementing secure authentication and authorization for AI agent systems.
Context is King: Tools for Feeding Your Code and Website to LLMs
An overview of tools and techniques for effectively providing context to large language models.
What is API Authentication? A Guide to OAuth 2.0, JWT, and Key Methods
A comprehensive guide to modern API authentication methods and best practices.
OAuth 2.0 and OpenID Connect: The Evolution from Authorization to Identity
How OpenID Connect builds on OAuth 2.0 to provide standardized identity and authentication.
How to Add Custom Claims to JWTs
A practical guide to enriching JSON Web Tokens with custom claims for enhanced application logic.
What is the aud Claim in Identity, Authentication, and Authorization?
Understanding the audience claim in JWTs and its role in secure authentication systems.
Building Privacy-Aware Software with Vector Databases
Best practices for implementing privacy-preserving techniques in applications using vector databases.
Accelerating Legal Discovery and Analysis with Pinecone and Voyage AI
An exploration of how vector databases and AI can transform legal discovery processes.
When that Adhoc Script Turns Into a Production Pipeline
Strategies for transforming quick scripts into robust production systems.
Building Privacy-Aware AI Software with Vector Databases
How to implement privacy-preserving techniques in AI applications using vector databases.
RAG Evaluation: Don't let customers tell you first
Best practices for evaluating Retrieval Augmented Generation systems before deployment.
Integrating Cloud-based Vector Databases with CI/CD Pipelines
A guide to integrating vector databases into continuous integration and deployment workflows.
Test Pinecone Serverless at Scale with the AWS Reference Architecture
How to test and scale vector database deployments using AWS infrastructure.
Launch Production-grade architectures using Pinecone's vector database
A comprehensive guide to deploying production-ready vector database architectures on AWS.
Exploring the Pinecone AWS Reference Architecture
A deep dive into the AWS reference architecture for Pinecone vector databases.
Making it easier to maintain open-source projects with CodiumAI and Pinecone
How to use AI tools to simplify open-source project maintenance and issue tracking.
The Pain and Poetry of Python
An exploration of Python's strengths and weaknesses in modern software development.
How to use Jupyter Notebooks for Machine Learning and AI
A practical guide to leveraging Jupyter Notebooks for machine learning and AI development.
Retrieval Augmented Generation (RAG)
An introduction to Retrieval Augmented Generation and its applications in AI systems.
AI-powered and built with...JavaScript?
How JavaScript is becoming a viable language for AI application development.
How to securely store secrets in BitWarden CLI
A guide to securely managing secrets using BitWarden CLI and ZSH shell integration.
How to write code on Mac or Linux but test on Windows with hot-reloading
Techniques for cross-platform development with efficient testing workflows.
Introducing cf-terraforming
Introducing a tool to convert Cloudflare configurations to Terraform code.
Dogfooding Cloudflare Workers
How Cloudflare uses its own Workers platform to build and improve its services.