Latest

If you are exposing AI-enabled capabilities in your product and supporting external integrations, there is a good chance you will implement an MCP (Model Context Protocol) server to handle tool calls from LLMs. When you do, you will need to manage authentication, input validation, multi-tenant isolation, and more. Instead of starting from scratch, I have put together a starter-kit that gives you all this out of the box: JWT-based tenant authentication, input validation, per-function metadata, cloud-native & container-ready with Docker, and standard endpoints as per the MCP spec.

A custom web application firewall (WAF) can help protect your web application from various threats like SQL injection, cross-site scripting (XSS), etc. If you ship software to customers or even if you host your services in the cloud but want more control, agility and/or simplicity, a custom WAF can help. In this article, I will show you how to build a custom WAF using OpenResty, a powerful web platform based on Nginx and Lua.

Whether it's API abuse, scraping, DDoS attacks, or a threat actor probing your endpoints, detecting anomalies in server traffic can help contain these attacks and improve system's resiliency. Building real-time detection pipelines however can be challenging because of variety of factors including infrastructure, cost, etc. Offline anomaly detection is an important tool that can not only be used in the absence of real-time detection but can also complement it. Root Cause Analysis, Forensics & Security Audit, Shadow Testing, Training & Tuning Real-Time Detectors, etc. are some of the use cases. In this article, I will present a simple offline anomaly detection pipeline that can be used to detect anomalies in server traffic. This pipeline is designed to be lightweight, easy to implement, and effective for many common scenarios.

You have probably seen an email from your bank, Gmail, or Netflix that says, "We noticed a login from a new device." In this blog, I will discuss browser fingerprinting - one of the simplest techniques that can be used to identify the user device. This technique can be used for security, analytics, personalization, fraud prevention, etc.

Over the weekend I was talking to a friend about troubleshooting remotely, logging and monitoring. It would be cool if we could spin up a temporary log viewer on the fly for fast troubleshooting, and then tear it down just as easily once the issue is resolved. In this article, I will demonstrate how to setup a simple logging pipeline using OpenSearch and FluentBit.