Security Stories
Security incidents rarely announce themselves. These stories cover misconfigurations, exposed credentials, unexpected access patterns, and the unglamorous work of hardening production systems.
4 stories
How a Storage Security Policy Broke VM Provisioning Across Azure and GitHub Worldwide
“I work on cloud control-plane infrastructure that provisions virtual machines, scale sets, Kubernetes nodes, and the supporting identity and extension systems around them. One of t...”
How a Missing .npmignore Entry Leaked 512,000 Lines of Claude Code Source to the World
“We maintained the release pipeline for Claude Code, Anthropic's flagship AI coding CLI distributed as an npm package (@anthropic-ai/claude-code). The tool had grown rapidly to beco...”
Untangling Terraform State Drift 30 Minutes Before a Board Demo
“At 1:30 PM, we had exactly the wrong kind of change window. We were an infrastructure tooling company, our production stack lived in Terraform with an S3 backend and DynamoDB locki...”
How We Built a Production-Grade AWS Infrastructure from Scratch in 6 Weeks — as a Team of Two
“We were 14 months into building a B2B document intelligence platform for legal teams. Our entire infrastructure was a single $48/mo DigitalOcean VPS — one box, manually SSHed into,...”