Category
Category: DevOps
DevOps practices, CI/CD pipelines, containerisation with Docker, and GitHub workflows. Bridge the gap between development and operations.
-

Ultimate Windows 11 AI Setup: Claude, Codex, Cursor and WSL2
Set up Windows 11 for AI-assisted development with WSL2, GPU checks, Claude Code, Codex CLI, Cursor, Obsidian, claude-mem, skills and MCP servers. Read the guide
-

Scan Kubernetes YAML With Kubesec Before Deployment
Run Kubesec against Kubernetes manifests, understand its findings, fix risky securityContext defaults, and add a sensible CI gate. Read the guide
-

Generate an SBOM With Syft: A Practical CI Workflow
Generate a CycloneDX SBOM with Syft, store it in CI, scan it for vulnerabilities, and understand where VEX and provenance fit. Read the guide
-

Switching to Windows as a Developer: Make It Feel Like Home
You’ve been handed a Windows machine — or bought one — and you’re a developer who lives in Terminal, uses brew, and thinks cmd.exe is a joke. Here’s… Read the guide
-

DAST with OWASP ZAP in a Real Pipeline: What to Automate and What Not To
Use OWASP ZAP baseline scans where runtime testing actually helps, and stop forcing DAST into places it does not belong. Read the guide
-

SAST in GitHub Actions: How to Catch Dangerous Code Earlier
Put SAST on pull requests, keep the rule set tight, and stop turning static analysis into a backlog nobody trusts. Read the guide
-

How to Scan Containers with Trivy in CI Without Slowing Everything Down
Use Trivy on the image you actually ship, tune the gate sensibly, and keep container scanning fast enough to stay trusted. Read the guide
-

How to Add Secret Scanning with Gitleaks Before Your First Leak
Use Gitleaks locally and in CI to catch hardcoded credentials before they become key-rotation and incident-response work. Read the guide
-

Is Your Windows Dev Environment a Mess? Here’s How to Fix It
If you’re still opening cmd.exe to run commands, still downloading .exe installers from websites, and still getting mysterious line-ending errors — your Windows dev environment needs work. Not… Read the guide
-

A Practical DevSecOps Rollout with GitHub Actions
A tested 30-day DevSecOps rollout for GitHub Actions: secrets, SAST, container and Kubernetes checks, with sensible release gates. Read the guide










