I recently switched from a standard GKE cluster where I had to manage nodes to an autopilot one where Google does it for me. I must say the switch was easy to do (despite an interruption of our services) and greatly simplified the management of the cluster.
I noticed this …
Here are some security tips to check for backend services. It's mostly meant so that I can have a check list. So I don't develop them much but provide extra links where necessary. I also probably expand this list as time goes one and I learn more about this subject …
At work in a PHP application, we rely on libsodium to erase a password from $_POST. It may sound like a good idea: once the password is not in memory any more, it can't leak. But the question is: is it really erased from memory? That's the question will answer …