The Weekly Dev - 202213

Running your code, secure and at scale

It takes a lot of work, to build code that is theoretically able to scale globally, and apparently it takes much less to take it down, if you're not up-to-date with the latest threats and related mitigations, if only from a technical point of view.

That is - of course - only part of the story, but one we're deeply in.

API development

A funny story, by its own means:

CORS is not meant to secure an API endpoint


"A microservice application with an uptime percentage of 99.9% can be considered highly available, but a downtime of 0.1% quickly becomes pronounced as volumes increases. Per 1000 requests, there might be only one failure, but per million requests? That’s 1000 failures."

How to Design Reliable Microservices


Data-Intensive Systems

"It shares some of the same goals of programs like launchd, daemontools, and runit. Unlike some of these programs, it is not meant to be run as a substitute for init as “process id 1”. Instead it is meant to be used to control processes related to a project or a customer, and is meant to start like any other program at boot time." Supervisor: A Process Control System


Approaches to Migrate SQL Applications to Apache Cassandra


Boring Security

Some useful information about Security Headers in your web application.


Mostly in line with the infos on OWASP website: OWASP Secure Headers Project


Also very valuable if you want to check the headers by yourself on the command line with this project:



Keywords: [ security ] [ api ] [ cassandra ]