Writing

Security engineering, architecture breakdowns, and DevSecOps deep dives.

Why mTLS Beats API Keys for Service-to-Service Auth

API keys are shared secrets with no identity. mTLS gives you mutual authentication, certificate-based identity, and zero shared secrets.

How I built Atlax: a production-grade reverse tunnel with TCP multiplexing, mTLS, and a custom wire protocol to bypass CGNAT.