FIPS, FedRAMP & Beyond — Part 1: Why Your Company Should Care
A field guide for R&D teams on FIPS 140-3 and FedRAMP — starting with why these certifications matter, what they cost, and how SOC 2 fits into the roadmap.
DevOps, Platforms, and AI-driven delivery
Practitioner notes on SRE, Platform Engineering, Kubernetes, and how AI changes the way we ship. DevOps, SRE, Platform Engineering, and AI-driven delivery — by Haggai Philip Zagury.
Featured
My Personal Blog Stack: Astro + GitHub Pages = Zero Excuses Not to Write
How I set up my personal blog and portfolio using Astro and GitHub Pages — zero cost, full control, and a git push away from publishing.
Rebuilding for Compliance, Part 4: From Signed Image to Verified Pipeline
Wiring a signed Wolfi toolchain image into a real consumer pipeline, verifying it at deploy time with Sigstore policy-controller, and digest-pinning with Renovate — the series finale.
Latest
FIPS, FedRAMP & Beyond — Part 1: Why Your Company Should Care
A field guide for R&D teams on FIPS 140-3 and FedRAMP — starting with why these certifications matter, what they cost, and how SOC 2 fits into the roadmap.
My Personal Blog Stack: Astro + GitHub Pages = Zero Excuses Not to Write
How I set up my personal blog and portfolio using Astro and GitHub Pages — zero cost, full control, and a git push away from publishing.
Rebuilding for Compliance, Part 4: From Signed Image to Verified Pipeline
Wiring a signed Wolfi toolchain image into a real consumer pipeline, verifying it at deploy time with Sigstore policy-controller, and digest-pinning with Renovate — the series finale.
The Reverse Tunnel: ngrok, Cloudflare Tunnel, and the Service That Dials Out
ngrok, cloudflared, Tailscale Funnel, frp — a practitioner's map of reverse tunnels: how they work, when they're production-grade, and how they fit the Zero Trust picture.
Compliance, Cloud, and Consulting from Anywhere
The finale of the Zero Trust series: where compliance frameworks meet ZTNA, how the hyperscalers ship it natively, and what twenty years of remote-access evolution means for working practitioners.
Zero Trust Networking: Identity Meets the Network
ZTNA is what you get when you stop treating the network as the trust boundary and make every packet a policy decision against identity. A practitioner's map of the model, the vendors, and the DNS turn.