PostgreSQL Moves Away from MD5: Why the Authentication Scheme is Changing
MD5 has long been the standard for authentication in PostgreSQL. However, accumulated limitations have led to a gradual phasing out and a transition to a more robust model.
Security
Security on ThecoreGrid focuses on protecting modern distributed systems through practical, production-grade engineering.
We cover application and infrastructure security across cloud-native environments, including identity and access management, zero-trust architectures, secrets handling, and secure service-to-service communication. Topics include threat modeling, vulnerability management, supply chain security, and hardening of CI/CD pipelines and runtime environments. We analyze real-world trade-offs between security, performance, and developer velocity, along with strategies for detection, response, and recovery. Content is grounded in BigTech practices, incident post-mortems, and lessons from security failures at scale. You’ll find deep dives into observability for security, policy enforcement, encryption, and multi-tenant isolation. Instead of generic checklists, the Security tag delivers actionable engineering insights for backend and platform engineers, DevOps teams, SREs, and architects responsible for building resilient and secure systems.
Leak through CMS and a new class of models: how Anthropic faced a dual risk
Draft materials about the new AI model became publicly accessible due to a CMS configuration error. The incident highlighted two things simultaneously: the fragility of content pipelines and the increasing risks posed by the models themselves.
Granular data residency at the edge without sacrificing global network
Cloudflare adds Custom Regions to align global edge with local restrictions. This is a response to compliance pressures that are beginning to impact routing architecture. The problem arises when the global edge model encounters data localization requirements. Cloudflare’s architecture, by default, optimizes latency through the nearest data center. However, once requirements emerge to keep TLS … Read more
When Security and Architecture Diverge, the System Pays
The connection between security and architecture breaks not in the code, but in the decisions. The analysis shows how systemic compromises turn into incidents.
Kubescape 4.0: Transition to CEL Detection and Abandonment of Host-Level Agents
In Kubescape 4.0, the focus shifts from reactive security to proactive security. The main changes include runtime detection, a redesign of the agent model, and the extraction of security data from etcd. The problem manifests at scale. As the cluster grows, security begins to compete for resources with the control plane itself. Storing security metadata … Read more
Reducing Friction in Agentic AI: Local Validation and Isolated Environments in AWS
AI agents are limited not by models, but by architecture. If feedback is slow, autonomy does not work. The problem manifests when an AI agent tries to close the loop of “generated → validated → corrected.” In typical cloud systems, this loop is stretched: deployment takes minutes, tests depend on resource provisioning, and errors only … Read more
A Unified Global Platform as a Way to Simplify SASE and Protect AI Workloads
Disparate security and traffic delivery services begin to break down as AI workloads and distributed users grow. The unified platform approach attempts to eliminate this class of problems through consolidation. The problem becomes apparent as the architecture grows more complex. Separate solutions for WAF, DDoS, CDN, Zero Trust, and application access create fragmentation. Each adds … Read more
Code Generation Without Control: How Agentic Systems Hit Bottlenecks in Security and Context Management
AI agents in development have become more autonomous, but this has been accompanied by increased costs of errors and control complexity. The primary tension has shifted from model quality to system behavior management. The problem does not manifest immediately, but rather the moment the agent steps outside a simple scenario. Early approaches like “vibe coding” … Read more
Datadog Terraform Provider v4: Predictable Access Rights and AWS Integration Unification
The provider update shifts the focus from convenience to predictability of behavior. This is critical when Terraform becomes the source of truth for observability configuration. The problem manifests at the state management level. In large installations, Terraform must deterministically control access and integrations. In previous versions, the behavior of monitor permissions could be non-obvious, especially … Read more