In the wake of Log4Shell and SolarWinds, the software industry is grappling with a fundamental question: what is actually inside our software? The answer comes in the form of Software Bill of Materials (SBOM)—a formal, machine-readable inventory of every component, library, and dependency that comprises a software product. In this comprehensive guide, I will explain […]
Read more →Author: Nithin Mohan TK
Hello Namaste! 👋🏻
I'm an accomplished Enterprise Solution Architect & Engineering Leader with 20+ years of progressive experience architecting, building, and scaling transformative enterprise solutions.
⚜️ Solution Architect / AI & Cloud 📌 Galway, Ireland
Log4Shell Aftermath: Building Secure Logging Pipelines
Log4Shell (CVE-2021-44228) was not just another vulnerability—it was a paradigm shift. A single user-controlled string in a log message could trigger Remote Code Execution (RCE) on any Java application using Log4j 2.x. The root cause was not a bug but a dangerous design feature: JNDI lookups in log message formatting. In this comprehensive guide, I […]
Read more →2022 Predictions: The Year of AI-Assisted Development
As we enter 2022, the technology landscape is undergoing a seismic transformation. The convergence of artificial intelligence with software development tools, the aftermath of Log4Shell reshaping security priorities, and the commoditization of Kubernetes through managed abstractions are defining themes that will shape enterprise architecture decisions for years to come. In this comprehensive analysis, I will […]
Read more →Predictions for 2022: The AI Assistant Era
My bets for 2022: AI Coding: Copilot will move from “cool toy” to “mandatory tool”. WebAssembly: Blazor will get faster (AOT), and we’ll see Wasm used in the backend (WasmEdge) more often. Supply Chain Security: After SolarWinds and Log4j, SBOMs (Software Bill of Materials) will become mandatory in enterprises. See you in 2022!
Read more →HTTP/3 in .NET 6
.NET 6 adds HTTP/3 support to Kestrel. HTTP/3 uses **QUIC** (UDP-based), avoiding head-of-line blocking that plagues TCP-based HTTP/2. Enabling HTTP/3 Client Usage Key Takeaways Browsers negotiate HTTP/3 automatically via Alt-Svc header. Ideal for high-latency networks (mobile). Requires TLS 1.3.
Read more →Looking Back at 2021: The Year of Unification
2021 was a massive year for the Microsoft ecosystem. We finally got the “One .NET” we successfully promised. .NET 6 is a masterpiece of performance and unity. MAUI (while delayed to Q2 2022) is promising. Azure Container Apps fills the missing gap in the compute portfolio. GitHub Copilot showed us a glimpse of the future […]
Read more →