How to DDoS your own .NET appMost people think about DDoS as something hostile. Someone floods your public API, your infrastructure starts to bend, and the conversation moves towards rate limiting, WAF rules, autoscaling, cachingJun 13, 2026·12 min read·46
API Payload Compression in ASP.NET CorePeople talk about payload compression as if it were a single checkbox in Program.cs. Turn on gzip, maybe add Brotli, and move on. That approach is no good for a production system that serves high-voluMar 28, 2026·11 min read·59
Patterns for Resilience and Integration at ScaleModern distributed systems rarely fail because the core business logic is too hard. They fail because the edges are messy. One service is slow, another is flaky, a third is legacy, a fourth is owned bMar 17, 2026·26 min read·31
Communicating Between Modules in a Modular MonolithWhy Developers Get This Wrong Most engineers learning modular monoliths fall into two traps. The first group collapses boundaries by sharing DbContexts, repositories, and entities across modules. The Mar 12, 2026·10 min read·285
Enforcing Architecture in .NETMost software systems do not fail because developers cannot write code. They fail because you cannot control how that code evolves over time. Architecture starts clear, clean, and well-structured. SixFeb 22, 2026·9 min read·105
Designing Local LLMs on Azure for Security, Reliability, and ControlIn a previous post, I looked at what it really means to run LLMs locally from the perspective of a .NET developer. We explored why teams still care about local models despite the raw capability gap with GPT-5, how privacy, cost, latency, and complian...Jan 31, 2026·13 min read·126
Defending Against Confused Deputy Attacks in AzureMost .NET developers working in Azure feel confident about identity. You use Entra ID, validate JWTs, and lean on Managed Identity instead of secrets. On paper, that is the right direction. Authentication is in place, access keys are gone, and the pl...Jan 25, 2026·7 min read·57
