Apr 1, 2024
Defence-in-depth across six independent layers, WAF rules tuned for composable storefronts, the Payment PBC PCI isolation pattern, IMDSv2 enforcement, and CloudTrail as incident response infrastructure.
Feb 19, 2024
One IAM role per PBC, eliminating credentials from code, cross-PBC SigV4 authorisation patterns, Secrets Manager auto-rotation, and blast radius containment through least-privilege design.