Secure by design: microVMs, Nix, and strong sandbox boundaries
A high-level security design for running untrusted code with microVM isolation, reproducible builds, admission, policy, and audit evidence.
Read the postmvm blog
Notes on secure infrastructure
High-level posts on microVMs, Nix, sandboxing, and the architecture behind mvm.
Latest posts
Architecture notes, release context, and practical security writing.
More posts are coming soon.