Skip to content
2 min read

Fullstack thinking

Designing web applications, securing them from the design stage, and knowing how to operate them afterwards.

MaintainableSecurePublic

The application side

An “infra” profile that has never written an application reasons in a vacuum. I come from development (fullstack internships, freelance work, mobile), and that is what gives meaning to my infrastructure choices: I know what the code expects from the platform, and what production demands from the code.

How I approach an app

Application security, from the design stage

The classic vulnerabilities are handled at design time, well before the end-of-project audit:

These practices come from real experience. At Koméo, on a PHP app developed solo end to end, SQLi, XSS and upload hardening was part of the delivered work. At Auchan, the rebuilt back end (Node.js, Sequelize) served several hundred employees behind directory authentication.

Sites in production

Client sites designed, developed, put into production and operated ever since: e-commerce, brochure sites, a product application, served by the infrastructure detailed on the Projects page. Each one has its own page, with its stack and a behind-the-scenes look, in the Work section. What matters is seeing them run over time: backed up, monitored, maintained.

Reading