Olha Shevchenko — Writing

Olha Shevchenko — WritingOlha Shevchenko runs independent production audits on AWS and Node.js: authorization, reliability, recovery paths, infrastructure reconstruction. Field notes on what breaks in real systems.https://olhash.com/Anatomy of a P0https://olhash.com/writing/anatomy-of-a-p0/https://olhash.com/writing/anatomy-of-a-p0/Most production outages are boring. They hide in the part of the system nobody looks at because it has always just worked. The anatomy of one.Tue, 26 May 2026 00:00:00 GMTThe backup you have never restored is not a backuphttps://olhash.com/writing/backups-nobody-restored/https://olhash.com/writing/backups-nobody-restored/A backup nobody has restored is a hypothesis. Until the restore runs against a clock, you do not have a recovery plan. You have a setting.Tue, 26 May 2026 00:00:00 GMTTemporary admin credentials are permanenthttps://olhash.com/writing/temporary-admin-credentials/https://olhash.com/writing/temporary-admin-credentials/The access that was widened once for a deploy and never narrowed is the access an attacker eventually finds. Temporary is the most expensive word in an auth model.Sun, 24 May 2026 00:00:00 GMTMost SaaS auth fails after login, not at ithttps://olhash.com/writing/saas-auth-fails-after-login/https://olhash.com/writing/saas-auth-fails-after-login/Teams pour effort into proving who you are. The breach is almost always in what you are allowed to do once you are in. Authentication is the door. Authorization is the building.Fri, 22 May 2026 00:00:00 GMTWhat I look for first when I open a production systemhttps://olhash.com/writing/what-i-look-for-first/https://olhash.com/writing/what-i-look-for-first/I have five days, not to fix a system, but to find where it will fail and what that failure will cost. The order I look in is not a checklist. It is a ranking by blast radius.Fri, 22 May 2026 00:00:00 GMT3 patterns I find in 80% of early-stage backendshttps://olhash.com/writing/three-patterns-early-backends/https://olhash.com/writing/three-patterns-early-backends/Most early-stage backends break in the same three places, and they stay invisible until something goes wrong: credentials in git, auth by accident, and backups nobody has restored.Tue, 19 May 2026 00:00:00 GMTWhat does 'something you can rely on' actually mean?https://olhash.com/writing/what-reliable-actually-means/https://olhash.com/writing/what-reliable-actually-means/'We have something we can rely on' sounds clean. It is also vague. The five things that have to be true before a system earns the word reliable.Thu, 14 May 2026 00:00:00 GMTFrom audit to pause: when stopping is the right callhttps://olhash.com/writing/from-audit-to-pause/https://olhash.com/writing/from-audit-to-pause/I was brought in to audit a system that had been 'in development' for nine months. In five days we mapped it, found the risks, and the right call was to stop.Thu, 07 May 2026 00:00:00 GMT