Cyber Bison

Cyber Bison Aprenda a gerenciar sua vida e seu tempo através da tecnologia e agilidade.

02/02/2026

🇺🇸 From Software Engineering to Applied AI Engineering: The evolution of architecture.

"He who loves practice without theory is like the sailor who boards ship without a rudder and compass and never knows where he may cast." – Leonardo da Vinci (Treatise on Painting)

This Full Stack Development certificate from PUC-Rio marks the completion of a fundamental cycle. It consolidates the delivery of the Ticket Management MVP, where I applied the pillars of modern development: SOLID architecture, JWT security, and a robust Frontend. That was the foundation.

But software engineering demands more than the basics.

In my current challenge, the FragManagement project, I had to raise the bar. I moved beyond the comfort zone of CRUDs to tackle complex architectural problems in Node.js and NestJS, solving critical bottlenecks like Circular Dependencies and microservices orchestration. It wasn't just about making it work; it was about bulletproofing the application. 🔓🚀

Now, the gears shift again.

With a solid and validated technical foundation, I am starting my Postgraduate degree in Applied AI Engineering, running in parallel with a specialization in Software Quality and Intelligent Systems.

The goal is no longer just to build systems that process data, but to design systems that learn and evolve with assured quality.

The journey continues. The next step is to bring intelligence to the architecture. 🧠✨

Microservices PucRio LifelongLearning SoftwareQuality

20/01/2026

Architectural Refactoring: Monolithic Decomposition and Governance in API Gateway

Recent commit focused on critical API Gateway restructuring, migrating from a single controller to a modular, scalable architecture.

Technical Implementation:

Modular Architecture: Decomposition of the monolithic GatewayController into domain-segregated controllers (Matches, Players, Logs, Kills, Tasks). This isolates contexts, improves maintainability, and reduces coupling.

Zero Trust Security: Implementation of defense-in-depth layers, including global ThrottlerGuard for DDoS mitigation, alongside strict Helmet and CORS configurations.

Reliability & Validation: Integration of Joi for strict environment variable validation at application startup, ensuring a fail-fast mechanism for misconfigurations.

Code Governance (GitHooks): Standardization of the development workflow using Husky and Commitlint, enforcing formatting and commit conventions pre-push.

The application now operates with clear responsibility boundaries and a solid foundation of security and compliance.

Receber a nota máxima na disciplina de Desenvolvimento Fullstack na POS da PUC RJ, é uma grande conquista, mas o aprendi...
14/01/2026

Receber a nota máxima na disciplina de Desenvolvimento Fullstack na POS da PUC RJ, é uma grande conquista, mas o aprendizado vai muito além da nota. O projeto — um Sistema de Gestão de Tickets — foi a oportunidade perfeita para aplicar conceitos de Engenharia de Software que fazem a diferença no mundo real.

Como profissional da área, sei que a tentação de cortar caminho em um MVP é grande. Mas escolhi o caminho da consistência.

📌 A Engenharia aplicada à Solução: Em vez de apenas entregar funcionalidades, focamos na saúde do projeto:

Consistência de Código: Adoção do Black (Linter) para garantir que o código Python seguisse padrões rigorosos (PEP8). Código limpo não é estética, é sobre manutenibilidade e respeito a quem vai ler depois.

Robustez de Dados: Utilizamos SQLAlchemy (ORM). Mais do que facilitar queries, isso trouxe segurança e uma modelagem de dados orientada a objetos, protegendo a integridade da aplicação.

Integração Fluida: Estabelecemos padrões claros de resposta na API. O Frontend (com lógica de Autorização implementada) e o Backend conversam através de contratos bem definidos, evitando falhas silenciosas.

💡 O Aprendizado: A qualidade não é um "acessório" para se adicionar no final, ela é parte do processo. Antecipar a curva de aprendizado e aplicar boas práticas desde o início transformou o desenvolvimento em uma jornada fluida, resiliente e, acima de tudo, gratificante.

Fecho esse ciclo com a sensação de dever cumprido e a base pronta para os próximos desafios: Qualidade de Software e Sistemas Inteligentes... Que estamos desde 11/2024 antecipando a curva de aprendizado, e implementando as melhores práticas para qualidade de software, fazendo disso um Pilar para sistemas realmente inteligentes.

In life, you don't survive by building a glass wall around yourself; you survive by having a robust immune system. Why d...
23/12/2025

In life, you don't survive by building a glass wall around yourself; you survive by having a robust immune system. Why do we treat software differently?

Recent exploits in the React ecosystem (Server-Side Injection) reminded us that "infection" is inevitable. Just like a virus enters the body through a handshake, malicious scripts enter servers through user inputs.

In our current project, we stopped building walls and started building immunity. We call this LiveSecOps.

The Skin (API Gateway): The first line of defense that separates the internal organs from the outside chaos.... body

The White Blood Cells (Joi Validation): We don't trust what we "eat". Every byte of data is inspected at the cellular level. If it looks like a toxin (malformed payload), it is rejected before digestion.... soul

The Fever (Rate Limiting): When the system detects an attack, it raises the temperature. It slows down interactions to kill the pathogen's efficiency..... faith

Software mimics life. If your system can't reject bad inputs automatically like a body rejects bad food, it isn't secure—it's just lucky.

"Great things are done by a series of small things brought together." – Vincent van Gogh.In software engineering, the mo...
17/12/2025

"Great things are done by a series of small things brought together." – Vincent van Gogh.

In software engineering, the most critical "small things" are the ones no one sees until it's too late: Security and Infrastructure.

We just wrapped up Week 1 of replatforming our core architecture. Instead of rushing to build features, we rushed to build walls. We adopted a Zero Trust mindset from day zero.

Phase 1 Achievements (The Invisible Fortress):

👻 Ghost Mode Infrastructure: We refactored our Docker orchestration to isolate the Python Backend and Log Services into a private internal network. They are now invisible to the outside world. The only way in? Through the strictly guarded API Gateway.

🔐 Supply Chain Hardening: We implemented a "Nuclear Launch" protocol for our code. Every commit is now cryptographically signed via SSH keys stored in a vaulted agent, protected by 2FA and biometrics. If it doesn't have the "Verified" badge, it doesn't enter the repo.

🛡️ Automated Governance: Husky is the gatekeeper. No code gets committed without passing strict linting, formatting, and safety checks.

The foundation is no longer just "working"; it is sovereign.

Tomorrow, we start Phase 2: Identity & Access. We are giving the Gateway the power to issue passports (JWT) and enforce strict laws (RBAC).

Building scalable systems is easy.
Building scalable and secure systems is the real craft.

14/12/2025

"We are what we repeatedly do. Excellence, then, is not an act, but a habit." – Aristotle.

In software engineering, this mindset is the difference between a project that scales and one that collapses. Excellence doesn't magically appear on launch day; it is encoded into the infrastructure from day one.

For this first week leading the restructuring of our platform, my focus wasn't on visible features, but on what I call "Invisible Engineering": the foundation.

We faced a classic challenge: legacy Python services, new Node.js microservices, and a critical need for standardization. The solution wasn't just merging code, but orchestrating an ecosystem.

What we built in Week 1:

🏗️ Governed Monorepo: We unified the Python backend and Node.js services under a single roof, established with clear rules of coexistence.

🛡️ The Automated Guardian: We implemented Husky with pre-commit hooks. It is now technically impossible to commit code that fails Black, Flake8 (Python), or ESLint/Prettier (Node). Quality stopped being a "request" and became a "system requirement."

🧹 Technical Debt Sanitization: We paid the "legacy tax." We formatted and cleaned the existing backend, clearing hundreds of lint alerts to ensure a pristine starting point.

🚪 API Gateway Foundation: The entry point of our future architecture was born already configured with the highest NestJS typing and structural standards.

The result? A development pipeline where the team can focus on business logic, knowing the infrastructure protects the integrity of the whole. Sleeping soundly knowing the build is green is priceless.

The foundation is set. Week 2: Security and Authentication. Let's scale.

09/12/2025

A verdadeira inovação não é apenas construir o novo, mas orquestrar a complexidade do existente com a inteligência do futuro.

Como Tech Lead, a decisão arquitetural nunca é sobre "se funciona", mas "como escala" e "quão seguro é".

No projeto FragManagement, superamos o desafio de latência e conectividade entre microsserviços containerizados e o banco externo (Supabase/PostgreSQL).

O ambiente está estável, com persistência em nuvem e computação local.

Agora, o foco é a camada de Governança (API Gateway). Inspirado em padrões de mercado (como Kong), estou implementando um Gateway em NestJS que vai além do proxy reverso.

Ele será o "cérebro" da operação, orquestrando microsserviços Python e Node.

Este é o alicerce para meu laboratório pessoal, para a minha POS em Engenharia de IA Aplicada na UNIPDS, onde integrarei tecnologias para elevar a maturidade do software:

Qualidade Automatizada: Uso de CodiumAI para geração de cenários de te**es complexos e edge cases no FastAPI.

Segurança Preditiva: Integração de Snyk/CodeQL no pipeline para análise estática (SAST) impulsionada por IA.

Observabilidade Inteligente: O Gateway está sendo preparado para logar padrões de tráfego, visando futura detecção de anomalias com Machine Learning.

Não estamos apenas codando APIs; estamos construindo um ecossistema pronto para a era da Inteligência Artificial.

Quando exerci a função de Lider de Equipe e Tech Leader, aprendi que antecipar os aprendizados e os possíveis blocks, atingimos níveis de maturidade extremamente maiores...

A agilidade não está em Fazer rápido... mas em fazer DIREITO!

🚀 Stack: Docker | NestJS (Gateway) | Python (Core) | Supabase (Cloud DB) | NodeJS (Governance Log)

🤖 AI Techs: CodiumAI | Snyk | LLM Integration | Gemini Code Assist | Gemini AI Pro2

Starting "Week 1" of my Postgrad lab. The theme is Software Quality.Before talking about AI or Advanced Security in my p...
04/12/2025

Starting "Week 1" of my Postgrad lab. The theme is Software Quality.

Before talking about AI or Advanced Security in my project, I'll spend the next week ensuring code "health." I'm setting up static analysis tools and automated tests for both Python and Node.js.

💡 Leadership Insight: A senior dev knows that non-standardized code is just a bug waiting to happen. Time to clean house!

My next Postgraduate module in Software Engineering at PUC Digital is "Software Quality, Security, and Intelligent Syste...
27/11/2025

My next Postgraduate module in Software Engineering at PUC Digital is "Software Quality, Security, and Intelligent Systems," but it only starts in February 2025.

However, curiosity and the drive to apply theory to practice won't let me sit idle until then.

I’ve decided to turn my current personal project, FragManagement, into my own anticipatory study lab. It offers the perfect challenging scenario for this subject: a polyglot microservices monorepo, combining the high-performance processing of Python (FastAPI) with the agility of Node.js (NestJS) for analytics, all orchestrated via Docker.

Here is my action plan for the coming months, even before the first class begins:

🛡️ Security (DevSecOps): Moving beyond the basics. I am shielding my API Gateway by implementing robust authentication (JWT) and rate limiting to protect internal services. The goal is to apply "Security by Design" principles in a real-world environment.

✅ Quality (QA Engineering): The challenge here is ensuring integrity in a polyglot environment. I am setting up a CI/CD pipeline that runs automated tests for both the Python and Node.js backends, ensuring that service contracts remain unbroken with every commit.

🧠 Intelligent Systems: Preparing the logging infrastructure to eventually apply Machine Learning models for anomaly detection and match prediction.
The Leadership Perspective:

More than just writing code, I approach this challenge with a Technical Leadership mindset. A true leader understands that quality and security are not "extra features," but the foundation of a high-performance culture.

By anticipating these pillars and architecting for scalability from day one, I am exercising the strategic vision required to lead complex initiatives.

Ultimately, tech leadership is about reducing uncertainty and ensuring the architecture supports business goals—and that is exactly the maturity I intend to bring to the classroom and the industry.

Time to code and lead! 🚀

24/11/2025

Acabei de finalizar e entregar o meu MVP para a disciplina de Desenvolvimento Full Stack, para a Minha PosGraduação em Engenharia de Software na PUC RJ! 🎫💻

O desafio não era apenas "fazer funcionar", mas sim construir um Sistema de Gestão de Tickets (TicketMan) respeitando premissas arquiteturais rigorosas: uma API RESTful Stateless no backend e uma Single Page Application (SPA) no frontend, feita inteiramente com Vanilla JavaScript, HTML e CSS, sem o uso de frameworks como React ou Vue.

Foi uma jornada intensa de debugging e engenharia de software.

Comecei estruturando o backend em Python com Flask e SQLAlchemy, mas o verdadeiro aprendizado veio nos detalhes:

✅ Arquitetura SOLID: Separei rigidamente o código em Controllers, Services e Models para garantir a responsabilidade única e a escalabilidade.
✅ Segurança Real: Implementei autenticação via JWT (JSON Web Tokens), garantindo uma API totalmente Stateless.
✅ Serialização: Superei os desafios de comunicação entre o ORM e o JSON utilizando Marshmallow, garantindo integridade de dados e documentação automática com Swagger.
✅ Frontend "Raiz": Construí um quadro Kanban com funcionalidade Drag-and-Drop e consumo de API usando apenas JS puro, rodando diretamente do navegador.

Além dos requisitos, foquei na qualidade: padronização de respostas HTTP, logs de auditoria em banco de dados e um script SQL puro para demonstrar domínio do esquema relacional.

O resultado é um sistema robusto, seguro e organizado. F**a aqui o meu agradecimento aos meus professores e orientadores, não sei qual será a nota, mas de longe o aprendizado foi incalculable.

Endereço

Rio De Janeiro, RJ

Site

Notificações

Seja o primeiro recebendo as novidades e nos deixe lhe enviar um e-mail quando Cyber Bison posta notícias e promoções. Seu endereço de e-mail não será usado com qualquer outro objetivo, e pode cancelar a inscrição em qualquer momento.

Atalhos

Compartilhar

Categoria