Understanding Jamstack Security

Over the past few years, Jamstack (previously stylized as JAMStack) has emerged as a new architectural paradigm for delivering websites and web-based applications with the promise of improved performance, scalability, and security over the traditional server-driven approach to web development.

In the server-driven model, even the simplest website requires a web server such as Apache or Nginx to deliver its content, a database such as MYSQL to store and retrieve its data, and often an application layer or content management system (CMS) to create and manage that content.

By contrast, the simplest Jamstack site consists only of static files delivered directly to a user’s browser.

What is Jamstack?

The JAM in Jamstack stands for JavaScript, APIs, and markup—the three critical layers in the Jamstack architecture.

The markup layer replaces a traditional web application’s CMS and database-stored content with a static site generator (SSG). SSGs are tools that combine Markdown files with templates to output static HTML files through an automated build process. These files can then be served to a user’s browser using a content delivery network (CDN) provided by a Jamstack hosting service, such as Netlify or Vercel. Some SSGs also incorporate “headless” CMS systems, which allow non-technical users to create and manage content using a web UI decoupled from the deployed static files it builds.

Many free and open-source SSGs are available and written in various programming languages, each with an ecosystem of plugins, extensions, and customization capabilities for web developers to

Read more

Explore the site

More from the blog

Latest News