Blog
Long-form on backup independence for Postgres — restore evidence, audit chains, and recoverability you can prove.
- self-hosting postgres backups after pgBackRest — what people are actually reaching for
pgBackRest got archived in april. the honest answer to "what now" depends on a question most posts skip — are you self-hosting postgres, or renting it?
- neon instant restore is excellent — and still not a backup strategy
the better a provider's recovery feature is, the easier it is to mistake it for a backup. neon instant restore is a great example of exactly that trap.
- supabase point-in-time recovery vs an off-supabase backup — a decision tree
supabase pitr is excellent at one job and quietly wrong for another. here is how to tell which one you are actually trying to solve.
- what pg_dump proves to your soc 2 auditor — and what it does not
a pg_dump in a cron job produces bytes, not evidence. here's the gap between "we have backups" and what a type II auditor actually asks for — and how to close it.
- backup independence — who owns your bytes when your provider has a bad day
backup has two meanings, and your provider only sells you one — the difference shows up the day you need a copy it cannot reach.
- why walwarden exists
soc 2 doesn't ask whether you have backups — it asks whether you can prove a restore. most teams can't. that gap is why walwarden exists.