The Stack Overflow Podcast Off with your CMS’s head! Composability and security in headless CMS
Sep 19, 2025
Sebastian Gierlinger, VP of Engineering at Storyblok, brings his wealth of experience in web development and headless CMS to the table. He dives into the differences between headless and traditional CMS, explaining the benefits of decoupling content from rendering. The conversation highlights security tradeoffs in composable architectures, emphasizing how to mitigate risks while using prototypes. Sebastian also shares insights on building effective teams and APIs, ensuring smooth migration and collaboration in the ever-evolving software landscape.
AI Snips
Chapters
Transcript
Episode notes
Hide CMS Behind A Proxy
- Avoid exposing your CMS directly to public visitors if security matters.
- Use a proxy or similar layer so visitors only see the proxy, not the backend CMS.
Pre-Render To Reduce Risk And Scale
- Pre-render static pages or components to reduce backend exposure and improve availability.
- Choose static generation for heavy traffic and reserve dynamic rendering for only necessary parts.
Fashion Brands Parallelize With Headless CMS
- Fashion brands used a headless CMS to populate content while mobile apps were still in development.
- Editors previewed content via simple web pages so teams worked in parallel and shipped faster.