Secure Development Is Dead, Long Live Secure Development
The essay I wrote for De Programmatica Ipsum magazine about secure software development and the mindset gap between the world of product makers and the world of security people.
Content related to software architecture
Encryption without magic, risk management without pain
In-depth technical inquiry about application-level encryption. How crypto helps to narrow down significant risks to controlled attack surfaces, enables managing the risk efficiently and elegantly, how tools and algorithms sit in a broader context of managing infrastructure-wide risks associated with handling sensitive data.