A guide to software engineers in the field of IT security

Hey, I am Daniel and my mission is to guide software engineers, like you, in the field of IT security. Think of me as a good friend, who has been here for a while and knows the clever little tricks you need to stay out of trouble. Security used to be a hobby of mine; now it is my passion, my craft. This blog is the collection of my thoughts and notes about IT security. What makes it unique, is its format. It is designed for you. It contains easily consumable bits of knowledge, organized and presented effectively.

Before we get to it, let me jump back a bit and share the reason for starting this blog.

Being an engineer is no easy task. It wasn’t easy in the medieval ages when they worked on all kinds of tools ranging from war accessories to household items. And it certainly is not trivial now, when engineers create software that runs our world.

Mastery requires the right mix of expertise, responsibility, experience and wisdom. Most importantly, though, it needs an open mind, one that thrives on learning. An engineer may never stop improving.

I am an engineer. I have the passion, the skills, and, most importantly, the inner drive to improve. Here is my story: I went to school, learned the “art” and quickly realized how much I don’t know. Then I started working with other engineers, learning new skills, agile principles, TDD, Clean Code, CI/CD, micro-services, dev-ops, etc. I was impressed by the sheer quality and profoundness of these techniques and ideas. I could not help thinking that security was missing the party. I set out to change that!

This was when my journey began…

All right, I found my passion, but what’s in it for you? Why should you learn about security?

Besides the obvious “why not?”, consider the following: there hasn’t been a week lately without a major security incident being featured in spotlight. Some data, our data, is being stolen, misused, tainted, sold on the dark web as you are reading this. All due to insecure software that is eating our world.

Okay, sh*t happens, what’s your point? — you may wonder.

Firstly, if sh*t happens regularly, it means something is not right! Secondly, however hard you try, you cannot avoid stepping on the field of IT security, especially, if you are on the road to mastery. And yet being comfortable with the matter makes you a hell of a lot more valuable to your team and your organization. During your career, you will inevitably have to deal with security-related problems and you better be prepared!

To sum it up: learning about security as a software engineer is a smart career move!

Now, would you rather wander the endless fields of IT security by yourself tilting at windmills? Or have a friend along who knows the way pretty well?
Good, now pack up your skills, we are moving out soon…