Optimal learning happens when theory meets practice. The Securitydrops Labs is designed to give you a training ground to practice your hands-on skills. It gives you a highly configurable web application, where you can play around in a sandbox.
Posts by Daniel Szpisjak
Lifelong learner. A security engineer with a strong development background. My goal is to bring security closer to developers in the form of trainings, workshops and Security Drops!
End-to-end encryption means data is encrypted at the sender and only the final recipient can decrypt it. True end-to-end encryption has excellent privacy and security benefits. However, it also has a cost. As a developer, it is a great pattern to utilize to shield data from 3rd parties.
As a web developer, you have various choices regarding API authentication. This guide aims to provide you with a high-level overview of the six most used schemes. Inside, you will find a cheatsheet to help you choose.
TLS mutual authentication doubles down on HTTPS. Using this scheme your clients' identity is proved by presenting certificates and proving ownership of a private key. This is a very potent tool and also a tradeoff.
The Glossary describes common security jargon, phrases, abbreviations , and concepts succinctly and in a way that makes sense to you.