AES, also known as the Advanced Encryption Standard, is one of the fundamental building blocks of today’s secure communications. Let’s take a peek inside and see how it works.
Introducing the Labs
Wednesday, Jan 30, 2019 by Daniel Szpisjak
Optimal learning happens when theory meets practice. The Securitydrops Labs is designed to give you a training ground to practice your hands-on skills. It gives you a highly configurable web application, where you can play around in a sandbox.
Hey, I am Daniel from
Your time as a Software Engineer is valuable. I get it and respect it. This blog is designed to contain small, easily consumable drops of security knowledge essential for You.
The ends of encryption
Tuesday, Sep 4, 2018 by Daniel Szpisjak
End-to-end encryption means data is encrypted at the sender and only the final recipient can decrypt it. True end-to-end encryption has excellent privacy and security benefits. However, it also has a cost. As a developer, it is a great pattern to utilize to shield data from 3rd parties.
The Web API Authentication guide
Friday, Jun 22, 2018 by Daniel Szpisjak
As a web developer, you have various choices regarding API authentication. This guide aims to provide you with a high-level overview of the six most used schemes. Inside, you will find a cheatsheet to help you choose.
The Web API Authentication guide, TLS Client Certificates
Wednesday, Apr 25, 2018 by Daniel Szpisjak
TLS mutual authentication doubles down on HTTPS. Using this scheme your clients' identity is proved by presenting certificates and proving ownership of a private key. This is a very potent tool and also a tradeoff.