Posts in

All tags

Inside a crypto black-​box

AES, also known as the Advanced Encryption Standard, is one of the fundamental building blocks of today’s secure communications. Let’s take a peek inside and see how it works.

The ends of encryption

End-to-end encryption means data is encrypted at the sender and only the final recipient can decrypt it. True end-to-end encryption has excellent privacy and security benefits. However, it also has a cost. As a developer, it is a great pattern to utilize to shield data from 3rd parties.

Data Integrity Primer

Data integrity is rarely talked about, even though it comprises the basis of many data flows a modern web application has to deal with. From a security perspective, integrity deals with protecting data from being modified (by unauthorized parties). There are various techniques to ensure integrity. I will guide you through the options, using real world examples. Once you finish, you will know more about this than most of the industry.

States of data

Probably the most valuable thing you need to protect is data. You may own this data, or you may just be the custodian. It might be sensitive such as PII and credentials or just metadata you collected and organized. No matter its type and content when you think about its security here is what you need to keep in mind. Data is kind of like water. Water is essential for life just as data is critical to the business.